161 lines
4.4 KiB
Go
161 lines
4.4 KiB
Go
package keeper
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"strings"
|
|
|
|
errorsmod "cosmossdk.io/errors"
|
|
"cosmossdk.io/x/authz"
|
|
|
|
sdk "github.com/cosmos/cosmos-sdk/types"
|
|
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
|
|
)
|
|
|
|
var _ authz.MsgServer = Keeper{}
|
|
|
|
// Grant implements the MsgServer.Grant method to create a new grant.
|
|
func (k Keeper) Grant(ctx context.Context, msg *authz.MsgGrant) (*authz.MsgGrantResponse, error) {
|
|
if strings.EqualFold(msg.Grantee, msg.Granter) {
|
|
return nil, authz.ErrGranteeIsGranter
|
|
}
|
|
|
|
grantee, err := k.authKeeper.AddressCodec().StringToBytes(msg.Grantee)
|
|
if err != nil {
|
|
return nil, sdkerrors.ErrInvalidAddress.Wrapf("invalid grantee address: %s", err)
|
|
}
|
|
|
|
granter, err := k.authKeeper.AddressCodec().StringToBytes(msg.Granter)
|
|
if err != nil {
|
|
return nil, sdkerrors.ErrInvalidAddress.Wrapf("invalid granter address: %s", err)
|
|
}
|
|
|
|
if err := msg.Grant.ValidateBasic(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
authorization, err := msg.GetAuthorization()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
t := authorization.MsgTypeURL()
|
|
if err := k.MsgRouterService.CanInvoke(ctx, t); err != nil {
|
|
return nil, sdkerrors.ErrInvalidType.Wrapf("%s doesn't exist", t)
|
|
}
|
|
|
|
// Disable granting other accounts with grant permission.
|
|
// Preventing user from accidentally authorizing their entire account to a different account.
|
|
if t == sdk.MsgTypeURL(&authz.MsgGrant{}) {
|
|
return nil, sdkerrors.ErrInvalidType.Wrap("authz msgGrant is not allowed")
|
|
}
|
|
|
|
err = k.SaveGrant(ctx, grantee, granter, authorization, msg.Grant.Expiration)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &authz.MsgGrantResponse{}, nil
|
|
}
|
|
|
|
// Revoke implements the MsgServer.Revoke method.
|
|
func (k Keeper) Revoke(ctx context.Context, msg *authz.MsgRevoke) (*authz.MsgRevokeResponse, error) {
|
|
if strings.EqualFold(msg.Grantee, msg.Granter) {
|
|
return nil, authz.ErrGranteeIsGranter
|
|
}
|
|
|
|
grantee, err := k.authKeeper.AddressCodec().StringToBytes(msg.Grantee)
|
|
if err != nil {
|
|
return nil, sdkerrors.ErrInvalidAddress.Wrapf("invalid grantee address: %s", err)
|
|
}
|
|
|
|
granter, err := k.authKeeper.AddressCodec().StringToBytes(msg.Granter)
|
|
if err != nil {
|
|
return nil, sdkerrors.ErrInvalidAddress.Wrapf("invalid granter address: %s", err)
|
|
}
|
|
|
|
if msg.MsgTypeUrl == "" {
|
|
return nil, sdkerrors.ErrInvalidRequest.Wrap("missing msg method name")
|
|
}
|
|
|
|
if err = k.DeleteGrant(ctx, grantee, granter, msg.MsgTypeUrl); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &authz.MsgRevokeResponse{}, nil
|
|
}
|
|
|
|
// RevokeAll implements the MsgServer.RevokeAll method.
|
|
func (k Keeper) RevokeAll(ctx context.Context, msg *authz.MsgRevokeAll) (*authz.MsgRevokeAllResponse, error) {
|
|
granter, err := k.authKeeper.AddressCodec().StringToBytes(msg.Granter)
|
|
if err != nil {
|
|
return nil, sdkerrors.ErrInvalidAddress.Wrapf("invalid granter address: %s", err)
|
|
}
|
|
|
|
if err := k.DeleteAllGrants(ctx, granter); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &authz.MsgRevokeAllResponse{}, nil
|
|
}
|
|
|
|
// Exec implements the MsgServer.Exec method.
|
|
func (k Keeper) Exec(ctx context.Context, msg *authz.MsgExec) (*authz.MsgExecResponse, error) {
|
|
if msg.Grantee == "" {
|
|
return nil, errors.New("empty address string is not allowed")
|
|
}
|
|
|
|
grantee, err := k.authKeeper.AddressCodec().StringToBytes(msg.Grantee)
|
|
if err != nil {
|
|
return nil, sdkerrors.ErrInvalidAddress.Wrapf("invalid grantee address: %s", err)
|
|
}
|
|
|
|
if len(msg.Msgs) == 0 {
|
|
return nil, sdkerrors.ErrInvalidRequest.Wrapf("messages cannot be empty")
|
|
}
|
|
|
|
msgs, err := msg.GetMessages()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := validateMsgs(msgs); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
results, err := k.DispatchActions(ctx, grantee, msgs)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &authz.MsgExecResponse{Results: results}, nil
|
|
}
|
|
|
|
func (k Keeper) PruneExpiredGrants(ctx context.Context, msg *authz.MsgPruneExpiredGrants) (*authz.MsgPruneExpiredGrantsResponse, error) {
|
|
// 75 is an arbitrary value, we can change it later if needed
|
|
if err := k.DequeueAndDeleteExpiredGrants(ctx, 75); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err := k.EventService.EventManager(ctx).Emit(&authz.EventPruneExpiredGrants{Pruner: msg.Pruner}); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &authz.MsgPruneExpiredGrantsResponse{}, nil
|
|
}
|
|
|
|
func validateMsgs(msgs []sdk.Msg) error {
|
|
for i, msg := range msgs {
|
|
m, ok := msg.(sdk.HasValidateBasic)
|
|
if !ok {
|
|
continue
|
|
}
|
|
|
|
if err := m.ValidateBasic(); err != nil {
|
|
return errorsmod.Wrapf(err, "msg %d", i)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|