From 9e536388fbe9d6a63bdad9e20cae632a3cbb0a75 Mon Sep 17 00:00:00 2001 From: atheeshp <59333759+atheeshp@users.noreply.github.com> Date: Fri, 18 Mar 2022 00:58:11 +0530 Subject: [PATCH] fix: authz with denylist (#11403) ## Description Closes: #11391 --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable) --- x/staking/types/authz.go | 2 +- x/staking/types/authz_test.go | 15 ++++++++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/x/staking/types/authz.go b/x/staking/types/authz.go index f1c2a71706..45ce23089a 100644 --- a/x/staking/types/authz.go +++ b/x/staking/types/authz.go @@ -94,7 +94,7 @@ func (a StakeAuthorization) Accept(ctx sdk.Context, msg sdk.Msg) (authz.AcceptRe } } - if !isValidatorExists { + if len(allowedList) > 0 && !isValidatorExists { return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrapf("cannot delegate/undelegate to %s validator", validatorAddress) } diff --git a/x/staking/types/authz_test.go b/x/staking/types/authz_test.go index d1d740e171..fd7f17d63e 100644 --- a/x/staking/types/authz_test.go +++ b/x/staking/types/authz_test.go @@ -120,7 +120,20 @@ func TestAuthzAuthorizations(t *testing.T) { false, nil, }, - + { + "delegate: testing with a validator out of denylist", + []sdk.ValAddress{}, + []sdk.ValAddress{val1}, + stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE, + nil, + stakingtypes.NewMsgDelegate(delAddr, val2, coin100), + false, + false, + &stakingtypes.StakeAuthorization{ + Validators: &stakingtypes.StakeAuthorization_DenyList{ + DenyList: &stakingtypes.StakeAuthorization_Validators{Address: []string{val1.String()}}, + }, MaxTokens: nil, AuthorizationType: stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE}, + }, { "undelegate: expect 0 remaining coins", []sdk.ValAddress{val1, val2},