Merge pull request #2030 from nspcc-dev/fix-manifest

Fix bugs in manifest permissions
This commit is contained in:
Roman Khimov 2021-06-30 11:12:02 +03:00 committed by GitHub
commit cf12d00b24
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 7 deletions

View file

@ -5,6 +5,7 @@ import (
"math/big" "math/big"
"testing" "testing"
"github.com/nspcc-dev/neo-go/internal/random"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/nspcc-dev/neo-go/pkg/smartcontract" "github.com/nspcc-dev/neo-go/pkg/smartcontract"
"github.com/nspcc-dev/neo-go/pkg/util" "github.com/nspcc-dev/neo-go/pkg/util"
@ -69,8 +70,16 @@ func TestPermission_IsAllowed(t *testing.T) {
manifest := DefaultManifest("Test") manifest := DefaultManifest("Test")
t.Run("wildcard", func(t *testing.T) { t.Run("wildcard", func(t *testing.T) {
h := random.Uint160()
perm := NewPermission(PermissionWildcard) perm := NewPermission(PermissionWildcard)
require.True(t, perm.IsAllowed(util.Uint160{}, manifest, "AAA")) require.True(t, perm.IsAllowed(h, manifest, "AAA"))
perm.Methods.Restrict()
require.False(t, perm.IsAllowed(h, manifest, "AAA"))
perm.Methods.Add("AAA")
require.True(t, perm.IsAllowed(h, manifest, "AAA"))
}) })
t.Run("hash", func(t *testing.T) { t.Run("hash", func(t *testing.T) {
@ -97,13 +106,16 @@ func TestPermission_IsAllowed(t *testing.T) {
t.Run("group", func(t *testing.T) { t.Run("group", func(t *testing.T) {
perm := NewPermission(PermissionGroup, priv.PublicKey()) perm := NewPermission(PermissionGroup, priv.PublicKey())
require.True(t, perm.IsAllowed(util.Uint160{}, manifest, "AAA")) require.True(t, perm.IsAllowed(util.Uint160{}, manifest, "AAA"))
})
t.Run("invalid group", func(t *testing.T) {
priv2, err := keys.NewPrivateKey() priv2, err := keys.NewPrivateKey()
require.NoError(t, err) require.NoError(t, err)
perm := NewPermission(PermissionGroup, priv2.PublicKey())
perm = NewPermission(PermissionGroup, priv2.PublicKey())
require.False(t, perm.IsAllowed(util.Uint160{}, manifest, "AAA")) require.False(t, perm.IsAllowed(util.Uint160{}, manifest, "AAA"))
manifest.Groups = append(manifest.Groups, Group{PublicKey: priv2.PublicKey()})
perm = NewPermission(PermissionGroup, priv2.PublicKey())
require.True(t, perm.IsAllowed(util.Uint160{}, manifest, "AAA"))
}) })
} }

View file

@ -162,18 +162,22 @@ func (ps Permissions) AreValid() error {
func (p *Permission) IsAllowed(hash util.Uint160, m *Manifest, method string) bool { func (p *Permission) IsAllowed(hash util.Uint160, m *Manifest, method string) bool {
switch p.Contract.Type { switch p.Contract.Type {
case PermissionWildcard: case PermissionWildcard:
return true
case PermissionHash: case PermissionHash:
if !p.Contract.Hash().Equals(hash) { if !p.Contract.Hash().Equals(hash) {
return false return false
} }
case PermissionGroup: case PermissionGroup:
has := false
g := p.Contract.Group() g := p.Contract.Group()
for i := range m.Groups { for i := range m.Groups {
if !g.Equal(m.Groups[i].PublicKey) { if g.Equal(m.Groups[i].PublicKey) {
return false has = true
break
} }
} }
if !has {
return false
}
default: default:
panic(fmt.Sprintf("unexpected permission: %d", p.Contract.Type)) panic(fmt.Sprintf("unexpected permission: %d", p.Contract.Type))
} }