diff --git a/CHANGELOG.md b/CHANGELOG.md index 3d70f1886f28..96ed0176a27e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -63,6 +63,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * [\#10407](https://github.com/cosmos/cosmos-sdk/pull/10407) Add validation to `x/upgrade` module's `BeginBlock` to check accidental binary downgrades * (gov) [\#11036](https://github.com/cosmos/cosmos-sdk/pull/11036) Add in-place migrations for 0.43->0.46. Add a `migrate v0.46` CLI command for v0.43->0.46 JSON genesis migration. * [\#11006](https://github.com/cosmos/cosmos-sdk/pull/11006) Add `debug pubkey-raw` command to allow inspecting of pubkeys in legacy bech32 format +* (x/authz) [\#10714](https://github.com/cosmos/cosmos-sdk/pull/10714) Add support for pruning expired authorizations ### API Breaking Changes @@ -197,6 +198,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * [\#10990](https://github.com/cosmos/cosmos-sdk/pull/10990) Fixes missing `iavl-cache-size` config parsing in `GetConfig` method. * (crypto) [#11027] Remove dependency on Tendermint core for xsalsa20symmetric. * (x/authz) [\#10447](https://github.com/cosmos/cosmos-sdk/pull/10447) Fix authz `NewGrant` expiration check. +* (x/authz) [\#10633](https://github.com/cosmos/cosmos-sdk/pull/10633) Fixed authorization not found error when executing message. ### State Machine Breaking diff --git a/api/cosmos/authz/v1beta1/authz.pulsar.go b/api/cosmos/authz/v1beta1/authz.pulsar.go index d7e6ca236f9c..eb75eff56b78 100644 --- a/api/cosmos/authz/v1beta1/authz.pulsar.go +++ b/api/cosmos/authz/v1beta1/authz.pulsar.go @@ -1592,6 +1592,486 @@ func (x *fastReflection_GrantAuthorization) ProtoMethods() *protoiface.Methods { } } +var _ protoreflect.List = (*_GrantQueueItem_1_list)(nil) + +type _GrantQueueItem_1_list struct { + list *[]string +} + +func (x *_GrantQueueItem_1_list) Len() int { + if x.list == nil { + return 0 + } + return len(*x.list) +} + +func (x *_GrantQueueItem_1_list) Get(i int) protoreflect.Value { + return protoreflect.ValueOfString((*x.list)[i]) +} + +func (x *_GrantQueueItem_1_list) Set(i int, value protoreflect.Value) { + valueUnwrapped := value.String() + concreteValue := valueUnwrapped + (*x.list)[i] = concreteValue +} + +func (x *_GrantQueueItem_1_list) Append(value protoreflect.Value) { + valueUnwrapped := value.String() + concreteValue := valueUnwrapped + *x.list = append(*x.list, concreteValue) +} + +func (x *_GrantQueueItem_1_list) AppendMutable() protoreflect.Value { + panic(fmt.Errorf("AppendMutable can not be called on message GrantQueueItem at list field MsgTypeUrls as it is not of Message kind")) +} + +func (x *_GrantQueueItem_1_list) Truncate(n int) { + *x.list = (*x.list)[:n] +} + +func (x *_GrantQueueItem_1_list) NewElement() protoreflect.Value { + v := "" + return protoreflect.ValueOfString(v) +} + +func (x *_GrantQueueItem_1_list) IsValid() bool { + return x.list != nil +} + +var ( + md_GrantQueueItem protoreflect.MessageDescriptor + fd_GrantQueueItem_msg_type_urls protoreflect.FieldDescriptor +) + +func init() { + file_cosmos_authz_v1beta1_authz_proto_init() + md_GrantQueueItem = File_cosmos_authz_v1beta1_authz_proto.Messages().ByName("GrantQueueItem") + fd_GrantQueueItem_msg_type_urls = md_GrantQueueItem.Fields().ByName("msg_type_urls") +} + +var _ protoreflect.Message = (*fastReflection_GrantQueueItem)(nil) + +type fastReflection_GrantQueueItem GrantQueueItem + +func (x *GrantQueueItem) ProtoReflect() protoreflect.Message { + return (*fastReflection_GrantQueueItem)(x) +} + +func (x *GrantQueueItem) slowProtoReflect() protoreflect.Message { + mi := &file_cosmos_authz_v1beta1_authz_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +var _fastReflection_GrantQueueItem_messageType fastReflection_GrantQueueItem_messageType +var _ protoreflect.MessageType = fastReflection_GrantQueueItem_messageType{} + +type fastReflection_GrantQueueItem_messageType struct{} + +func (x fastReflection_GrantQueueItem_messageType) Zero() protoreflect.Message { + return (*fastReflection_GrantQueueItem)(nil) +} +func (x fastReflection_GrantQueueItem_messageType) New() protoreflect.Message { + return new(fastReflection_GrantQueueItem) +} +func (x fastReflection_GrantQueueItem_messageType) Descriptor() protoreflect.MessageDescriptor { + return md_GrantQueueItem +} + +// Descriptor returns message descriptor, which contains only the protobuf +// type information for the message. +func (x *fastReflection_GrantQueueItem) Descriptor() protoreflect.MessageDescriptor { + return md_GrantQueueItem +} + +// Type returns the message type, which encapsulates both Go and protobuf +// type information. If the Go type information is not needed, +// it is recommended that the message descriptor be used instead. +func (x *fastReflection_GrantQueueItem) Type() protoreflect.MessageType { + return _fastReflection_GrantQueueItem_messageType +} + +// New returns a newly allocated and mutable empty message. +func (x *fastReflection_GrantQueueItem) New() protoreflect.Message { + return new(fastReflection_GrantQueueItem) +} + +// Interface unwraps the message reflection interface and +// returns the underlying ProtoMessage interface. +func (x *fastReflection_GrantQueueItem) Interface() protoreflect.ProtoMessage { + return (*GrantQueueItem)(x) +} + +// Range iterates over every populated field in an undefined order, +// calling f for each field descriptor and value encountered. +// Range returns immediately if f returns false. +// While iterating, mutating operations may only be performed +// on the current field descriptor. +func (x *fastReflection_GrantQueueItem) Range(f func(protoreflect.FieldDescriptor, protoreflect.Value) bool) { + if len(x.MsgTypeUrls) != 0 { + value := protoreflect.ValueOfList(&_GrantQueueItem_1_list{list: &x.MsgTypeUrls}) + if !f(fd_GrantQueueItem_msg_type_urls, value) { + return + } + } +} + +// Has reports whether a field is populated. +// +// Some fields have the property of nullability where it is possible to +// distinguish between the default value of a field and whether the field +// was explicitly populated with the default value. Singular message fields, +// member fields of a oneof, and proto2 scalar fields are nullable. Such +// fields are populated only if explicitly set. +// +// In other cases (aside from the nullable cases above), +// a proto3 scalar field is populated if it contains a non-zero value, and +// a repeated field is populated if it is non-empty. +func (x *fastReflection_GrantQueueItem) Has(fd protoreflect.FieldDescriptor) bool { + switch fd.FullName() { + case "cosmos.authz.v1beta1.GrantQueueItem.msg_type_urls": + return len(x.MsgTypeUrls) != 0 + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.GrantQueueItem")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.GrantQueueItem does not contain field %s", fd.FullName())) + } +} + +// Clear clears the field such that a subsequent Has call reports false. +// +// Clearing an extension field clears both the extension type and value +// associated with the given field number. +// +// Clear is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_GrantQueueItem) Clear(fd protoreflect.FieldDescriptor) { + switch fd.FullName() { + case "cosmos.authz.v1beta1.GrantQueueItem.msg_type_urls": + x.MsgTypeUrls = nil + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.GrantQueueItem")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.GrantQueueItem does not contain field %s", fd.FullName())) + } +} + +// Get retrieves the value for a field. +// +// For unpopulated scalars, it returns the default value, where +// the default value of a bytes scalar is guaranteed to be a copy. +// For unpopulated composite types, it returns an empty, read-only view +// of the value; to obtain a mutable reference, use Mutable. +func (x *fastReflection_GrantQueueItem) Get(descriptor protoreflect.FieldDescriptor) protoreflect.Value { + switch descriptor.FullName() { + case "cosmos.authz.v1beta1.GrantQueueItem.msg_type_urls": + if len(x.MsgTypeUrls) == 0 { + return protoreflect.ValueOfList(&_GrantQueueItem_1_list{}) + } + listValue := &_GrantQueueItem_1_list{list: &x.MsgTypeUrls} + return protoreflect.ValueOfList(listValue) + default: + if descriptor.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.GrantQueueItem")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.GrantQueueItem does not contain field %s", descriptor.FullName())) + } +} + +// Set stores the value for a field. +// +// For a field belonging to a oneof, it implicitly clears any other field +// that may be currently set within the same oneof. +// For extension fields, it implicitly stores the provided ExtensionType. +// When setting a composite type, it is unspecified whether the stored value +// aliases the source's memory in any way. If the composite value is an +// empty, read-only value, then it panics. +// +// Set is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_GrantQueueItem) Set(fd protoreflect.FieldDescriptor, value protoreflect.Value) { + switch fd.FullName() { + case "cosmos.authz.v1beta1.GrantQueueItem.msg_type_urls": + lv := value.List() + clv := lv.(*_GrantQueueItem_1_list) + x.MsgTypeUrls = *clv.list + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.GrantQueueItem")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.GrantQueueItem does not contain field %s", fd.FullName())) + } +} + +// Mutable returns a mutable reference to a composite type. +// +// If the field is unpopulated, it may allocate a composite value. +// For a field belonging to a oneof, it implicitly clears any other field +// that may be currently set within the same oneof. +// For extension fields, it implicitly stores the provided ExtensionType +// if not already stored. +// It panics if the field does not contain a composite type. +// +// Mutable is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_GrantQueueItem) Mutable(fd protoreflect.FieldDescriptor) protoreflect.Value { + switch fd.FullName() { + case "cosmos.authz.v1beta1.GrantQueueItem.msg_type_urls": + if x.MsgTypeUrls == nil { + x.MsgTypeUrls = []string{} + } + value := &_GrantQueueItem_1_list{list: &x.MsgTypeUrls} + return protoreflect.ValueOfList(value) + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.GrantQueueItem")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.GrantQueueItem does not contain field %s", fd.FullName())) + } +} + +// NewField returns a new value that is assignable to the field +// for the given descriptor. For scalars, this returns the default value. +// For lists, maps, and messages, this returns a new, empty, mutable value. +func (x *fastReflection_GrantQueueItem) NewField(fd protoreflect.FieldDescriptor) protoreflect.Value { + switch fd.FullName() { + case "cosmos.authz.v1beta1.GrantQueueItem.msg_type_urls": + list := []string{} + return protoreflect.ValueOfList(&_GrantQueueItem_1_list{list: &list}) + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.GrantQueueItem")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.GrantQueueItem does not contain field %s", fd.FullName())) + } +} + +// WhichOneof reports which field within the oneof is populated, +// returning nil if none are populated. +// It panics if the oneof descriptor does not belong to this message. +func (x *fastReflection_GrantQueueItem) WhichOneof(d protoreflect.OneofDescriptor) protoreflect.FieldDescriptor { + switch d.FullName() { + default: + panic(fmt.Errorf("%s is not a oneof field in cosmos.authz.v1beta1.GrantQueueItem", d.FullName())) + } + panic("unreachable") +} + +// GetUnknown retrieves the entire list of unknown fields. +// The caller may only mutate the contents of the RawFields +// if the mutated bytes are stored back into the message with SetUnknown. +func (x *fastReflection_GrantQueueItem) GetUnknown() protoreflect.RawFields { + return x.unknownFields +} + +// SetUnknown stores an entire list of unknown fields. +// The raw fields must be syntactically valid according to the wire format. +// An implementation may panic if this is not the case. +// Once stored, the caller must not mutate the content of the RawFields. +// An empty RawFields may be passed to clear the fields. +// +// SetUnknown is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_GrantQueueItem) SetUnknown(fields protoreflect.RawFields) { + x.unknownFields = fields +} + +// IsValid reports whether the message is valid. +// +// An invalid message is an empty, read-only value. +// +// An invalid message often corresponds to a nil pointer of the concrete +// message type, but the details are implementation dependent. +// Validity is not part of the protobuf data model, and may not +// be preserved in marshaling or other operations. +func (x *fastReflection_GrantQueueItem) IsValid() bool { + return x != nil +} + +// ProtoMethods returns optional fastReflectionFeature-path implementations of various operations. +// This method may return nil. +// +// The returned methods type is identical to +// "google.golang.org/protobuf/runtime/protoiface".Methods. +// Consult the protoiface package documentation for details. +func (x *fastReflection_GrantQueueItem) ProtoMethods() *protoiface.Methods { + size := func(input protoiface.SizeInput) protoiface.SizeOutput { + x := input.Message.Interface().(*GrantQueueItem) + if x == nil { + return protoiface.SizeOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Size: 0, + } + } + options := runtime.SizeInputToOptions(input) + _ = options + var n int + var l int + _ = l + if len(x.MsgTypeUrls) > 0 { + for _, s := range x.MsgTypeUrls { + l = len(s) + n += 1 + l + runtime.Sov(uint64(l)) + } + } + if x.unknownFields != nil { + n += len(x.unknownFields) + } + return protoiface.SizeOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Size: n, + } + } + + marshal := func(input protoiface.MarshalInput) (protoiface.MarshalOutput, error) { + x := input.Message.Interface().(*GrantQueueItem) + if x == nil { + return protoiface.MarshalOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Buf: input.Buf, + }, nil + } + options := runtime.MarshalInputToOptions(input) + _ = options + size := options.Size(x) + dAtA := make([]byte, size) + i := len(dAtA) + _ = i + var l int + _ = l + if x.unknownFields != nil { + i -= len(x.unknownFields) + copy(dAtA[i:], x.unknownFields) + } + if len(x.MsgTypeUrls) > 0 { + for iNdEx := len(x.MsgTypeUrls) - 1; iNdEx >= 0; iNdEx-- { + i -= len(x.MsgTypeUrls[iNdEx]) + copy(dAtA[i:], x.MsgTypeUrls[iNdEx]) + i = runtime.EncodeVarint(dAtA, i, uint64(len(x.MsgTypeUrls[iNdEx]))) + i-- + dAtA[i] = 0xa + } + } + if input.Buf != nil { + input.Buf = append(input.Buf, dAtA...) + } else { + input.Buf = dAtA + } + return protoiface.MarshalOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Buf: input.Buf, + }, nil + } + unmarshal := func(input protoiface.UnmarshalInput) (protoiface.UnmarshalOutput, error) { + x := input.Message.Interface().(*GrantQueueItem) + if x == nil { + return protoiface.UnmarshalOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Flags: input.Flags, + }, nil + } + options := runtime.UnmarshalInputToOptions(input) + _ = options + dAtA := input.Buf + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrIntOverflow + } + if iNdEx >= l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: GrantQueueItem: wiretype end group for non-group") + } + if fieldNum <= 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: GrantQueueItem: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: wrong wireType = %d for field MsgTypeUrls", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrIntOverflow + } + if iNdEx >= l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + if postIndex > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + x.MsgTypeUrls = append(x.MsgTypeUrls, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := runtime.Skip(dAtA[iNdEx:]) + if err != nil { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + if (iNdEx + skippy) > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + if !options.DiscardUnknown { + x.unknownFields = append(x.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) + } + iNdEx += skippy + } + } + + if iNdEx > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, nil + } + return &protoiface.Methods{ + NoUnkeyedLiterals: struct{}{}, + Flags: protoiface.SupportMarshalDeterministic | protoiface.SupportUnmarshalDiscardUnknown, + Size: size, + Marshal: marshal, + Unmarshal: unmarshal, + Merge: nil, + CheckInitialized: nil, + } +} + // Since: cosmos-sdk 0.43 // Code generated by protoc-gen-go. DO NOT EDIT. @@ -1751,6 +2231,43 @@ func (x *GrantAuthorization) GetExpiration() *timestamppb.Timestamp { return nil } +// GrantQueueItem contains the list of TypeURL of a sdk.Msg. +type GrantQueueItem struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // msg_type_urls contains the list of TypeURL of a sdk.Msg. + MsgTypeUrls []string `protobuf:"bytes,1,rep,name=msg_type_urls,json=msgTypeUrls,proto3" json:"msg_type_urls,omitempty"` +} + +func (x *GrantQueueItem) Reset() { + *x = GrantQueueItem{} + if protoimpl.UnsafeEnabled { + mi := &file_cosmos_authz_v1beta1_authz_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GrantQueueItem) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GrantQueueItem) ProtoMessage() {} + +// Deprecated: Use GrantQueueItem.ProtoReflect.Descriptor instead. +func (*GrantQueueItem) Descriptor() ([]byte, []int) { + return file_cosmos_authz_v1beta1_authz_proto_rawDescGZIP(), []int{3} +} + +func (x *GrantQueueItem) GetMsgTypeUrls() []string { + if x != nil { + return x.MsgTypeUrls + } + return nil +} + var File_cosmos_authz_v1beta1_authz_proto protoreflect.FileDescriptor var file_cosmos_authz_v1beta1_authz_proto_rawDesc = []byte{ @@ -1795,21 +2312,25 @@ var file_cosmos_authz_v1beta1_authz_proto_rawDesc = []byte{ 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x08, 0xc8, 0xde, 0x1f, 0x00, 0x90, 0xdf, 0x1f, 0x01, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0xe0, 0x01, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x63, 0x6f, - 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, - 0x61, 0x31, 0x42, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, - 0x5a, 0x42, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x73, - 0x6d, 0x6f, 0x73, 0x2f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x61, - 0x70, 0x69, 0x2f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, - 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x76, 0x31, 0x62, - 0x65, 0x74, 0x61, 0x31, 0xa2, 0x02, 0x03, 0x43, 0x41, 0x58, 0xaa, 0x02, 0x14, 0x43, 0x6f, 0x73, - 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, - 0x31, 0xca, 0x02, 0x14, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, - 0x5c, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xe2, 0x02, 0x20, 0x43, 0x6f, 0x73, 0x6d, 0x6f, - 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x5c, - 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x16, 0x43, 0x6f, - 0x73, 0x6d, 0x6f, 0x73, 0x3a, 0x3a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x3a, 0x3a, 0x56, 0x31, 0x62, - 0x65, 0x74, 0x61, 0x31, 0xc8, 0xe1, 0x1e, 0x00, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x34, 0x0a, 0x0e, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x51, 0x75, + 0x65, 0x75, 0x65, 0x49, 0x74, 0x65, 0x6d, 0x12, 0x22, 0x0a, 0x0d, 0x6d, 0x73, 0x67, 0x5f, 0x74, + 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0b, + 0x6d, 0x73, 0x67, 0x54, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x73, 0x42, 0xe0, 0x01, 0x0a, 0x18, + 0x63, 0x6f, 0x6d, 0x2e, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, + 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x42, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x50, + 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x42, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, + 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, + 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2f, + 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x3b, 0x61, 0x75, + 0x74, 0x68, 0x7a, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xa2, 0x02, 0x03, 0x43, 0x41, 0x58, + 0xaa, 0x02, 0x14, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x2e, + 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xca, 0x02, 0x14, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, + 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xe2, 0x02, + 0x20, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, + 0x62, 0x65, 0x74, 0x61, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, + 0x61, 0xea, 0x02, 0x16, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x3a, 0x3a, 0x41, 0x75, 0x74, 0x68, + 0x7a, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xc8, 0xe1, 0x1e, 0x00, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1824,19 +2345,20 @@ func file_cosmos_authz_v1beta1_authz_proto_rawDescGZIP() []byte { return file_cosmos_authz_v1beta1_authz_proto_rawDescData } -var file_cosmos_authz_v1beta1_authz_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_cosmos_authz_v1beta1_authz_proto_msgTypes = make([]protoimpl.MessageInfo, 4) var file_cosmos_authz_v1beta1_authz_proto_goTypes = []interface{}{ (*GenericAuthorization)(nil), // 0: cosmos.authz.v1beta1.GenericAuthorization (*Grant)(nil), // 1: cosmos.authz.v1beta1.Grant (*GrantAuthorization)(nil), // 2: cosmos.authz.v1beta1.GrantAuthorization - (*anypb.Any)(nil), // 3: google.protobuf.Any - (*timestamppb.Timestamp)(nil), // 4: google.protobuf.Timestamp + (*GrantQueueItem)(nil), // 3: cosmos.authz.v1beta1.GrantQueueItem + (*anypb.Any)(nil), // 4: google.protobuf.Any + (*timestamppb.Timestamp)(nil), // 5: google.protobuf.Timestamp } var file_cosmos_authz_v1beta1_authz_proto_depIdxs = []int32{ - 3, // 0: cosmos.authz.v1beta1.Grant.authorization:type_name -> google.protobuf.Any - 4, // 1: cosmos.authz.v1beta1.Grant.expiration:type_name -> google.protobuf.Timestamp - 3, // 2: cosmos.authz.v1beta1.GrantAuthorization.authorization:type_name -> google.protobuf.Any - 4, // 3: cosmos.authz.v1beta1.GrantAuthorization.expiration:type_name -> google.protobuf.Timestamp + 4, // 0: cosmos.authz.v1beta1.Grant.authorization:type_name -> google.protobuf.Any + 5, // 1: cosmos.authz.v1beta1.Grant.expiration:type_name -> google.protobuf.Timestamp + 4, // 2: cosmos.authz.v1beta1.GrantAuthorization.authorization:type_name -> google.protobuf.Any + 5, // 3: cosmos.authz.v1beta1.GrantAuthorization.expiration:type_name -> google.protobuf.Timestamp 4, // [4:4] is the sub-list for method output_type 4, // [4:4] is the sub-list for method input_type 4, // [4:4] is the sub-list for extension type_name @@ -1886,6 +2408,18 @@ func file_cosmos_authz_v1beta1_authz_proto_init() { return nil } } + file_cosmos_authz_v1beta1_authz_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GrantQueueItem); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } } type x struct{} out := protoimpl.TypeBuilder{ @@ -1893,7 +2427,7 @@ func file_cosmos_authz_v1beta1_authz_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_cosmos_authz_v1beta1_authz_proto_rawDesc, NumEnums: 0, - NumMessages: 3, + NumMessages: 4, NumExtensions: 0, NumServices: 0, }, diff --git a/api/cosmos/group/v1beta1/types.pulsar.go b/api/cosmos/group/v1beta1/types.pulsar.go index 0df890979c9c..f9160f288dea 100644 --- a/api/cosmos/group/v1beta1/types.pulsar.go +++ b/api/cosmos/group/v1beta1/types.pulsar.go @@ -7401,7 +7401,7 @@ type Proposal struct { // has ended. FinalTallyResult *TallyResult `protobuf:"bytes,10,opt,name=final_tally_result,json=finalTallyResult,proto3" json:"final_tally_result,omitempty"` // timeout is the timestamp before which both voting and execution must be - // done. If this timestamp is passed, then the proposal can not be executed + // done. If this timestamp is passed, then the proposal cannot be executed // anymore and should be considered pending delete. This timestamp is checked // against the block header's timestamp. Timeout *timestamppb.Timestamp `protobuf:"bytes,11,opt,name=timeout,proto3" json:"timeout,omitempty"` diff --git a/proto/cosmos/authz/v1beta1/authz.proto b/proto/cosmos/authz/v1beta1/authz.proto index e59bd1b4995d..c9b571eec5ad 100644 --- a/proto/cosmos/authz/v1beta1/authz.proto +++ b/proto/cosmos/authz/v1beta1/authz.proto @@ -35,3 +35,9 @@ message GrantAuthorization { google.protobuf.Any authorization = 3 [(cosmos_proto.accepts_interface) = "Authorization"]; google.protobuf.Timestamp expiration = 4 [(gogoproto.nullable) = false, (gogoproto.stdtime) = true]; } + +// GrantQueueItem contains the list of TypeURL of a sdk.Msg. +message GrantQueueItem { + // msg_type_urls contains the list of TypeURL of a sdk.Msg. + repeated string msg_type_urls = 1; +} diff --git a/simapp/sim_test.go b/simapp/sim_test.go index 26b1252086aa..20b751ffa0c0 100644 --- a/simapp/sim_test.go +++ b/simapp/sim_test.go @@ -188,7 +188,7 @@ func TestAppImportExport(t *testing.T) { {app.keys[govtypes.StoreKey], newApp.keys[govtypes.StoreKey], [][]byte{}}, {app.keys[evidencetypes.StoreKey], newApp.keys[evidencetypes.StoreKey], [][]byte{}}, {app.keys[capabilitytypes.StoreKey], newApp.keys[capabilitytypes.StoreKey], [][]byte{}}, - {app.keys[authzkeeper.StoreKey], newApp.keys[authzkeeper.StoreKey], [][]byte{}}, + {app.keys[authzkeeper.StoreKey], newApp.keys[authzkeeper.StoreKey], [][]byte{authzkeeper.GrantKey, authzkeeper.GrantQueuePrefix}}, } for _, skp := range storeKeysPrefixes { diff --git a/x/authz/authorization_grant.go b/x/authz/authorization_grant.go index 30bc1eec467d..2c2244660f82 100644 --- a/x/authz/authorization_grant.go +++ b/x/authz/authorization_grant.go @@ -43,15 +43,15 @@ func (g Grant) UnpackInterfaces(unpacker cdctypes.AnyUnpacker) error { } // GetAuthorization returns the cached value from the Grant.Authorization if present. -func (g Grant) GetAuthorization() Authorization { +func (g Grant) GetAuthorization() (Authorization, error) { if g.Authorization == nil { - return nil + return nil, sdkerrors.Wrap(sdkerrors.ErrInvalidType, "authorization is nil") } a, ok := g.Authorization.GetCachedValue().(Authorization) if !ok { - return nil + return nil, sdkerrors.ErrInvalidType.Wrapf("expected %T, got %T", (Authorization)(nil), g.Authorization.GetCachedValue()) } - return a + return a, nil } func (g Grant) ValidateBasic() error { diff --git a/x/authz/authz.pb.go b/x/authz/authz.pb.go index 11bcda74a57a..2c8aac50f41c 100644 --- a/x/authz/authz.pb.go +++ b/x/authz/authz.pb.go @@ -151,39 +151,82 @@ func (m *GrantAuthorization) XXX_DiscardUnknown() { var xxx_messageInfo_GrantAuthorization proto.InternalMessageInfo +// GrantQueueItem contains the list of TypeURL of a sdk.Msg. +type GrantQueueItem struct { + // msg_type_urls contains the list of TypeURL of a sdk.Msg. + MsgTypeUrls []string `protobuf:"bytes,1,rep,name=msg_type_urls,json=msgTypeUrls,proto3" json:"msg_type_urls,omitempty"` +} + +func (m *GrantQueueItem) Reset() { *m = GrantQueueItem{} } +func (m *GrantQueueItem) String() string { return proto.CompactTextString(m) } +func (*GrantQueueItem) ProtoMessage() {} +func (*GrantQueueItem) Descriptor() ([]byte, []int) { + return fileDescriptor_544dc2e84b61c637, []int{3} +} +func (m *GrantQueueItem) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *GrantQueueItem) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_GrantQueueItem.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *GrantQueueItem) XXX_Merge(src proto.Message) { + xxx_messageInfo_GrantQueueItem.Merge(m, src) +} +func (m *GrantQueueItem) XXX_Size() int { + return m.Size() +} +func (m *GrantQueueItem) XXX_DiscardUnknown() { + xxx_messageInfo_GrantQueueItem.DiscardUnknown(m) +} + +var xxx_messageInfo_GrantQueueItem proto.InternalMessageInfo + func init() { proto.RegisterType((*GenericAuthorization)(nil), "cosmos.authz.v1beta1.GenericAuthorization") proto.RegisterType((*Grant)(nil), "cosmos.authz.v1beta1.Grant") proto.RegisterType((*GrantAuthorization)(nil), "cosmos.authz.v1beta1.GrantAuthorization") + proto.RegisterType((*GrantQueueItem)(nil), "cosmos.authz.v1beta1.GrantQueueItem") } func init() { proto.RegisterFile("cosmos/authz/v1beta1/authz.proto", fileDescriptor_544dc2e84b61c637) } var fileDescriptor_544dc2e84b61c637 = []byte{ - // 364 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x52, 0x48, 0xce, 0x2f, 0xce, - 0xcd, 0x2f, 0xd6, 0x4f, 0x2c, 0x2d, 0xc9, 0xa8, 0xd2, 0x2f, 0x33, 0x4c, 0x4a, 0x2d, 0x49, 0x34, - 0x84, 0xf0, 0xf4, 0x0a, 0x8a, 0xf2, 0x4b, 0xf2, 0x85, 0x44, 0x20, 0x2a, 0xf4, 0x20, 0x62, 0x50, - 0x15, 0x52, 0x92, 0x10, 0xd1, 0x78, 0xb0, 0x1a, 0x7d, 0xa8, 0x12, 0x30, 0x47, 0x4a, 0x3e, 0x3d, - 0x3f, 0x3f, 0x3d, 0x27, 0x55, 0x1f, 0xcc, 0x4b, 0x2a, 0x4d, 0xd3, 0x2f, 0xc9, 0xcc, 0x4d, 0x2d, - 0x2e, 0x49, 0xcc, 0x2d, 0x80, 0x2a, 0x10, 0x49, 0xcf, 0x4f, 0xcf, 0x87, 0x68, 0x04, 0xb1, 0xa0, - 0xa2, 0x92, 0xe8, 0xda, 0x12, 0xf3, 0x2a, 0x21, 0x52, 0x4a, 0xd6, 0x5c, 0x22, 0xee, 0xa9, 0x79, - 0xa9, 0x45, 0x99, 0xc9, 0x8e, 0xa5, 0x25, 0x19, 0xf9, 0x45, 0x99, 0x55, 0x89, 0x25, 0x99, 0xf9, - 0x79, 0x42, 0x02, 0x5c, 0xcc, 0xb9, 0xc5, 0xe9, 0x12, 0x8c, 0x0a, 0x8c, 0x1a, 0x9c, 0x41, 0x20, - 0xa6, 0x95, 0xe0, 0xa9, 0x2d, 0xba, 0xbc, 0x28, 0x8a, 0x94, 0xe6, 0x30, 0x72, 0xb1, 0xba, 0x17, - 0x25, 0xe6, 0x95, 0x08, 0xf9, 0x72, 0xf1, 0x26, 0x22, 0x4b, 0x81, 0x35, 0x72, 0x1b, 0x89, 0xe8, - 0x41, 0x6c, 0xd6, 0x83, 0xd9, 0xac, 0xe7, 0x98, 0x57, 0xe9, 0x84, 0x69, 0x52, 0x10, 0xaa, 0x6e, - 0x21, 0x17, 0x2e, 0xae, 0xd4, 0x8a, 0x82, 0xcc, 0x22, 0x88, 0x59, 0x4c, 0x60, 0xb3, 0xa4, 0x30, - 0xcc, 0x0a, 0x81, 0x79, 0xde, 0x89, 0xe3, 0xc4, 0x3d, 0x79, 0x86, 0x09, 0xf7, 0xe5, 0x19, 0x83, - 0x90, 0xf4, 0x29, 0x4d, 0x64, 0xe2, 0x12, 0x02, 0x3b, 0x0f, 0xd5, 0x6b, 0x46, 0x5c, 0xec, 0xe9, - 0x20, 0xd1, 0xd4, 0x22, 0x88, 0xf7, 0x9c, 0x24, 0x2e, 0x6d, 0xd1, 0x85, 0x45, 0x85, 0x63, 0x4a, - 0x4a, 0x51, 0x6a, 0x71, 0x71, 0x70, 0x49, 0x51, 0x66, 0x5e, 0x7a, 0x10, 0x4c, 0x21, 0x42, 0x4f, - 0x2a, 0xd8, 0x35, 0x44, 0xe8, 0x49, 0xc5, 0x0c, 0x13, 0x66, 0x2a, 0x86, 0x09, 0x0b, 0x79, 0x61, - 0xe2, 0xe4, 0x74, 0xe2, 0xa1, 0x1c, 0xc3, 0x89, 0x47, 0x72, 0x8c, 0x17, 0x1e, 0xc9, 0x31, 0x3e, - 0x78, 0x24, 0xc7, 0x38, 0xe1, 0xb1, 0x1c, 0xc3, 0x85, 0xc7, 0x72, 0x0c, 0x37, 0x1e, 0xcb, 0x31, - 0x44, 0xa9, 0xa4, 0x67, 0x96, 0x64, 0x94, 0x26, 0xe9, 0x25, 0xe7, 0xe7, 0x42, 0x13, 0x1e, 0x94, - 0xd2, 0x2d, 0x4e, 0xc9, 0xd6, 0xaf, 0x80, 0x24, 0xde, 0x24, 0x36, 0xb0, 0x6d, 0xc6, 0x80, 0x00, - 0x00, 0x00, 0xff, 0xff, 0x37, 0xff, 0xb8, 0x9b, 0xe1, 0x02, 0x00, 0x00, + // 410 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x52, 0x3d, 0x6f, 0xda, 0x40, + 0x18, 0xf6, 0x41, 0xbf, 0x38, 0x44, 0xd5, 0x5a, 0x1e, 0x80, 0xc1, 0x20, 0xab, 0x03, 0x0b, 0xb6, + 0xa0, 0x9d, 0xda, 0x09, 0xab, 0x12, 0xea, 0xd0, 0xa1, 0x2e, 0x5d, 0xba, 0x20, 0x1b, 0x2e, 0x87, + 0x15, 0xce, 0x67, 0xdd, 0x9d, 0x23, 0xcc, 0xaf, 0x20, 0x7b, 0x7e, 0x06, 0x3f, 0x02, 0x65, 0x42, + 0x99, 0x32, 0xe5, 0x03, 0xfe, 0x48, 0xc4, 0x9d, 0xad, 0x40, 0x58, 0xa2, 0x28, 0x93, 0xef, 0x7d, + 0xee, 0x79, 0x9e, 0x7b, 0xdf, 0xc7, 0x2f, 0x6c, 0x8e, 0x28, 0x27, 0x94, 0x3b, 0x7e, 0x22, 0x26, + 0x73, 0xe7, 0xac, 0x13, 0x20, 0xe1, 0x77, 0x54, 0x65, 0xc7, 0x8c, 0x0a, 0xaa, 0x1b, 0x8a, 0x61, + 0x2b, 0x2c, 0x63, 0xd4, 0x6b, 0x0a, 0x1d, 0x4a, 0x8e, 0x93, 0x51, 0x64, 0x51, 0x6f, 0x60, 0x4a, + 0xf1, 0x14, 0x39, 0xb2, 0x0a, 0x92, 0x13, 0x47, 0x84, 0x04, 0x71, 0xe1, 0x93, 0x38, 0x23, 0x18, + 0x98, 0x62, 0xaa, 0x84, 0xbb, 0x53, 0x86, 0xd6, 0x9e, 0xca, 0xfc, 0x28, 0x55, 0x57, 0xd6, 0x0f, + 0x68, 0xf4, 0x51, 0x84, 0x58, 0x38, 0xea, 0x25, 0x62, 0x42, 0x59, 0x38, 0xf7, 0x45, 0x48, 0x23, + 0xfd, 0x13, 0x2c, 0x12, 0x8e, 0xab, 0xa0, 0x09, 0x5a, 0x25, 0x6f, 0x77, 0xfc, 0xfe, 0xf9, 0x72, + 0xd9, 0xae, 0x1c, 0x90, 0xac, 0x0b, 0x00, 0xdf, 0xf6, 0x99, 0x1f, 0x09, 0xfd, 0x37, 0xac, 0xf8, + 0xfb, 0x57, 0x52, 0x58, 0xee, 0x1a, 0xb6, 0x7a, 0xd9, 0xce, 0x5f, 0xb6, 0x7b, 0x51, 0xea, 0x1e, + 0x3b, 0x79, 0x87, 0x6a, 0xfd, 0x27, 0x84, 0x68, 0x16, 0x87, 0x4c, 0x79, 0x15, 0xa4, 0x57, 0xfd, + 0xc8, 0x6b, 0x90, 0x0f, 0xef, 0x7e, 0x58, 0xdd, 0x34, 0xb4, 0xc5, 0x6d, 0x03, 0x78, 0x7b, 0x3a, + 0xeb, 0xbc, 0x00, 0x75, 0xd9, 0xde, 0xe1, 0x68, 0x5d, 0xf8, 0x1e, 0xef, 0x50, 0xc4, 0xd4, 0x78, + 0x6e, 0xf5, 0x6a, 0xd9, 0xce, 0x7f, 0x45, 0x6f, 0x3c, 0x66, 0x88, 0xf3, 0xbf, 0x82, 0x85, 0x11, + 0xf6, 0x72, 0xe2, 0xa3, 0x06, 0xc9, 0x6e, 0x9e, 0xa1, 0x41, 0xc7, 0x99, 0x14, 0x5f, 0x31, 0x93, + 0x37, 0x2f, 0xcc, 0xe4, 0x1b, 0xfc, 0x28, 0x23, 0xf9, 0x93, 0xa0, 0x04, 0xfd, 0x12, 0x88, 0xe8, + 0x16, 0xac, 0x10, 0x8e, 0x87, 0x22, 0x8d, 0xd1, 0x30, 0x61, 0x53, 0x5e, 0x05, 0xcd, 0x62, 0xab, + 0xe4, 0x95, 0x09, 0xc7, 0x83, 0x34, 0x46, 0xff, 0xd8, 0x94, 0xbb, 0xee, 0xea, 0xde, 0xd4, 0x56, + 0x1b, 0x13, 0xac, 0x37, 0x26, 0xb8, 0xdb, 0x98, 0x60, 0xb1, 0x35, 0xb5, 0xf5, 0xd6, 0xd4, 0xae, + 0xb7, 0xa6, 0xf6, 0xff, 0x0b, 0x0e, 0xc5, 0x24, 0x09, 0xec, 0x11, 0x25, 0xd9, 0xba, 0x66, 0x9f, + 0x36, 0x1f, 0x9f, 0x3a, 0x33, 0xb5, 0xf2, 0xc1, 0x3b, 0xd9, 0xe3, 0xd7, 0x87, 0x00, 0x00, 0x00, + 0xff, 0xff, 0x86, 0xd2, 0xd7, 0xaf, 0x17, 0x03, 0x00, 0x00, } func (m *GenericAuthorization) Marshal() (dAtA []byte, err error) { @@ -316,6 +359,38 @@ func (m *GrantAuthorization) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } +func (m *GrantQueueItem) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *GrantQueueItem) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *GrantQueueItem) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.MsgTypeUrls) > 0 { + for iNdEx := len(m.MsgTypeUrls) - 1; iNdEx >= 0; iNdEx-- { + i -= len(m.MsgTypeUrls[iNdEx]) + copy(dAtA[i:], m.MsgTypeUrls[iNdEx]) + i = encodeVarintAuthz(dAtA, i, uint64(len(m.MsgTypeUrls[iNdEx]))) + i-- + dAtA[i] = 0xa + } + } + return len(dAtA) - i, nil +} + func encodeVarintAuthz(dAtA []byte, offset int, v uint64) int { offset -= sovAuthz(v) base := offset @@ -378,6 +453,21 @@ func (m *GrantAuthorization) Size() (n int) { return n } +func (m *GrantQueueItem) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + if len(m.MsgTypeUrls) > 0 { + for _, s := range m.MsgTypeUrls { + l = len(s) + n += 1 + l + sovAuthz(uint64(l)) + } + } + return n +} + func sovAuthz(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -768,6 +858,88 @@ func (m *GrantAuthorization) Unmarshal(dAtA []byte) error { } return nil } +func (m *GrantQueueItem) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAuthz + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: GrantQueueItem: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: GrantQueueItem: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field MsgTypeUrls", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAuthz + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthAuthz + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthAuthz + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.MsgTypeUrls = append(m.MsgTypeUrls, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAuthz(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAuthz + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipAuthz(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/x/authz/client/testutil/grpc.go b/x/authz/client/testutil/grpc.go index 5d94ed4ceef7..6cf5e65ab76a 100644 --- a/x/authz/client/testutil/grpc.go +++ b/x/authz/client/testutil/grpc.go @@ -50,7 +50,7 @@ func (s *IntegrationTestSuite) TestQueryGrantGRPC() { "fail invalid msg-type", fmt.Sprintf(grantsURL, val.Address.String(), grantee.String(), "invalidMsg"), true, - "rpc error: code = NotFound desc = no authorization found for invalidMsg type: key not found", + "authorization not found for invalidMsg type", }, { "valid query", @@ -72,7 +72,8 @@ func (s *IntegrationTestSuite) TestQueryGrantGRPC() { require.NoError(err) require.Len(g.Grants, 1) g.Grants[0].UnpackInterfaces(val.ClientCtx.InterfaceRegistry) - auth := g.Grants[0].GetAuthorization() + auth, err := g.Grants[0].GetAuthorization() + require.NoError(err) require.Equal(auth.MsgTypeURL(), banktypes.SendAuthorization{}.MsgTypeURL()) } }) diff --git a/x/authz/keeper/grpc_query.go b/x/authz/keeper/grpc_query.go index 6b114c19ba46..6f1947b1bbb7 100644 --- a/x/authz/keeper/grpc_query.go +++ b/x/authz/keeper/grpc_query.go @@ -12,6 +12,7 @@ import ( codectypes "github.com/cosmos/cosmos-sdk/codec/types" "github.com/cosmos/cosmos-sdk/store/prefix" sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" "github.com/cosmos/cosmos-sdk/types/query" "github.com/cosmos/cosmos-sdk/x/authz" ) @@ -33,17 +34,19 @@ func (k Keeper) Grants(c context.Context, req *authz.QueryGrantsRequest) (*authz if err != nil { return nil, err } - ctx := sdk.UnwrapSDKContext(c) - - store := ctx.KVStore(k.storeKey) - key := grantStoreKey(grantee, granter, "") - authStore := prefix.NewStore(store, key) + ctx := sdk.UnwrapSDKContext(c) if req.MsgTypeUrl != "" { - authorization, expiration := k.GetCleanAuthorization(ctx, grantee, granter, req.MsgTypeUrl) - if authorization == nil { - return nil, status.Errorf(codes.NotFound, "no authorization found for %s type", req.MsgTypeUrl) + grant, found := k.getGrant(ctx, grantStoreKey(grantee, granter, req.MsgTypeUrl)) + if !found { + return nil, sdkerrors.ErrNotFound.Wrapf("authorization not found for %s type", req.MsgTypeUrl) + } + + authorization, err := grant.GetAuthorization() + if err != nil { + return nil, err } + authorizationAny, err := codectypes.NewAnyWithValue(authorization) if err != nil { return nil, status.Errorf(codes.Internal, err.Error()) @@ -51,18 +54,27 @@ func (k Keeper) Grants(c context.Context, req *authz.QueryGrantsRequest) (*authz return &authz.QueryGrantsResponse{ Grants: []*authz.Grant{{ Authorization: authorizationAny, - Expiration: expiration, + Expiration: grant.Expiration, }}, }, nil } + store := ctx.KVStore(k.storeKey) + key := grantStoreKey(grantee, granter, "") + grantsStore := prefix.NewStore(store, key) + var authorizations []*authz.Grant - pageRes, err := query.FilteredPaginate(authStore, req.Pagination, func(key []byte, value []byte, accumulate bool) (bool, error) { + pageRes, err := query.FilteredPaginate(grantsStore, req.Pagination, func(key []byte, value []byte, accumulate bool) (bool, error) { auth, err := unmarshalAuthorization(k.cdc, value) if err != nil { return false, err } - auth1 := auth.GetAuthorization() + + auth1, err := auth.GetAuthorization() + if err != nil { + return false, err + } + if accumulate { msg, ok := auth1.(proto.Message) if !ok { @@ -113,7 +125,11 @@ func (k Keeper) GranterGrants(c context.Context, req *authz.QueryGranterGrantsRe return false, err } - auth1 := auth.GetAuthorization() + auth1, err := auth.GetAuthorization() + if err != nil { + return false, err + } + if accumulate { any, err := codectypes.NewAnyWithValue(auth1) if err != nil { @@ -162,12 +178,15 @@ func (k Keeper) GranteeGrants(c context.Context, req *authz.QueryGranteeGrantsRe return false, err } - granter, g := addressesFromGrantStoreKey(append(GrantKey, key...)) + granter, g, _ := parseGrantStoreKey(append(GrantKey, key...)) if !g.Equals(grantee) { return false, nil } - auth1 := auth.GetAuthorization() + auth1, err := auth.GetAuthorization() + if err != nil { + return false, err + } if accumulate { any, err := codectypes.NewAnyWithValue(auth1) if err != nil { diff --git a/x/authz/keeper/grpc_query_test.go b/x/authz/keeper/grpc_query_test.go index f10163b27a24..52a1012d2788 100644 --- a/x/authz/keeper/grpc_query_test.go +++ b/x/authz/keeper/grpc_query_test.go @@ -52,7 +52,7 @@ func (suite *TestSuite) TestGRPCQueryAuthorization() { MsgTypeUrl: "unknown", } }, - "no authorization found for unknown type", + "authorization not found for unknown type", func(require *require.Assertions, res *authz.QueryGrantsResponse) {}, }, { diff --git a/x/authz/keeper/keeper.go b/x/authz/keeper/keeper.go index 933263aebeb2..c9fa0311f9ab 100644 --- a/x/authz/keeper/keeper.go +++ b/x/authz/keeper/keeper.go @@ -18,6 +18,11 @@ import ( "github.com/cosmos/cosmos-sdk/x/authz" ) +// TODO: Revisit this once we have propoer gas fee framework. +// Tracking issues https://github.com/cosmos/cosmos-sdk/issues/9054, +// https://github.com/cosmos/cosmos-sdk/discussions/9072 +const gasCostPerIteration = uint64(20) + type Keeper struct { storeKey storetypes.StoreKey cdc codec.BinaryCodec @@ -87,10 +92,20 @@ func (k Keeper) DispatchActions(ctx sdk.Context, grantee sdk.AccAddress, msgs [] // if granter != grantee then check authorization.Accept, otherwise we implicitly accept. if !granter.Equals(grantee) { - authorization, _ := k.GetCleanAuthorization(ctx, grantee, granter, sdk.MsgTypeURL(msg)) - if authorization == nil { + grant, found := k.getGrant(ctx, grantStoreKey(grantee, granter, sdk.MsgTypeURL(msg))) + if !found { return nil, sdkerrors.ErrUnauthorized.Wrap("authorization not found") } + + if grant.Expiration.Before(ctx.BlockTime()) { + return nil, sdkerrors.ErrUnauthorized.Wrap("authorization expired") + } + + authorization, err := grant.GetAuthorization() + if err != nil { + return nil, err + } + resp, err := authorization.Accept(ctx, msg) if err != nil { return nil, err @@ -132,10 +147,12 @@ func (k Keeper) DispatchActions(ctx sdk.Context, grantee sdk.AccAddress, msgs [] } // SaveGrant method grants the provided authorization to the grantee on the granter's account -// with the provided expiration time. If there is an existing authorization grant for the +// with the provided expiration time and insert authorization key into the grants queue. If there is an existing authorization grant for the // same `sdk.Msg` type, this grant overwrites that. func (k Keeper) SaveGrant(ctx sdk.Context, grantee, granter sdk.AccAddress, authorization authz.Authorization, expiration time.Time) error { store := ctx.KVStore(k.storeKey) + skey := grantStoreKey(grantee, granter, authorization.MsgTypeURL()) + oldGrant, found := k.getGrant(ctx, skey) grant, err := authz.NewGrant(ctx.BlockTime(), authorization, expiration) if err != nil { @@ -143,8 +160,21 @@ func (k Keeper) SaveGrant(ctx sdk.Context, grantee, granter sdk.AccAddress, auth } bz := k.cdc.MustMarshal(&grant) - skey := grantStoreKey(grantee, granter, authorization.MsgTypeURL()) store.Set(skey, bz) + + if found { + // if expiration is not the same, remove old key and add the new key to queue + if !oldGrant.Expiration.Equal(expiration) { + if err := k.removeFromGrantQueue(ctx, skey, oldGrant.Expiration, granter, grantee); err != nil { + return err + } + + k.insertIntoGrantQueue(ctx, granter, grantee, authorization.MsgTypeURL(), expiration) + } + } else { + k.insertIntoGrantQueue(ctx, granter, grantee, authorization.MsgTypeURL(), expiration) + } + return ctx.EventManager().EmitTypedEvent(&authz.EventGrant{ MsgTypeUrl: authorization.MsgTypeURL(), Granter: granter.String(), @@ -157,11 +187,16 @@ func (k Keeper) SaveGrant(ctx sdk.Context, grantee, granter sdk.AccAddress, auth func (k Keeper) DeleteGrant(ctx sdk.Context, grantee sdk.AccAddress, granter sdk.AccAddress, msgType string) error { store := ctx.KVStore(k.storeKey) skey := grantStoreKey(grantee, granter, msgType) - _, found := k.getGrant(ctx, skey) + grant, found := k.getGrant(ctx, skey) if !found { return sdkerrors.ErrNotFound.Wrap("authorization not found") } + store.Delete(skey) + if err := k.removeFromGrantQueue(ctx, skey, grant.Expiration, granter, grantee); err != nil { + return err + } + return ctx.EventManager().EmitTypedEvent(&authz.EventRevoke{ MsgTypeUrl: msgType, Granter: granter.String(), @@ -170,33 +205,28 @@ func (k Keeper) DeleteGrant(ctx sdk.Context, grantee sdk.AccAddress, granter sdk } // GetAuthorizations Returns list of `Authorizations` granted to the grantee by the granter. -func (k Keeper) GetAuthorizations(ctx sdk.Context, grantee sdk.AccAddress, granter sdk.AccAddress) (authorizations []authz.Authorization) { +func (k Keeper) GetAuthorizations(ctx sdk.Context, grantee sdk.AccAddress, granter sdk.AccAddress) ([]authz.Authorization, error) { store := ctx.KVStore(k.storeKey) key := grantStoreKey(grantee, granter, "") iter := sdk.KVStorePrefixIterator(store, key) defer iter.Close() + var authorization authz.Grant + var authorizations []authz.Authorization for ; iter.Valid(); iter.Next() { - k.cdc.MustUnmarshal(iter.Value(), &authorization) - authorizations = append(authorizations, authorization.GetAuthorization()) - } - return authorizations -} + if err := k.cdc.Unmarshal(iter.Value(), &authorization); err != nil { + return nil, err + } -// GetCleanAuthorization returns an `Authorization` and it's expiration time for -// (grantee, granter, message name) grant. If there is no grant `nil` is returned. -// If the grant is expired, the grant is revoked, removed from the storage, and `nil` is returned. -func (k Keeper) GetCleanAuthorization(ctx sdk.Context, grantee sdk.AccAddress, granter sdk.AccAddress, msgType string) (cap authz.Authorization, expiration time.Time) { - grant, found := k.getGrant(ctx, grantStoreKey(grantee, granter, msgType)) - if !found { - return nil, time.Time{} - } - if grant.Expiration.Before(ctx.BlockHeader().Time) { - k.DeleteGrant(ctx, grantee, granter, msgType) - return nil, time.Time{} + a, err := authorization.GetAuthorization() + if err != nil { + return nil, err + } + + authorizations = append(authorizations, a) } - return grant.GetAuthorization(), grant.Expiration + return authorizations, nil } // IterateGrants iterates over all authorization grants @@ -209,7 +239,7 @@ func (k Keeper) IterateGrants(ctx sdk.Context, defer iter.Close() for ; iter.Valid(); iter.Next() { var grant authz.Grant - granterAddr, granteeAddr := addressesFromGrantStoreKey(iter.Key()) + granterAddr, granteeAddr, _ := parseGrantStoreKey(iter.Key()) k.cdc.MustUnmarshal(iter.Value(), &grant) if handler(granterAddr, granteeAddr, grant) { break @@ -237,6 +267,7 @@ func (k Keeper) ExportGenesis(ctx sdk.Context) *authz.GenesisState { // InitGenesis new authz genesis func (k Keeper) InitGenesis(ctx sdk.Context, data *authz.GenesisState) { for _, entry := range data.Authorization { + // ignore expired authorizations if entry.Expiration.Before(ctx.BlockTime()) { continue } @@ -262,3 +293,114 @@ func (k Keeper) InitGenesis(ctx sdk.Context, data *authz.GenesisState) { } } } + +func (keeper Keeper) getGrantQueueItem(ctx sdk.Context, expiration time.Time, granter, grantee sdk.AccAddress) (*authz.GrantQueueItem, error) { + store := ctx.KVStore(keeper.storeKey) + bz := store.Get(GrantQueueKey(expiration, granter, grantee)) + if bz == nil { + return &authz.GrantQueueItem{}, nil + } + + var queueItems authz.GrantQueueItem + if err := keeper.cdc.Unmarshal(bz, &queueItems); err != nil { + return nil, err + } + return &queueItems, nil +} + +func (k Keeper) setGrantQueueItem(ctx sdk.Context, expiration time.Time, + granter sdk.AccAddress, grantee sdk.AccAddress, queueItems *authz.GrantQueueItem) error { + store := ctx.KVStore(k.storeKey) + bz, err := k.cdc.Marshal(queueItems) + if err != nil { + return err + } + store.Set(GrantQueueKey(expiration, granter, grantee), bz) + + return nil +} + +// insertIntoGrantQueue inserts a grant key into the grant queue +func (keeper Keeper) insertIntoGrantQueue(ctx sdk.Context, granter, grantee sdk.AccAddress, msgType string, + expiration time.Time) error { + queueItems, err := keeper.getGrantQueueItem(ctx, expiration, granter, grantee) + if err != nil { + return err + } + + if len(queueItems.MsgTypeUrls) == 0 { + keeper.setGrantQueueItem(ctx, expiration, granter, grantee, &authz.GrantQueueItem{ + MsgTypeUrls: []string{msgType}, + }) + } else { + queueItems.MsgTypeUrls = append(queueItems.MsgTypeUrls, msgType) + keeper.setGrantQueueItem(ctx, expiration, granter, grantee, queueItems) + } + + return nil +} + +// removeFromGrantQueue removes a grant key from the grant queue +func (keeper Keeper) removeFromGrantQueue(ctx sdk.Context, grantKey []byte, expiration time.Time, granter, grantee sdk.AccAddress) error { + store := ctx.KVStore(keeper.storeKey) + key := GrantQueueKey(expiration, granter, grantee) + bz := store.Get(key) + if bz == nil { + return sdkerrors.ErrLogic.Wrap("grant key not found") + } + + var queueItem authz.GrantQueueItem + if err := keeper.cdc.Unmarshal(bz, &queueItem); err != nil { + return err + } + + _, _, msgType := parseGrantStoreKey(grantKey) + queueItems := queueItem.MsgTypeUrls + + for index, typeUrl := range queueItems { + ctx.GasMeter().ConsumeGas(gasCostPerIteration, "grant queue") + + if typeUrl == msgType { + end := len(queueItem.MsgTypeUrls) - 1 + queueItems[index] = queueItems[end] + queueItems = queueItems[:end] + + if err := keeper.setGrantQueueItem(ctx, expiration, granter, grantee, &authz.GrantQueueItem{ + MsgTypeUrls: queueItems, + }); err != nil { + return err + } + break + } + } + + return nil +} + +// DequeueAndDeleteExpiredGrants deletes expired grants from the state and grant queue. +func (k Keeper) DequeueAndDeleteExpiredGrants(ctx sdk.Context) error { + store := ctx.KVStore(k.storeKey) + + iterator := store.Iterator(GrantQueuePrefix, sdk.InclusiveEndBytes(GrantQueueTimePrefix(ctx.BlockTime()))) + defer iterator.Close() + + for ; iterator.Valid(); iterator.Next() { + var queueItem authz.GrantQueueItem + if err := k.cdc.Unmarshal(iterator.Value(), &queueItem); err != nil { + return err + } + + _, granter, grantee, err := parseGrantQueueKey(iterator.Key()) + if err != nil { + return err + } + + store.Delete(iterator.Key()) + + for _, typeUrl := range queueItem.MsgTypeUrls { + store.Delete(grantStoreKey(grantee, granter, typeUrl)) + } + } + + return nil +} diff --git a/x/authz/keeper/keeper_test.go b/x/authz/keeper/keeper_test.go index cb9566902cef..7cb6a1b8461b 100644 --- a/x/authz/keeper/keeper_test.go +++ b/x/authz/keeper/keeper_test.go @@ -16,7 +16,12 @@ import ( banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" ) -var bankSendAuthMsgType = banktypes.SendAuthorization{}.MsgTypeURL() +var ( + bankSendAuthMsgType = banktypes.SendAuthorization{}.MsgTypeURL() + coins10 = sdk.NewCoins(sdk.NewInt64Coin("stake", 10)) + coins100 = sdk.NewCoins(sdk.NewInt64Coin("stake", 100)) + coins1000 = sdk.NewCoins(sdk.NewInt64Coin("stake", 1000)) +) type TestSuite struct { suite.Suite @@ -45,53 +50,55 @@ func (s *TestSuite) SetupTest() { func (s *TestSuite) TestKeeper() { app, ctx, addrs := s.app, s.ctx, s.addrs + now := ctx.BlockTime() + require := s.Require() granterAddr := addrs[0] granteeAddr := addrs[1] - recipientAddr := addrs[2] s.T().Log("verify that no authorization returns nil") - authorization, expiration := app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().Nil(authorization) - s.Require().Equal(expiration, time.Time{}) - now := s.ctx.BlockHeader().Time - - newCoins := sdk.NewCoins(sdk.NewInt64Coin("steak", 100)) - s.T().Log("verify if expired authorization is rejected") - x := &banktypes.SendAuthorization{SpendLimit: newCoins} - err := app.AuthzKeeper.SaveGrant(ctx, granterAddr, granteeAddr, x, now.Add(-1*time.Hour)) - s.Require().Error(err) - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().Nil(authorization) - - s.T().Log("verify if authorization is accepted") - x = &banktypes.SendAuthorization{SpendLimit: newCoins} - err = app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, x, now.Add(time.Hour)) - s.Require().NoError(err) - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().NotNil(authorization) - s.Require().Equal(authorization.MsgTypeURL(), bankSendAuthMsgType) - - s.T().Log("verify fetching authorization with wrong msg type fails") - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, sdk.MsgTypeURL(&banktypes.MsgMultiSend{})) - s.Require().Nil(authorization) - - s.T().Log("verify fetching authorization with wrong grantee fails") - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, recipientAddr, granterAddr, bankSendAuthMsgType) - s.Require().Nil(authorization) - - s.T().Log("verify revoke fails with wrong information") - err = app.AuthzKeeper.DeleteGrant(ctx, recipientAddr, granterAddr, bankSendAuthMsgType) - s.Require().Error(err) - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, recipientAddr, granterAddr, bankSendAuthMsgType) - s.Require().Nil(authorization) + authorizations, err := app.AuthzKeeper.GetAuthorizations(ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authorizations, 0) - s.T().Log("verify revoke executes with correct information") - err = app.AuthzKeeper.DeleteGrant(ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().NoError(err) - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().Nil(authorization) + s.T().Log("verify save, get and delete") + sendAutz := &banktypes.SendAuthorization{SpendLimit: coins100} + err = app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, sendAutz, now.AddDate(1, 0, 0)) + require.NoError(err) + authorizations, err = app.AuthzKeeper.GetAuthorizations(ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authorizations, 1) + + err = app.AuthzKeeper.DeleteGrant(ctx, granteeAddr, granterAddr, sendAutz.MsgTypeURL()) + require.NoError(err) + + authorizations, err = app.AuthzKeeper.GetAuthorizations(ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authorizations, 0) + + s.T().Log("verify granting same authorization overwrite existing authorization") + err = app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, sendAutz, now.AddDate(1, 0, 0)) + require.NoError(err) + + authorizations, err = app.AuthzKeeper.GetAuthorizations(ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authorizations, 1) + + sendAutz = &banktypes.SendAuthorization{SpendLimit: coins1000} + err = app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, sendAutz, now.AddDate(1, 0, 0)) + require.NoError(err) + authorizations, err = app.AuthzKeeper.GetAuthorizations(ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authorizations, 1) + authorization := authorizations[0] + sendAuth := authorization.(*banktypes.SendAuthorization) + require.Equal(sendAuth.SpendLimit, sendAutz.SpendLimit) + require.Equal(sendAuth.MsgTypeURL(), sendAutz.MsgTypeURL()) + + s.T().Log("verify removing non existing authorization returns error") + err = app.AuthzKeeper.DeleteGrant(ctx, granterAddr, granteeAddr, "abcd") + s.Require().Error(err) } func (s *TestSuite) TestKeeperIter() { @@ -99,99 +106,159 @@ func (s *TestSuite) TestKeeperIter() { granterAddr := addrs[0] granteeAddr := addrs[1] + granter2Addr := addrs[2] - s.T().Log("verify that no authorization returns nil") - authorization, expiration := app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, "Abcd") - s.Require().Nil(authorization) - s.Require().Equal(time.Time{}, expiration) - now := s.ctx.BlockHeader().Time.Add(time.Second) - - newCoins := sdk.NewCoins(sdk.NewInt64Coin("steak", 100)) - s.T().Log("verify if expired authorization is rejected") - x := &banktypes.SendAuthorization{SpendLimit: newCoins} - err := app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, x, now.Add(-1*time.Hour)) - s.Require().Error(err) - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, "abcd") - s.Require().Nil(authorization) + s.app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, banktypes.NewSendAuthorization(coins100), ctx.BlockTime().AddDate(1, 0, 0)) + s.app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granter2Addr, banktypes.NewSendAuthorization(coins100), ctx.BlockTime().AddDate(1, 0, 0)) app.AuthzKeeper.IterateGrants(ctx, func(granter, grantee sdk.AccAddress, grant authz.Grant) bool { - s.Require().Equal(granter, granterAddr) - s.Require().Equal(grantee, granteeAddr) + s.Require().Equal(granteeAddr, grantee) + s.Require().Contains([]sdk.AccAddress{granterAddr, granter2Addr}, granter) return true }) } -func (s *TestSuite) TestKeeperFees() { +func (s *TestSuite) TestDispatchAction() { app, addrs := s.app, s.addrs + require := s.Require() + now := s.ctx.BlockTime() granterAddr := addrs[0] granteeAddr := addrs[1] recipientAddr := addrs[2] - s.Require().NoError(testutil.FundAccount(app.BankKeeper, s.ctx, granterAddr, sdk.NewCoins(sdk.NewInt64Coin("steak", 10000)))) - expiration := s.ctx.BlockHeader().Time.Add(1 * time.Second) - - smallCoin := sdk.NewCoins(sdk.NewInt64Coin("steak", 20)) - someCoin := sdk.NewCoins(sdk.NewInt64Coin("steak", 123)) - msgs := authz.NewMsgExec(granteeAddr, []sdk.Msg{ - &banktypes.MsgSend{ - Amount: sdk.NewCoins(sdk.NewInt64Coin("steak", 2)), - FromAddress: granterAddr.String(), - ToAddress: recipientAddr.String(), + require.NoError(testutil.FundAccount(app.BankKeeper, s.ctx, granterAddr, coins1000)) + + testCases := []struct { + name string + req authz.MsgExec + expectErr bool + errMsg string + preRun func() sdk.Context + postRun func() + }{ + { + "expect error authorization not found", + authz.NewMsgExec(granteeAddr, []sdk.Msg{ + &banktypes.MsgSend{ + Amount: coins10, + FromAddress: granterAddr.String(), + ToAddress: recipientAddr.String(), + }, + }), + true, + "authorization not found", + func() sdk.Context { + // remove any existing authorizations + app.AuthzKeeper.DeleteGrant(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) + return s.ctx + }, + func() {}, }, - }) - - s.Require().NoError(msgs.UnpackInterfaces(app.AppCodec())) - - s.T().Log("verify dispatch fails with invalid authorization") - executeMsgs, err := msgs.GetMessages() - s.Require().NoError(err) - result, err := app.AuthzKeeper.DispatchActions(s.ctx, granteeAddr, executeMsgs) - - s.Require().Nil(result) - s.Require().NotNil(err) - - s.T().Log("verify dispatch executes with correct information") - // grant authorization - err = app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: smallCoin}, expiration) - s.Require().NoError(err) - authorization, _ := app.AuthzKeeper.GetCleanAuthorization(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().NotNil(authorization) - - s.Require().Equal(authorization.MsgTypeURL(), bankSendAuthMsgType) - - executeMsgs, err = msgs.GetMessages() - s.Require().NoError(err) - - result, err = app.AuthzKeeper.DispatchActions(s.ctx, granteeAddr, executeMsgs) - s.Require().NoError(err) - s.Require().NotNil(result) - - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().NotNil(authorization) - - s.T().Log("verify dispatch fails with overlimit") - // grant authorization - - msgs = authz.NewMsgExec(granteeAddr, []sdk.Msg{ - &banktypes.MsgSend{ - Amount: someCoin, - FromAddress: granterAddr.String(), - ToAddress: recipientAddr.String(), + { + "expect error expired authorization", + authz.NewMsgExec(granteeAddr, []sdk.Msg{ + &banktypes.MsgSend{ + Amount: coins10, + FromAddress: granterAddr.String(), + ToAddress: recipientAddr.String(), + }, + }), + true, + "authorization expired", + func() sdk.Context { + err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, banktypes.NewSendAuthorization(coins100), now.AddDate(0, 0, 1)) + require.NoError(err) + return s.ctx.WithBlockTime(s.ctx.BlockTime().AddDate(0, 0, 2)) + }, + func() {}, }, - }) - - s.Require().NoError(msgs.UnpackInterfaces(app.AppCodec())) - executeMsgs, err = msgs.GetMessages() - s.Require().NoError(err) + { + "expect error over spent limit", + authz.NewMsgExec(granteeAddr, []sdk.Msg{ + &banktypes.MsgSend{ + Amount: coins1000, + FromAddress: granterAddr.String(), + ToAddress: recipientAddr.String(), + }, + }), + true, + "requested amount is more than spend limit", + func() sdk.Context { + err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, banktypes.NewSendAuthorization(coins100), now.AddDate(0, 1, 0)) + require.NoError(err) + return s.ctx + }, + func() {}, + }, + { + "valid test verify amount left", + authz.NewMsgExec(granteeAddr, []sdk.Msg{ + &banktypes.MsgSend{ + Amount: coins10, + FromAddress: granterAddr.String(), + ToAddress: recipientAddr.String(), + }, + }), + false, + "", + func() sdk.Context { + err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, banktypes.NewSendAuthorization(coins100), now.AddDate(0, 1, 0)) + require.NoError(err) + return s.ctx + }, + func() { + authzs, err := app.AuthzKeeper.GetAuthorizations(s.ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authzs, 1) + authorization := authzs[0].(*banktypes.SendAuthorization) + require.NotNil(authorization) + require.Equal(authorization.SpendLimit, coins100.Sub(coins10)) + }, + }, + { + "valid test verify authorization is removed when it is used up", + authz.NewMsgExec(granteeAddr, []sdk.Msg{ + &banktypes.MsgSend{ + Amount: coins100, + FromAddress: granterAddr.String(), + ToAddress: recipientAddr.String(), + }, + }), + false, + "", + func() sdk.Context { + err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, banktypes.NewSendAuthorization(coins100), now.AddDate(0, 1, 0)) + require.NoError(err) + return s.ctx + }, + func() { + authzs, err := app.AuthzKeeper.GetAuthorizations(s.ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authzs, 0) + }, + }, + } - result, err = app.AuthzKeeper.DispatchActions(s.ctx, granteeAddr, executeMsgs) - s.Require().Nil(result) - s.Require().NotNil(err) + for _, tc := range testCases { + s.Run(tc.name, func() { + ctx := tc.preRun() + executeMsgs, err := tc.req.GetMessages() + require.NoError(err) + result, err := app.AuthzKeeper.DispatchActions(ctx, granteeAddr, executeMsgs) + if tc.expectErr { + require.Error(err) + require.Nil(result) + require.Contains(err.Error(), tc.errMsg) + } else { + require.NoError(err) + require.NotNil(result) + } + tc.postRun() + }) + } - authorization, _ = app.AuthzKeeper.GetCleanAuthorization(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - s.Require().NotNil(authorization) } // Tests that all msg events included in an authz MsgExec tx @@ -202,23 +269,24 @@ func (s *TestSuite) TestDispatchedEvents() { granterAddr := addrs[0] granteeAddr := addrs[1] recipientAddr := addrs[2] - require.NoError(testutil.FundAccount(app.BankKeeper, s.ctx, granterAddr, sdk.NewCoins(sdk.NewInt64Coin("steak", 10000)))) - expiration := s.ctx.BlockHeader().Time.Add(1 * time.Second) // must be in the future + require.NoError(testutil.FundAccount(app.BankKeeper, s.ctx, granterAddr, coins1000)) + expiration := s.ctx.BlockTime().Add(1 * time.Second) // must be in the future - smallCoin := sdk.NewCoins(sdk.NewInt64Coin("steak", 20)) msgs := authz.NewMsgExec(granteeAddr, []sdk.Msg{ &banktypes.MsgSend{ - Amount: sdk.NewCoins(sdk.NewInt64Coin("steak", 2)), + Amount: coins10, FromAddress: granterAddr.String(), ToAddress: recipientAddr.String(), }, }) // grant authorization - err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: smallCoin}, expiration) + err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: coins10}, expiration) require.NoError(err) - authorization, _ := app.AuthzKeeper.GetCleanAuthorization(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) - require.NotNil(authorization) + authorizations, err := app.AuthzKeeper.GetAuthorizations(s.ctx, granteeAddr, granterAddr) + require.NoError(err) + require.Len(authorizations, 1) + authorization := authorizations[0].(*banktypes.SendAuthorization) require.Equal(authorization.MsgTypeURL(), bankSendAuthMsgType) executeMsgs, err := msgs.GetMessages() @@ -244,6 +312,49 @@ func (s *TestSuite) TestDispatchedEvents() { } } +func (s *TestSuite) TestDequeueAllGrantsQueue() { + require := s.Require() + app, addrs := s.app, s.addrs + granter := addrs[0] + grantee := addrs[1] + grantee1 := addrs[2] + exp := s.ctx.BlockTime().AddDate(0, 0, 1) + + // create few authorizations + err := app.AuthzKeeper.SaveGrant(s.ctx, grantee, granter, &banktypes.SendAuthorization{SpendLimit: coins100}, exp) + require.NoError(err) + + err = app.AuthzKeeper.SaveGrant(s.ctx, grantee1, granter, &banktypes.SendAuthorization{SpendLimit: coins100}, exp) + require.NoError(err) + + err = app.AuthzKeeper.SaveGrant(s.ctx, granter, grantee1, &banktypes.SendAuthorization{SpendLimit: coins100}, exp.AddDate(0, 1, 0)) + require.NoError(err) + + err = app.AuthzKeeper.SaveGrant(s.ctx, granter, grantee, &banktypes.SendAuthorization{SpendLimit: coins100}, exp.AddDate(2, 0, 0)) + require.NoError(err) + + newCtx := s.ctx.WithBlockTime(exp.AddDate(1, 0, 0)) + err = app.AuthzKeeper.DequeueAndDeleteExpiredGrants(newCtx) + require.NoError(err) + + s.T().Log("verify expired grants are pruned from the state") + authzs, err := app.AuthzKeeper.GetAuthorizations(newCtx, grantee, granter) + require.NoError(err) + require.Len(authzs, 0) + + authzs, err = app.AuthzKeeper.GetAuthorizations(newCtx, granter, grantee1) + require.NoError(err) + require.Len(authzs, 0) + + authzs, err = app.AuthzKeeper.GetAuthorizations(newCtx, grantee1, granter) + require.NoError(err) + require.Len(authzs, 0) + + authzs, err = app.AuthzKeeper.GetAuthorizations(newCtx, granter, grantee) + require.NoError(err) + require.Len(authzs, 1) +} + func TestTestSuite(t *testing.T) { suite.Run(t, new(TestSuite)) } diff --git a/x/authz/keeper/keys.go b/x/authz/keeper/keys.go index 03a603e37834..9414a84408b8 100644 --- a/x/authz/keeper/keys.go +++ b/x/authz/keeper/keys.go @@ -1,6 +1,8 @@ package keeper import ( + "time" + "github.com/cosmos/cosmos-sdk/internal/conv" sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/cosmos-sdk/types/address" @@ -9,10 +11,18 @@ import ( ) // Keys for store prefixes +// Items are stored with the following key: values +// +// - 0x01: Grant +// - 0x02: GrantQueueItem +// var ( - GrantKey = []byte{0x01} // prefix for each key + GrantKey = []byte{0x01} // prefix for each key + GrantQueuePrefix = []byte{0x02} ) +var lenTime = len(sdk.FormatTimeBytes(time.Now())) + // StoreKey is the store key string for authz const StoreKey = authz.ModuleName @@ -35,8 +45,8 @@ func grantStoreKey(grantee sdk.AccAddress, granter sdk.AccAddress, msgType strin return key } -// addressesFromGrantStoreKey - split granter & grantee address from the authorization key -func addressesFromGrantStoreKey(key []byte) (granterAddr, granteeAddr sdk.AccAddress) { +// parseGrantStoreKey - split granter, grantee address and msg type from the authorization key +func parseGrantStoreKey(key []byte) (granterAddr, granteeAddr sdk.AccAddress, msgType string) { // key is of format: // 0x01 kv.AssertKeyAtLeastLength(key, 2) @@ -47,7 +57,53 @@ func addressesFromGrantStoreKey(key []byte) (granterAddr, granteeAddr sdk.AccAdd kv.AssertKeyAtLeastLength(key, 4+int(granterAddrLen+byte(granteeAddrLen))) granteeAddr = sdk.AccAddress(key[3+granterAddrLen : 3+granterAddrLen+byte(granteeAddrLen)]) - return granterAddr, granteeAddr + return granterAddr, granteeAddr, conv.UnsafeBytesToStr(key[3+granterAddrLen+byte(granteeAddrLen):]) +} + +// parseGrantQueueKey split expiration time, granter and grantee from the grant queue key +func parseGrantQueueKey(key []byte) (time.Time, sdk.AccAddress, sdk.AccAddress, error) { + // key is of format: + // 0x02 + + kv.AssertKeyAtLeastLength(key, 1+lenTime) + exp, err := sdk.ParseTimeBytes(key[1 : 1+lenTime]) + if err != nil { + return exp, nil, nil, err + } + + granterAddrLen := key[1+lenTime] + kv.AssertKeyAtLeastLength(key, 1+lenTime+int(granterAddrLen)) + granter := sdk.AccAddress(key[2+lenTime : byte(2+lenTime)+granterAddrLen]) + + granteeAddrLen := key[byte(2+lenTime)+granterAddrLen] + granteeStart := byte(3+lenTime) + granterAddrLen + kv.AssertKeyAtLeastLength(key, int(granteeStart)) + grantee := sdk.AccAddress(key[granteeStart : granteeStart+granteeAddrLen]) + + return exp, granter, grantee, nil +} + +// GrantQueueKey - return grant queue store key +// Key format is +// +// - 0x02: GrantQueueItem +func GrantQueueKey(expiration time.Time, granter sdk.AccAddress, grantee sdk.AccAddress) []byte { + exp := sdk.FormatTimeBytes(expiration) + granter = address.MustLengthPrefix(granter) + grantee = address.MustLengthPrefix(grantee) + + l := 1 + len(exp) + len(granter) + len(grantee) + var key = make([]byte, l) + copy(key, GrantQueuePrefix) + copy(key[1:], exp) + copy(key[1+len(exp):], granter) + copy(key[1+len(exp)+len(granter):], grantee) + return key +} + +// GrantQueueTimePrefix - return grant queue time prefix +func GrantQueueTimePrefix(expiration time.Time) []byte { + return append(GrantQueuePrefix, sdk.FormatTimeBytes(expiration)...) } // firstAddressFromGrantStoreKey parses the first address only diff --git a/x/authz/keeper/keys_test.go b/x/authz/keeper/keys_test.go index 4af555eef410..7a7858f704ff 100644 --- a/x/authz/keeper/keys_test.go +++ b/x/authz/keeper/keys_test.go @@ -2,6 +2,7 @@ package keeper import ( "testing" + "time" "github.com/stretchr/testify/require" @@ -20,7 +21,19 @@ func TestGrantkey(t *testing.T) { key := grantStoreKey(grantee, granter, msgType) require.Len(key, len(GrantKey)+len(address.MustLengthPrefix(grantee))+len(address.MustLengthPrefix(granter))+len([]byte(msgType))) - granter1, grantee1 := addressesFromGrantStoreKey(grantStoreKey(grantee, granter, msgType)) + granter1, grantee1, msgType1 := parseGrantStoreKey(grantStoreKey(grantee, granter, msgType)) require.Equal(granter, granter1) require.Equal(grantee, grantee1) + require.Equal(msgType1, msgType) +} + +func TestGrantQueueKey(t *testing.T) { + blockTime := time.Now().UTC() + queueKey := GrantQueueKey(blockTime, granter, grantee) + + expiration, granter1, grantee1, err := parseGrantQueueKey(queueKey) + require.NoError(t, err) + require.Equal(t, blockTime, expiration) + require.Equal(t, granter, granter1) + require.Equal(t, grantee, grantee1) } diff --git a/x/authz/keeper/migrations.go b/x/authz/keeper/migrations.go new file mode 100644 index 000000000000..f05cbdf7b298 --- /dev/null +++ b/x/authz/keeper/migrations.go @@ -0,0 +1,21 @@ +package keeper + +import ( + sdk "github.com/cosmos/cosmos-sdk/types" + v045 "github.com/cosmos/cosmos-sdk/x/authz/migrations/v045" +) + +// Migrator is a struct for handling in-place store migrations. +type Migrator struct { + keeper Keeper +} + +// NewMigrator returns a new Migrator. +func NewMigrator(keeper Keeper) Migrator { + return Migrator{keeper: keeper} +} + +// Migrate1to2 migrates from version 1 to 2. +func (m Migrator) Migrate1to2(ctx sdk.Context) error { + return v045.MigrateStore(ctx, m.keeper.storeKey, m.keeper.cdc) +} diff --git a/x/authz/keeper/msg_server.go b/x/authz/keeper/msg_server.go index ae0113ac7e6d..ac81b60b6469 100644 --- a/x/authz/keeper/msg_server.go +++ b/x/authz/keeper/msg_server.go @@ -29,9 +29,9 @@ func (k Keeper) Grant(goCtx context.Context, msg *authz.MsgGrant) (*authz.MsgGra return nil, err } - authorization := msg.GetAuthorization() - if authorization == nil { - return nil, sdkerrors.ErrUnpackAny.Wrap("Authorization is not present in the msg") + authorization, err := msg.GetAuthorization() + if err != nil { + return nil, err } t := authorization.MsgTypeURL() if k.router.HandlerByTypeURL(t) == nil { diff --git a/x/authz/migrations/v045/keys.go b/x/authz/migrations/v045/keys.go new file mode 100644 index 000000000000..5c0356cec07d --- /dev/null +++ b/x/authz/migrations/v045/keys.go @@ -0,0 +1,73 @@ +package v045 + +import ( + "time" + + "github.com/cosmos/cosmos-sdk/internal/conv" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/address" + "github.com/cosmos/cosmos-sdk/types/kv" +) + +// Keys for store prefixes +// Items are stored with the following key: values +// +// - 0x01: Grant +// - 0x02: GrantQueueItem +// +var ( + GrantPrefix = []byte{0x01} + GrantQueuePrefix = []byte{0x02} +) + +// GrantQueueKey - return grant queue store key +// Key format is +// +// - 0x02: GrantQueueItem +func GrantQueueKey(expiration time.Time, granter sdk.AccAddress, grantee sdk.AccAddress) []byte { + exp := sdk.FormatTimeBytes(expiration) + granter = address.MustLengthPrefix(granter) + grantee = address.MustLengthPrefix(grantee) + + l := 1 + len(exp) + len(granter) + len(grantee) + var key = make([]byte, l) + copy(key, GrantQueuePrefix) + copy(key[1:], exp) + copy(key[1+len(exp):], granter) + copy(key[1+len(exp)+len(granter):], grantee) + return key +} + +// GrantStoreKey - return authorization store key +// Items are stored with the following key: values +// +// - 0x01: Grant +func GrantStoreKey(grantee sdk.AccAddress, granter sdk.AccAddress, msgType string) []byte { + m := conv.UnsafeStrToBytes(msgType) + granter = address.MustLengthPrefix(granter) + grantee = address.MustLengthPrefix(grantee) + + l := 1 + len(grantee) + len(granter) + len(m) + var key = make([]byte, l) + copy(key, GrantPrefix) + copy(key[1:], granter) + copy(key[1+len(granter):], grantee) + copy(key[l-len(m):], m) + + return key +} + +// ParseGrantKey - split granter, grantee address and msg type from the authorization key +func ParseGrantKey(key []byte) (granterAddr, granteeAddr sdk.AccAddress, msgType string) { + // key is of format: + // + kv.AssertKeyAtLeastLength(key, 2) + granterAddrLen := key[0] + kv.AssertKeyAtLeastLength(key, int(2+granterAddrLen)) + granterAddr = sdk.AccAddress(key[1 : 1+granterAddrLen]) + granteeAddrLen := int(key[1+granterAddrLen]) + kv.AssertKeyAtLeastLength(key, 3+int(granterAddrLen+byte(granteeAddrLen))) + granteeAddr = sdk.AccAddress(key[2+granterAddrLen : 2+granterAddrLen+byte(granteeAddrLen)]) + + return granterAddr, granteeAddr, conv.UnsafeBytesToStr(key[2+granterAddrLen+byte(granteeAddrLen):]) +} diff --git a/x/authz/migrations/v045/keys_test.go b/x/authz/migrations/v045/keys_test.go new file mode 100644 index 000000000000..d19d294a1d23 --- /dev/null +++ b/x/authz/migrations/v045/keys_test.go @@ -0,0 +1,26 @@ +package v045 + +import ( + "testing" + + "github.com/cosmos/cosmos-sdk/crypto/keys/ed25519" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/types/address" + bank "github.com/cosmos/cosmos-sdk/x/bank/types" + "github.com/stretchr/testify/require" +) + +var granter = sdk.AccAddress(ed25519.GenPrivKey().PubKey().Address()) +var grantee = sdk.AccAddress(ed25519.GenPrivKey().PubKey().Address()) +var msgType = bank.SendAuthorization{}.MsgTypeURL() + +func TestGrantkey(t *testing.T) { + require := require.New(t) + key := GrantStoreKey(grantee, granter, msgType) + require.Len(key, len(GrantPrefix)+len(address.MustLengthPrefix(grantee))+len(address.MustLengthPrefix(granter))+len([]byte(msgType))) + + granter1, grantee1, msgType1 := ParseGrantKey(key[1:]) + require.Equal(granter, granter1) + require.Equal(grantee, grantee1) + require.Equal(msgType1, msgType) +} diff --git a/x/authz/migrations/v045/store.go b/x/authz/migrations/v045/store.go new file mode 100644 index 000000000000..7fb4638e0af6 --- /dev/null +++ b/x/authz/migrations/v045/store.go @@ -0,0 +1,69 @@ +package v045 + +import ( + "github.com/cosmos/cosmos-sdk/codec" + "github.com/cosmos/cosmos-sdk/internal/conv" + "github.com/cosmos/cosmos-sdk/store/prefix" + storetypes "github.com/cosmos/cosmos-sdk/store/types" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/x/authz" +) + +// MigrateStore performs in-place store migrations from v0.44 to v0.45. The +// migration includes: +// +// - pruning expired authorizations +// - create secondary index for pruning expired authorizations +func MigrateStore(ctx sdk.Context, storeKey storetypes.StoreKey, cdc codec.BinaryCodec) error { + store := ctx.KVStore(storeKey) + err := addExpiredGrantsIndex(ctx, store, cdc) + if err != nil { + return err + } + + return nil +} + +func addExpiredGrantsIndex(ctx sdk.Context, store storetypes.KVStore, cdc codec.BinaryCodec) error { + grantsStore := prefix.NewStore(store, GrantPrefix) + + grantsIter := grantsStore.Iterator(nil, nil) + defer grantsIter.Close() + + queueItems := make(map[string][]string) + for ; grantsIter.Valid(); grantsIter.Next() { + var grant authz.Grant + bz := grantsIter.Value() + if err := cdc.Unmarshal(bz, &grant); err != nil { + return err + } + + // delete expired authorization + if grant.Expiration.Before(ctx.BlockTime()) { + grantsStore.Delete(grantsIter.Key()) + } else { + granter, grantee, msgType := ParseGrantKey(grantsIter.Key()) + key := GrantQueueKey(grant.Expiration, granter, grantee) + + queueItem, ok := queueItems[conv.UnsafeBytesToStr(key)] + if !ok { + queueItems[string(key)] = []string{msgType} + } else { + queueItem = append(queueItem, msgType) + queueItems[string(key)] = queueItem + } + } + } + + for key, v := range queueItems { + bz, err := cdc.Marshal(&authz.GrantQueueItem{ + MsgTypeUrls: v, + }) + if err != nil { + return err + } + store.Set(conv.UnsafeStrToBytes(key), bz) + } + + return nil +} diff --git a/x/authz/migrations/v045/store_test.go b/x/authz/migrations/v045/store_test.go new file mode 100644 index 000000000000..e86eb694a76c --- /dev/null +++ b/x/authz/migrations/v045/store_test.go @@ -0,0 +1,107 @@ +package v045_test + +import ( + "testing" + "time" + + codectypes "github.com/cosmos/cosmos-sdk/codec/types" + "github.com/cosmos/cosmos-sdk/crypto/keys/ed25519" + "github.com/cosmos/cosmos-sdk/simapp" + "github.com/cosmos/cosmos-sdk/testutil" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/x/authz" + v045 "github.com/cosmos/cosmos-sdk/x/authz/migrations/v045" + banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" + govtypes "github.com/cosmos/cosmos-sdk/x/gov/types/v1beta1" + "github.com/stretchr/testify/require" +) + +func TestMigration(t *testing.T) { + encCfg := simapp.MakeTestEncodingConfig() + cdc := encCfg.Codec + authzKey := sdk.NewKVStoreKey("authz") + ctx := testutil.DefaultContext(authzKey, sdk.NewTransientStoreKey("transient_test")) + granter1 := sdk.AccAddress(ed25519.GenPrivKey().PubKey().Address()) + grantee1 := sdk.AccAddress(ed25519.GenPrivKey().PubKey().Address()) + granter2 := sdk.AccAddress(ed25519.GenPrivKey().PubKey().Address()) + grantee2 := sdk.AccAddress(ed25519.GenPrivKey().PubKey().Address()) + + sendMsgType := banktypes.SendAuthorization{}.MsgTypeURL() + genericMsgType := sdk.MsgTypeURL(&govtypes.MsgVote{}) + coins100 := sdk.NewCoins(sdk.NewInt64Coin("atom", 100)) + oneDay := ctx.BlockTime().AddDate(0, 0, 1) + + grants := []struct { + granter sdk.AccAddress + grantee sdk.AccAddress + msgType string + authorization func() authz.Grant + }{ + { + granter1, + grantee1, + sendMsgType, + func() authz.Grant { + any, err := codectypes.NewAnyWithValue(banktypes.NewSendAuthorization(coins100)) + require.NoError(t, err) + return authz.Grant{ + Authorization: any, + Expiration: oneDay, + } + }, + }, + { + granter1, + grantee2, + sendMsgType, + func() authz.Grant { + any, err := codectypes.NewAnyWithValue(banktypes.NewSendAuthorization(coins100)) + require.NoError(t, err) + return authz.Grant{ + Authorization: any, + Expiration: oneDay, + } + }, + }, + { + granter2, + grantee1, + genericMsgType, + func() authz.Grant { + any, err := codectypes.NewAnyWithValue(authz.NewGenericAuthorization(genericMsgType)) + require.NoError(t, err) + return authz.Grant{ + Authorization: any, + Expiration: oneDay.AddDate(1, 0, 0), + } + }, + }, + { + granter2, + grantee2, + genericMsgType, + func() authz.Grant { + any, err := codectypes.NewAnyWithValue(authz.NewGenericAuthorization(genericMsgType)) + require.NoError(t, err) + return authz.Grant{ + Authorization: any, + Expiration: ctx.BlockTime(), + } + }, + }, + } + + store := ctx.KVStore(authzKey) + + for _, g := range grants { + grant := g.authorization() + store.Set(v045.GrantStoreKey(g.grantee, g.granter, g.msgType), cdc.MustMarshal(&grant)) + } + + ctx = ctx.WithBlockTime(ctx.BlockTime().Add(1 * time.Hour)) + require.NoError(t, v045.MigrateStore(ctx, authzKey, cdc)) + + require.NotNil(t, store.Get(v045.GrantStoreKey(grantee1, granter2, genericMsgType))) + require.NotNil(t, store.Get(v045.GrantStoreKey(grantee1, granter1, sendMsgType))) + require.Nil(t, store.Get(v045.GrantStoreKey(grantee2, granter2, genericMsgType))) +} diff --git a/x/authz/module/abci.go b/x/authz/module/abci.go new file mode 100644 index 000000000000..e85044a95df4 --- /dev/null +++ b/x/authz/module/abci.go @@ -0,0 +1,15 @@ +package authz + +import ( + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/x/authz/keeper" +) + +// BeginBlocker is called at the begining of every block +func BeginBlocker(ctx sdk.Context, keeper keeper.Keeper) { + + // delete all the mature grants + if err := keeper.DequeueAndDeleteExpiredGrants(ctx); err != nil { + panic(err) + } +} diff --git a/x/authz/module/abci_test.go b/x/authz/module/abci_test.go new file mode 100644 index 000000000000..1dc8d5afdf6b --- /dev/null +++ b/x/authz/module/abci_test.go @@ -0,0 +1,52 @@ +package authz_test + +import ( + "testing" + + "github.com/cosmos/cosmos-sdk/baseapp" + "github.com/cosmos/cosmos-sdk/simapp" + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/cosmos-sdk/x/authz" + authzmodule "github.com/cosmos/cosmos-sdk/x/authz/module" + banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" + "github.com/stretchr/testify/require" + "github.com/tendermint/tendermint/proto/tendermint/types" +) + +func TestExpiredGrantsQueue(t *testing.T) { + app := simapp.Setup(t, false) + ctx := app.BaseApp.NewContext(false, types.Header{}) + addrs := simapp.AddTestAddrsIncremental(app, ctx, 4, sdk.NewInt(30000000)) + granter := addrs[0] + grantee1 := addrs[1] + grantee2 := addrs[2] + grantee3 := addrs[3] + expiration := ctx.BlockTime().AddDate(0, 1, 0) + smallCoins := sdk.NewCoins(sdk.NewInt64Coin("stake", 10)) + + app.AuthzKeeper.SaveGrant(ctx, grantee1, granter, banktypes.NewSendAuthorization(smallCoins), expiration) + app.AuthzKeeper.SaveGrant(ctx, grantee2, granter, banktypes.NewSendAuthorization(smallCoins), expiration) + app.AuthzKeeper.SaveGrant(ctx, grantee3, granter, banktypes.NewSendAuthorization(smallCoins), expiration.AddDate(1, 0, 0)) + + queryHelper := baseapp.NewQueryServerTestHelper(ctx, app.InterfaceRegistry()) + authz.RegisterQueryServer(queryHelper, app.AuthzKeeper) + queryClient := authz.NewQueryClient(queryHelper) + + authzmodule.BeginBlocker(ctx, app.AuthzKeeper) + + res, err := queryClient.GranterGrants(ctx.Context(), &authz.QueryGranterGrantsRequest{ + Granter: granter.String(), + }) + require.NoError(t, err) + require.NotNil(t, res) + require.Len(t, res.Grants, 3) + + ctx = ctx.WithBlockTime(expiration.AddDate(0, 2, 0)) + authzmodule.BeginBlocker(ctx, app.AuthzKeeper) + res, err = queryClient.GranterGrants(ctx.Context(), &authz.QueryGranterGrantsRequest{ + Granter: granter.String(), + }) + require.NoError(t, err) + require.NotNil(t, res) + require.Len(t, res.Grants, 1) +} diff --git a/x/authz/module/module.go b/x/authz/module/module.go index 5e779244aa48..50216e22e9c8 100644 --- a/x/authz/module/module.go +++ b/x/authz/module/module.go @@ -44,6 +44,11 @@ func (AppModuleBasic) Name() string { func (am AppModule) RegisterServices(cfg module.Configurator) { authz.RegisterQueryServer(cfg.QueryServer(), am.keeper) authz.RegisterMsgServer(cfg.MsgServer(), am.keeper) + m := keeper.NewMigrator(am.keeper) + err := cfg.RegisterMigration(authz.ModuleName, 1, m.Migrate1to2) + if err != nil { + panic(err) + } } // RegisterLegacyAminoCodec registers the authz module's types for the given codec. @@ -153,9 +158,12 @@ func (am AppModule) ExportGenesis(ctx sdk.Context, cdc codec.JSONCodec) json.Raw } // ConsensusVersion implements AppModule/ConsensusVersion. -func (AppModule) ConsensusVersion() uint64 { return 1 } +func (AppModule) ConsensusVersion() uint64 { return 2 } -func (am AppModule) BeginBlock(ctx sdk.Context, req abci.RequestBeginBlock) {} +// BeginBlock returns the begin blocker for the authz module. +func (am AppModule) BeginBlock(ctx sdk.Context, req abci.RequestBeginBlock) { + BeginBlocker(ctx, am.keeper) +} // EndBlock does nothing func (am AppModule) EndBlock(ctx sdk.Context, _ abci.RequestEndBlock) []abci.ValidatorUpdate { diff --git a/x/authz/msgs.go b/x/authz/msgs.go index 8ec3c3f00622..5216af3bc631 100644 --- a/x/authz/msgs.go +++ b/x/authz/msgs.go @@ -80,7 +80,7 @@ func (msg MsgGrant) GetSignBytes() []byte { } // GetAuthorization returns the cache value from the MsgGrant.Authorization if present. -func (msg *MsgGrant) GetAuthorization() Authorization { +func (msg *MsgGrant) GetAuthorization() (Authorization, error) { return msg.Grant.GetAuthorization() } diff --git a/x/authz/msgs_test.go b/x/authz/msgs_test.go index 722ba38f0ca8..abc025818595 100644 --- a/x/authz/msgs_test.go +++ b/x/authz/msgs_test.go @@ -109,9 +109,14 @@ func TestMsgGrantGetAuthorization(t *testing.T) { var err error m.Grant.Authorization, err = cdctypes.NewAnyWithValue(&g) require.NoError(err) - require.Equal(m.GetAuthorization(), &g) + + a, err := m.GetAuthorization() + require.NoError(err) + require.Equal(a, &g) g = authz.GenericAuthorization{Msg: "some_type2"} m.SetAuthorization(&g) - require.Equal(m.GetAuthorization(), &g) + a, err = m.GetAuthorization() + require.NoError(err) + require.Equal(a, &g) } diff --git a/x/authz/simulation/decoder.go b/x/authz/simulation/decoder.go index 908a90abf554..22a686f1a7f7 100644 --- a/x/authz/simulation/decoder.go +++ b/x/authz/simulation/decoder.go @@ -20,6 +20,11 @@ func NewDecodeStore(cdc codec.Codec) func(kvA, kvB kv.Pair) string { cdc.MustUnmarshal(kvA.Value, &grantA) cdc.MustUnmarshal(kvB.Value, &grantB) return fmt.Sprintf("%v\n%v", grantA, grantB) + case bytes.Equal(kvA.Key[:1], keeper.GrantQueuePrefix): + var grantA, grantB authz.GrantQueueItem + cdc.MustUnmarshal(kvA.Value, &grantA) + cdc.MustUnmarshal(kvB.Value, &grantB) + return fmt.Sprintf("%v\n%v", grantA, grantB) default: panic(fmt.Sprintf("invalid authz key %X", kvA.Key)) } diff --git a/x/authz/simulation/operations.go b/x/authz/simulation/operations.go index b70c3be054a7..81a00d5cdd98 100644 --- a/x/authz/simulation/operations.go +++ b/x/authz/simulation/operations.go @@ -108,7 +108,10 @@ func SimulateMsgGrant(ak authz.AccountKeeper, bk authz.BankKeeper, _ keeper.Keep return simtypes.NoOpMsg(authz.ModuleName, TypeMsgGrant, "spend limit is nil"), nil, nil } - expiration := ctx.BlockTime().AddDate(1, 0, 0) + expiration := simtypes.RandTimestamp(r) + if expiration.Before(ctx.BlockTime()) { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgGrant, "past time"), nil, nil + } msg, err := authz.NewMsgGrant(granter.Address, grantee.Address, generateRandomAuthorization(r, spendLimit), expiration) if err != nil { return simtypes.NoOpMsg(authz.ModuleName, TypeMsgGrant, err.Error()), nil, err @@ -176,7 +179,11 @@ func SimulateMsgRevoke(ak authz.AccountKeeper, bk authz.BankKeeper, k keeper.Kee return simtypes.NoOpMsg(authz.ModuleName, TypeMsgRevoke, "fee error"), nil, err } - a := grant.GetAuthorization() + a, err := grant.GetAuthorization() + if err != nil { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgRevoke, "authorization error"), nil, err + } + msg := authz.NewMsgRevoke(granterAddr, granteeAddr, a.MsgTypeURL()) txCfg := simappparams.MakeTestEncodingConfig().TxConfig account := ak.GetAccount(ctx, granterAddr) @@ -242,7 +249,12 @@ func SimulateMsgExec(ak authz.AccountKeeper, bk authz.BankKeeper, k keeper.Keepe } msg := []sdk.Msg{banktype.NewMsgSend(granterAddr, granteeAddr, coins)} - sendAuth, ok := targetGrant.GetAuthorization().(*banktype.SendAuthorization) + authorization, err := targetGrant.GetAuthorization() + if err != nil{ + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, err.Error()), nil, err + } + + sendAuth, ok := authorization.(*banktype.SendAuthorization) if !ok { return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "not a send authorization"), nil, nil } diff --git a/x/authz/simulation/operations_test.go b/x/authz/simulation/operations_test.go index ac57333bc32c..39be98dac950 100644 --- a/x/authz/simulation/operations_test.go +++ b/x/authz/simulation/operations_test.go @@ -40,19 +40,18 @@ func (suite *SimTestSuite) TestWeightedOperations() { suite.app.BankKeeper, suite.app.AuthzKeeper, cdc, ) - // setup 3 accounts - s := rand.NewSource(1) + s := rand.NewSource(3) r := rand.New(s) + // setup 2 accounts accs := suite.getTestingAccounts(r, 2) expected := []struct { weight int opMsgRoute string - opMsgName string }{ - {simulation.WeightGrant, simulation.TypeMsgGrant, simulation.TypeMsgGrant}, - {simulation.WeightExec, simulation.TypeMsgExec, simulation.TypeMsgExec}, - {simulation.WeightRevoke, simulation.TypeMsgRevoke, simulation.TypeMsgRevoke}, + {simulation.WeightGrant, simulation.TypeMsgGrant}, + {simulation.WeightExec, simulation.TypeMsgExec}, + {simulation.WeightRevoke, simulation.TypeMsgRevoke}, } for i, w := range weightedOps { @@ -62,7 +61,7 @@ func (suite *SimTestSuite) TestWeightedOperations() { // will fail suite.Require().Equal(expected[i].weight, w.Weight(), "weight should be the same") suite.Require().Equal(expected[i].opMsgRoute, operationMsg.Route, "route should be the same") - suite.Require().Equal(expected[i].opMsgName, operationMsg.Name, "operation Msg name should be the same") + suite.Require().Equal(expected[i].opMsgRoute, operationMsg.Name, "operation Msg name should be the same") } } @@ -169,7 +168,7 @@ func (suite *SimTestSuite) TestSimulateExec() { grantee := accounts[1] authorization := banktypes.NewSendAuthorization(initCoins) - err := suite.app.AuthzKeeper.SaveGrant(suite.ctx, grantee.Address, granter.Address, authorization, time.Now().Add(30*time.Hour)) + err := suite.app.AuthzKeeper.SaveGrant(suite.ctx, grantee.Address, granter.Address, authorization, suite.ctx.BlockTime().Add(1*time.Hour)) suite.Require().NoError(err) // execute operation diff --git a/x/group/types.pb.go b/x/group/types.pb.go index 5151d457e1a5..c7c2780863e3 100644 --- a/x/group/types.pb.go +++ b/x/group/types.pb.go @@ -649,7 +649,7 @@ type Proposal struct { // has ended. FinalTallyResult TallyResult `protobuf:"bytes,10,opt,name=final_tally_result,json=finalTallyResult,proto3" json:"final_tally_result"` // timeout is the timestamp before which both voting and execution must be - // done. If this timestamp is passed, then the proposal can not be executed + // done. If this timestamp is passed, then the proposal cannot be executed // anymore and should be considered pending delete. This timestamp is checked // against the block header's timestamp. Timeout time.Time `protobuf:"bytes,11,opt,name=timeout,proto3,stdtime" json:"timeout"`