-
Notifications
You must be signed in to change notification settings - Fork 402
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gov authorization propagation for sub-messages #1482
Conversation
@@ -54,7 +54,10 @@ func NewKeeper( | |||
gasRegister: NewDefaultWasmGasRegister(), | |||
maxQueryStackSize: types.DefaultMaxQueryStackSize, | |||
acceptedAccountTypes: defaultAcceptedAccountTypes, | |||
authority: authority, | |||
propagateGovAuthorization: map[types.AuthorizationPolicyAction]struct{}{ | |||
types.AuthZActionInstantiate: {}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Setting the default: sub-message propagation only for instantiate
@@ -161,6 +161,20 @@ func WithAcceptedAccountTypesOnContractInstantiation(accts ...authtypes.AccountI | |||
}) | |||
} | |||
|
|||
// WitGovSubMsgAuthZPropagated overwrites the default gov authorization policy for sub-messages | |||
func WitGovSubMsgAuthZPropagated(entries ...types.AuthorizationPolicyAction) Option { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Constructor option to modify defaults
return GovAuthorizationPolicy{} | ||
return newGovAuthorizationPolicy(m.keeper.propagateGovAuthorization) | ||
} | ||
if policy, ok := types.SubMsgAuthzPolicy(ctx); ok { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reads policy from context when set
@@ -356,6 +350,7 @@ func (k Keeper) instantiate( | |||
sdk.NewAttribute(types.AttributeKeyCodeID, strconv.FormatUint(codeID, 10)), | |||
)) | |||
|
|||
ctx = types.WithSubMsgAuthzPolicy(ctx, authPolicy.SubMessageAuthorizationPolicy(types.AuthZActionInstantiate)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pass sub-message policy with context
Codecov Report
@@ Coverage Diff @@
## main #1482 +/- ##
==========================================
+ Coverage 57.86% 57.98% +0.11%
==========================================
Files 63 64 +1
Lines 8344 8401 +57
==========================================
+ Hits 4828 4871 +43
- Misses 3112 3126 +14
Partials 404 404
|
@@ -550,3 +557,157 @@ func TestDispatchSubMsgConditionalReplyOn(t *testing.T) { | |||
}) | |||
} | |||
} | |||
|
|||
func TestInstantiateGovSubMsgAuthzPropagated(t *testing.T) { | |||
mockWasmVM := &wasmtesting.MockWasmer{} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very nice tests!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work 🥇 LGTM 👍
Resolves #1207
I have focused on instantiate and migrate to propagate to sub-messages.
Instantiate
is enabled by default as this comes with low risk compared to propagatingmigrate
gov permissions.This can be enabled/ disabled via the
WitGovSubMsgAuthZPropagated
option in the app setup.The
sudo
call though does not include gov permission propagation for security reasons. It can be enabled for native Go calls by passing anAutorizationPolicy
with thesdk.Context
. I have addedWithSubMsgAuthzPolicy
to support this.