fix: Check that authority owns domain to transfer

Signed-off-by: Dmitry Murzin <diralik@yandex.ru>
hyperledger · Jul 5, 2024 · b713197 · b713197
1 parent 6df73f6
commit b713197
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 6 deletions.
diff --git a/client/tests/integration/mod.rs b/client/tests/integration/mod.rs
@@ -1,6 +1,5 @@
 mod asset;
 mod asset_propagation;
-mod domain_owner_permissions;
 mod events;
 mod extra_functional;
 mod multisig;
@@ -13,6 +12,7 @@ mod set_parameter;
 mod sorting;
 mod status_response;
 mod transfer_asset;
+mod transfer_domain;
 mod triggers;
 mod tx_chain_id;
 mod tx_history;

diff --git a/...s/integration/domain_owner_permissions.rs → client/tests/integration/transfer_domain.rs b/...s/integration/domain_owner_permissions.rs → client/tests/integration/transfer_domain.rs
@@ -1,15 +1,21 @@
 use eyre::Result;
-use iroha::data_model::{prelude::*, transaction::error::TransactionRejectionReason};
+use iroha::{
+    client::Client,
+    data_model::{prelude::*, transaction::error::TransactionRejectionReason},
+};
+use iroha_crypto::KeyPair;
 use iroha_executor_data_model::permission::{
     account::CanUnregisterAccount,
     asset::CanUnregisterUserAsset,
     asset_definition::CanUnregisterAssetDefinition,
     domain::{CanRegisterAssetDefinitionInDomain, CanUnregisterDomain},
     trigger::CanUnregisterUserTrigger,
 };
+use iroha_genesis::GenesisBlock;
 use iroha_primitives::json::JsonString;
-use test_network::*;
-use test_samples::{gen_account_in, ALICE_ID, BOB_ID};
+use test_network::{Peer as TestPeer, *};
+use test_samples::{gen_account_in, ALICE_ID, BOB_ID, SAMPLE_GENESIS_ACCOUNT_ID};
+use tokio::runtime::Runtime;
 
 #[test]
 fn domain_owner_domain_permissions() -> Result<()> {
@@ -348,3 +354,45 @@ fn domain_owner_transfer() -> Result<()> {
 
     Ok(())
 }
+
+#[test]
+fn not_allowed_to_transfer_other_user_domain() -> Result<()> {
+    let mut peer = TestPeer::new().expect("Failed to create peer");
+    let topology = vec![peer.id.clone()];
+
+    let users_domain: DomainId = "users".parse()?;
+    let foo_domain: DomainId = "foo".parse()?;
+
+    let user1 = AccountId::new(users_domain.clone(), KeyPair::random().public_key().clone());
+    let user2 = AccountId::new(users_domain.clone(), KeyPair::random().public_key().clone());
+    let genesis_account = SAMPLE_GENESIS_ACCOUNT_ID.clone();
+
+    let instructions: [InstructionBox; 6] = [
+        Register::domain(Domain::new(users_domain.clone())).into(),
+        Register::account(Account::new(user1.clone())).into(),
+        Register::account(Account::new(user2.clone())).into(),
+        Register::domain(Domain::new(foo_domain.clone())).into(),
+        Transfer::domain(genesis_account.clone(), foo_domain.clone(), user1.clone()).into(),
+        Transfer::domain(genesis_account.clone(), users_domain.clone(), user1.clone()).into(),
+    ];
+    let genesis = GenesisBlock::test_with_instructions(instructions, topology);
+
+    let rt = Runtime::test();
+    let builder = PeerBuilder::new().with_genesis(genesis).with_port(11_110);
+    rt.block_on(builder.start_with_peer(&mut peer));
+    let client = Client::test(&peer.api_address);
+    wait_for_genesis_committed(&[client.clone()], 0);
+
+    let domain = client.request(FindDomainById::new(foo_domain.clone()))?;
+    assert_eq!(domain.owned_by(), &user1);
+
+    // Client authority is "alice@wonderlang".
+    // `foo_domain` is owned by `user1@users`.
+    // Alice has no rights to `user1` or `foo_domain`.
+    // Therefore transaction should be rejected.
+    let transfer_domain = Transfer::domain(user1.clone(), foo_domain.clone(), user2.clone());
+    let result = client.submit_blocking(transfer_domain);
+    assert!(result.is_err());
+
+    Ok(())
+}
diff --git a/configs/swarm/executor.wasm b/configs/swarm/executor.wasm
diff --git a/core/src/smartcontracts/isi/domain.rs b/core/src/smartcontracts/isi/domain.rs
@@ -358,7 +358,9 @@ pub mod isi {
             let domain = state_transaction.world.domain_mut(&object)?;
 
             if domain.owned_by != source {
-                return Err(Error::Find(FindError::Account(source)));
+                return Err(Error::InvariantViolation(format!(
+                    "Can't transfer domain {domain} since {source} doesn't own it",
+                )));
             }
 
             domain.owned_by = destination.clone();

diff --git a/smart_contract/executor/src/default.rs b/smart_contract/executor/src/default.rs
@@ -235,7 +235,7 @@ pub mod domain {
             Ok(true) => execute!(executor, isi),
             Ok(false) => {}
         }
-        match is_domain_owner(domain_id, source_id) {
+        match is_domain_owner(domain_id, authority) {
             Err(err) => deny!(executor, err),
             Ok(true) => execute!(executor, isi),
             Ok(false) => {}