Ref #123: Testing, fixing, 1 behavior change

The behavior change is that I am forbidding changing a permission_object's parent until we come up with a safe way to support it. The issue is that it's possible to create loops by creating an object A with an existing parent B, then setting B's parent to A. The obvious solution is to ensure with every parent change that there is a path back to the owner authority by following parents, but to do this we need a tree depth limit. I haven't explored the implications of that, so I'm just disabling parent changes for the time being. The user can simply delete the old subtree and create a new one if he wants to move a subtree from one parent to another.
EOSIO · Aug 3, 2017 · c59eb0e · c59eb0e
1 parent face21b
commit c59eb0e
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 4 deletions.
diff --git a/libraries/chain/chain_controller.cpp b/libraries/chain/chain_controller.cpp
@@ -555,7 +555,7 @@ void chain_controller::validate_uniqueness( const SignedTransaction& trx )const
    if( !should_check_for_duplicate_transactions() ) return;
 
    auto transaction = _db.find<transaction_object, by_trx_id>(trx.id());
-   EOS_ASSERT(transaction == nullptr, transaction_exception, "Transaction is not unique");
+   EOS_ASSERT(transaction == nullptr, tx_duplicate, "Transaction is not unique");
 }
 
 void chain_controller::validate_tapos(const SignedTransaction& trx)const {

diff --git a/libraries/chain/include/eos/chain/exceptions.hpp b/libraries/chain/include/eos/chain/exceptions.hpp
@@ -52,6 +52,7 @@ namespace eos { namespace chain {
    FC_DECLARE_DERIVED_EXCEPTION( tx_missing_scope,                  eos::chain::transaction_exception, 3030008, "missing required scope" )
    FC_DECLARE_DERIVED_EXCEPTION( tx_missing_recipient,              eos::chain::transaction_exception, 3030009, "missing required recipient" )
    FC_DECLARE_DERIVED_EXCEPTION( checktime_exceeded,                eos::chain::transaction_exception, 3030010, "allotted processing time was exceeded" )
+   FC_DECLARE_DERIVED_EXCEPTION( tx_duplicate,                      eos::chain::transaction_exception, 3030011, "duplicate transaction" )
 
    FC_DECLARE_DERIVED_EXCEPTION( invalid_pts_address,               eos::chain::utility_exception, 3060001, "invalid pts address" )
    FC_DECLARE_DERIVED_EXCEPTION( insufficient_feeds,                eos::chain::chain_exception, 37006, "insufficient feeds" )

diff --git a/libraries/native_contract/eos_contract.cpp b/libraries/native_contract/eos_contract.cpp
@@ -377,15 +377,17 @@ void apply_eos_updateauth(apply_context& context) {
    context.require_authorization(update.account);
 
    db.get<account_object, by_name>(update.account);
-   auto& parent = db.get<permission_object, by_owner>(boost::make_tuple(update.account, update.parent));
    for (auto accountPermission : update.authority.accounts) {
       db.get<account_object, by_name>(accountPermission.permission.account);
       db.get<permission_object, by_owner>(boost::make_tuple(accountPermission.permission.account,
                                                             accountPermission.permission.permission));
    }
 
-   const auto& permission = db.find<permission_object, by_owner>(boost::make_tuple(update.account, update.permission));
+   auto permission = db.find<permission_object, by_owner>(boost::make_tuple(update.account, update.permission));
+   auto& parent = db.get<permission_object, by_owner>(boost::make_tuple(update.account, update.parent));
    if (permission) {
+      EOS_ASSERT(parent.id == permission->parent, message_precondition_exception,
+                 "Changing parent authority is not currently supported");
       db.modify(*permission, [&update, parent = parent.id](permission_object& po) {
          po.auth = update.authority;
          po.parent = parent;

diff --git a/tests/tests/native_contract_tests.cpp b/tests/tests/native_contract_tests.cpp
@@ -390,12 +390,26 @@ BOOST_FIXTURE_TEST_CASE(auth_tests, testing_fixture) {
    Make_Account(chain, alice);
    chain.produce_blocks();
 
+   BOOST_CHECK_THROW(Delete_Authority(chain, alice, "active"), message_validate_exception);
+   BOOST_CHECK_THROW(Delete_Authority(chain, alice, "owner"), message_validate_exception);
+
    Make_Key(k1);
    Set_Authority(chain, alice, "spending", "active", Key_Authority(k1_public_key));
    BOOST_CHECK_THROW(Set_Authority(chain, alice, "spending", "spending", Key_Authority(k1_public_key)),
                      message_validate_exception);
-   Set_Authority(chain, alice, "spending", "owner", Key_Authority(k1_public_key));
+   BOOST_CHECK_THROW(Set_Authority(chain, alice, "spending", "owner", Key_Authority(k1_public_key)),
+                     message_precondition_exception);
+   Delete_Authority(chain, alice, "spending");
+
+   chain.produce_blocks();
+
+   Set_Authority(chain, alice, "trading", "active", Key_Authority(k1_public_key));
+   Set_Authority(chain, alice, "spending", "trading", Key_Authority(k1_public_key));
+   BOOST_CHECK_THROW(Delete_Authority(chain, alice, "trading"), message_precondition_exception);
+   BOOST_CHECK_THROW(Set_Authority(chain, alice, "trading", "spending", Key_Authority(k1_public_key)),
+                     message_precondition_exception);
    Delete_Authority(chain, alice, "spending");
+   Delete_Authority(chain, alice, "trading");
 } FC_LOG_AND_RETHROW() }
 
 BOOST_AUTO_TEST_SUITE_END()