forked from cosmos/cosmos-sdk
-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Co-authored-by: Vladislav Varadinov <[email protected]> Co-authored-by: tom <[email protected]>
- Loading branch information
1 parent
ab1087a
commit b43f618
Showing
6 changed files
with
619 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| syntax = "proto3"; | ||
| package cosmos.distribution.v1beta1; | ||
|
|
||
| import "cosmos_proto/cosmos.proto"; | ||
|
|
||
| option go_package = "github.com/cosmos/cosmos-sdk/x/distribution/types"; | ||
|
|
||
| // DistributionAuthorization defines a grant that can be given to an address to allow them to | ||
| // execute distribution messages on behalf of the granter. | ||
| message DistributionAuthorization { | ||
| option (cosmos_proto.implements_interface) = "Authorization"; | ||
|
|
||
| // message_type represents the type of the message that is authorized by this DistributionAuthorization. | ||
| string message_type = 1; | ||
| // allowed_list specifies list of addresses that are allowed to execute the distribution messages. | ||
| repeated string allowed_list = 2 [(cosmos_proto.scalar) = "cosmos.AddressString"]; | ||
| } | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| package types | ||
|
|
||
| import ( | ||
| sdk "github.com/cosmos/cosmos-sdk/types" | ||
| sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" | ||
| "github.com/cosmos/cosmos-sdk/x/authz" | ||
| "golang.org/x/exp/slices" | ||
| ) | ||
|
|
||
| var _ authz.Authorization = &DistributionAuthorization{} | ||
|
|
||
| var ( | ||
| SetWithdrawerAddressMsg = sdk.MsgTypeURL(&MsgSetWithdrawAddress{}) | ||
| WithdrawDelegatorRewardMsg = sdk.MsgTypeURL(&MsgWithdrawDelegatorReward{}) | ||
| WithdrawValidatorCommissionMsg = sdk.MsgTypeURL(&MsgWithdrawValidatorCommission{}) | ||
| ) | ||
|
|
||
| // NewDistributionAuthorization creates a new DistributionAuthorization. | ||
| func NewDistributionAuthorization(msgType string, allowed ...string) *DistributionAuthorization { | ||
| return &DistributionAuthorization{ | ||
| MessageType: msgType, | ||
| AllowedList: allowed, | ||
| } | ||
| } | ||
|
|
||
| // MsgTypeURL implements Authorization.MsgTypeURL. | ||
| func (da *DistributionAuthorization) MsgTypeURL() string { | ||
| return da.MessageType | ||
| } | ||
|
|
||
| // Accept implements Authorization.Accept. It checks, that the | ||
| // withdrawer for MsgSetWithdrawAddress, | ||
| // validator for MsgWithdrawValidatorCommission, | ||
| // the delegator address for MsgWithdrawDelegatorReward | ||
| // is in the allowed list. If these conditions are met, the AcceptResponse is returned. | ||
| func (da *DistributionAuthorization) Accept(ctx sdk.Context, msg sdk.Msg) (authz.AcceptResponse, error) { | ||
| switch msg := msg.(type) { | ||
| case *MsgSetWithdrawAddress: | ||
| if !slices.Contains(da.AllowedList, msg.WithdrawAddress) { | ||
| return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrap("address is not in the allowed list") | ||
| } | ||
| case *MsgWithdrawValidatorCommission: | ||
| if !slices.Contains(da.AllowedList, msg.ValidatorAddress) { | ||
| return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrap("address is not in the allowed list") | ||
| } | ||
| case *MsgWithdrawDelegatorReward: | ||
| if !slices.Contains(da.AllowedList, msg.DelegatorAddress) { | ||
| return authz.AcceptResponse{}, sdkerrors.ErrUnauthorized.Wrap("address is not in the allowed list") | ||
| } | ||
| default: | ||
| return authz.AcceptResponse{}, sdkerrors.ErrInvalidRequest.Wrap("unknown msg type") | ||
| } | ||
|
|
||
| return authz.AcceptResponse{ | ||
| Accept: true, | ||
| Delete: false, | ||
| Updated: &DistributionAuthorization{ | ||
| AllowedList: da.AllowedList, | ||
| MessageType: da.MessageType, | ||
| }, | ||
| }, nil | ||
| } | ||
|
|
||
| // ValidateBasic performs a stateless validation of the fields. | ||
| func (da *DistributionAuthorization) ValidateBasic() error { | ||
| if len(da.AllowedList) == 0 { | ||
| return sdkerrors.ErrInvalidRequest.Wrap("allowed list cannot be empty") | ||
| } | ||
|
|
||
| // validate all the addresses are correct bech32 addresses | ||
| for _, addr := range da.AllowedList { | ||
| if _, err := sdk.AccAddressFromBech32(addr); err != nil { | ||
| return sdkerrors.ErrInvalidAddress.Wrapf("invalid address: %s", addr) | ||
| } | ||
| } | ||
|
|
||
| return nil | ||
| } |
Oops, something went wrong.