96 lines
2.7 KiB
Go
96 lines
2.7 KiB
Go
package roles_test
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/tendermint/go-wire/data"
|
|
|
|
"github.com/tendermint/basecoin"
|
|
"github.com/tendermint/basecoin/modules/roles"
|
|
"github.com/tendermint/basecoin/stack"
|
|
"github.com/tendermint/basecoin/state"
|
|
)
|
|
|
|
// shortcut for the lazy
|
|
type ba []basecoin.Actor
|
|
|
|
func createRole(app basecoin.Handler, store state.KVStore,
|
|
name []byte, min uint32, sigs ...basecoin.Actor) (basecoin.Actor, error) {
|
|
tx := roles.NewCreateRoleTx(name, min, sigs)
|
|
ctx := stack.MockContext("foo", 1)
|
|
_, err := app.DeliverTx(ctx, store, tx)
|
|
return roles.NewPerm(name), err
|
|
}
|
|
|
|
func TestAssumeRole(t *testing.T) {
|
|
assert := assert.New(t)
|
|
require := require.New(t)
|
|
|
|
// one handle to add a role, another to check permissions
|
|
disp := stack.NewDispatcher(
|
|
stack.WrapHandler(roles.NewHandler()),
|
|
stack.WrapHandler(stack.CheckHandler{}),
|
|
)
|
|
// and wrap with the roles middleware
|
|
app := stack.New(roles.NewMiddleware()).Use(disp)
|
|
|
|
// basic state for the app
|
|
ctx := stack.MockContext("role-chain", 123)
|
|
store := state.NewMemKVStore()
|
|
|
|
// potential actors
|
|
a := basecoin.Actor{App: "sig", Address: []byte("jae")}
|
|
b := basecoin.Actor{App: "sig", Address: []byte("bucky")}
|
|
c := basecoin.Actor{App: "sig", Address: []byte("ethan")}
|
|
d := basecoin.Actor{App: "tracko", Address: []byte("rigel")}
|
|
|
|
// devs is a 2-of-3 multisig
|
|
devs := data.Bytes{0, 1, 0, 1}
|
|
pdev, err := createRole(app, store, devs, 2, b, c, d)
|
|
require.Nil(err)
|
|
|
|
// deploy requires a dev role, or supreme authority
|
|
deploy := data.Bytes("deploy")
|
|
_, err = createRole(app, store, deploy, 1, a, pdev)
|
|
require.Nil(err)
|
|
|
|
// now, let's test the roles are set properly
|
|
cases := []struct {
|
|
valid bool
|
|
roles []data.Bytes // which roles we try to assume (can be multiple!)
|
|
signers []basecoin.Actor // which people sign the tx
|
|
required []basecoin.Actor // which permission we require to succeed
|
|
}{
|
|
// basic checks to see logic works
|
|
{true, nil, nil, nil},
|
|
{true, nil, ba{b, c}, ba{b}},
|
|
{false, nil, ba{b}, ba{b, c}},
|
|
|
|
// simple role check
|
|
}
|
|
|
|
for i, tc := range cases {
|
|
// set the signers, the required check
|
|
myCtx := ctx.WithPermissions(tc.signers...)
|
|
tx := stack.NewCheckTx(tc.required)
|
|
// and the roles we attempt to assume
|
|
for _, r := range tc.roles {
|
|
tx = roles.NewAssumeRoleTx(r, tx)
|
|
}
|
|
|
|
// try CheckTx and DeliverTx and make sure they both assert permissions
|
|
_, err := app.CheckTx(myCtx, store, tx)
|
|
_, err2 := app.DeliverTx(myCtx, store, tx)
|
|
if tc.valid {
|
|
assert.Nil(err, "%d: %+v", i, err)
|
|
assert.Nil(err2, "%d: %+v", i, err2)
|
|
} else {
|
|
assert.NotNil(err, "%d", i)
|
|
assert.NotNil(err2, "%d", i)
|
|
}
|
|
}
|
|
}
|