Skip to content

Commit

Permalink
permit check added for key to be dao core addr
Browse files Browse the repository at this point in the history
  • Loading branch information
@Abhishek-1857
Abhishek-1857 committed Jun 28, 2024
1 parent 156c0a2 commit d7a652e
Show file tree
Hide file tree
Showing 22 changed files with 599 additions and 204 deletions.
6 changes: 3 additions & 3 deletions contracts/dao-dao-core/src/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1135,9 +1135,9 @@ pub fn reply(deps: DepsMut, env: Env, msg: Reply) -> Result<Response, ContractEr
SubMsg::reply_on_success(msg, reply_id)
})
.collect();
// if proposal_module_msgs.is_empty() {
// return Err(ContractError::NoActiveProposalModules {});
// }
if proposal_module_msgs.is_empty() {
return Err(ContractError::NoActiveProposalModules {});
}
Ok(Response::new()
.add_attribute("action", "instantiate query_auth with dao as admin")
.add_submessage(vote_module_msg)
Expand Down
81 changes: 38 additions & 43 deletions contracts/external/cw-fund-distributor/src/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ use crate::msg::{
VotingContractResponse,
};
use crate::state::{
Config, VotingContractInfo, CONFIG, DISTRIBUTION_HEIGHT, FUNDING_PERIOD_EXPIRATION,
Config, VotingContractInfo, CONFIG, DAO, DISTRIBUTION_HEIGHT, FUNDING_PERIOD_EXPIRATION,
NATIVE_BALANCES, NATIVE_CLAIMS, SNIP20S_CODE_HASH, SNIP20_BALANCES, SNIP20_CLAIMS, TOTAL_POWER,
VOTING_CONTRACT,
};
Expand Down Expand Up @@ -43,6 +43,7 @@ pub fn instantiate(
msg: InstantiateMsg,
) -> Result<Response, ContractError> {
set_contract_version(deps.storage, CONTRACT_NAME, CONTRACT_VERSION)?;
DAO.save(deps.storage, &info.sender.to_string())?;

// store the height
DISTRIBUTION_HEIGHT.save(deps.storage, &msg.distribution_height)?;
Expand Down Expand Up @@ -107,9 +108,13 @@ pub fn execute(
memo: _,
}) => execute_fund_snip20(deps, env, info.sender, amount),
ExecuteMsg::FundNative {} => execute_fund_native(deps, env, info),
ExecuteMsg::ClaimSnip20 { auth, tokens } => execute_claim_snip20s(deps, env, auth, tokens),
ExecuteMsg::ClaimNatives { auth, denoms } => execute_claim_natives(deps, env, auth, denoms),
ExecuteMsg::ClaimAll { auth } => execute_claim_all(deps, env, auth),
ExecuteMsg::ClaimSnip20 { auth, tokens } => {
execute_claim_snip20s(deps, env, info.sender, auth, tokens)
}
ExecuteMsg::ClaimNatives { auth, denoms } => {
execute_claim_natives(deps, env, auth, info.sender, denoms)
}
ExecuteMsg::ClaimAll { auth } => execute_claim_all(deps, env, info.sender, auth),
ExecuteMsg::SetSnip20sCodeHash { token_info } => {
if info.sender != CONFIG.load(deps.storage)?.owner {
return Err(ContractError::Unauthorized {});
Expand Down Expand Up @@ -226,6 +231,7 @@ fn get_relative_share(deps: &Deps, auth: Auth) -> Result<Decimal, StdError> {
pub fn execute_claim_snip20s(
deps: DepsMut,
env: Env,
sender: Addr,
auth: Auth,
tokens: Vec<TokenInfo>,
) -> Result<Response, ContractError> {
Expand All @@ -239,10 +245,6 @@ pub fn execute_claim_snip20s(
}

let relative_share = get_relative_share(&deps.as_ref(), auth.clone())?;
let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth {
sender = deps.api.addr_validate(&address)?;
}
let messages = get_snip20_claim_wasm_messages(tokens, deps, sender.clone(), relative_share)?;

Ok(Response::default()
Expand Down Expand Up @@ -320,6 +322,7 @@ pub fn execute_claim_natives(
deps: DepsMut,
env: Env,
auth: Auth,
sender: Addr,
denoms: Vec<String>,
) -> Result<Response, ContractError> {
let funding_deadline = FUNDING_PERIOD_EXPIRATION.load(deps.storage)?;
Expand All @@ -334,10 +337,6 @@ pub fn execute_claim_natives(
// find the relative share of the distributor pool for the user
// and determine the native claim transfer amounts with it
let relative_share = get_relative_share(&deps.as_ref(), auth.clone())?;
let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth {
sender = deps.api.addr_validate(&address)?;
}
let messages = get_native_claim_bank_messages(denoms, deps, sender.clone(), relative_share)?;

Ok(Response::default()
Expand Down Expand Up @@ -399,6 +398,7 @@ fn get_native_claim_bank_messages(
pub fn execute_claim_all(
mut deps: DepsMut,
env: Env,
sender: Addr,
auth: Auth,
) -> Result<Response, ContractError> {
let funding_deadline = FUNDING_PERIOD_EXPIRATION.load(deps.storage)?;
Expand Down Expand Up @@ -429,11 +429,6 @@ pub fn execute_claim_all(

let relative_share = get_relative_share(&deps.as_ref(), auth.clone())?;

let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth {
sender = deps.api.addr_validate(&address)?;
}

// get the claim messages
let cw20_claim_msgs =
get_snip20_claim_wasm_messages(snip20_info, deps.branch(), sender.clone(), relative_share)?;
Expand All @@ -455,31 +450,31 @@ pub fn query(deps: Deps, _env: Env, msg: QueryMsg) -> StdResult<Binary> {
QueryMsg::Snip20Tokens {} => query_snip20_tokens(deps),
QueryMsg::NativeEntitlement { auth, denom } => {
let query_auth = CONFIG.load(deps.storage)?.query_auth;
authenticate(deps, auth.clone(), query_auth)?;
query_native_entitlement(deps, auth, denom)
let sender = authenticate(deps, auth.clone(), query_auth)?;
query_native_entitlement(deps, auth, sender, denom)
}
QueryMsg::Snip20Entitlement { auth, token } => {
let query_auth = CONFIG.load(deps.storage)?.query_auth;
authenticate(deps, auth.clone(), query_auth)?;
query_snip20_entitlement(deps, auth, token)
let sender = authenticate(deps, auth.clone(), query_auth)?;
query_snip20_entitlement(deps, auth, sender, token)
}
QueryMsg::NativeEntitlements {
auth,
start_at,
limit,
} => {
let query_auth = CONFIG.load(deps.storage)?.query_auth;
authenticate(deps, auth.clone(), query_auth)?;
query_native_entitlements(deps, auth, start_at, limit)
let sender = authenticate(deps, auth.clone(), query_auth)?;
query_native_entitlements(deps, auth, sender, start_at, limit)
}
QueryMsg::Snip20Entitlements {
auth,
start_at,
limit,
} => {
let query_auth = CONFIG.load(deps.storage)?.query_auth;
authenticate(deps, auth.clone(), query_auth)?;
query_snip20_entitlements(deps, auth, start_at, limit)
let sender = authenticate(deps, auth.clone(), query_auth)?;
query_snip20_entitlements(deps, auth, sender, start_at, limit)
}
}
}
Expand Down Expand Up @@ -528,11 +523,12 @@ pub fn query_snip20_tokens(deps: Deps) -> StdResult<Binary> {
to_binary(&cw20_responses)
}

pub fn query_native_entitlement(deps: Deps, auth: Auth, denom: String) -> StdResult<Binary> {
let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth.clone() {
sender = deps.api.addr_validate(&address)?;
}
pub fn query_native_entitlement(
deps: Deps,
auth: Auth,
sender: Addr,
denom: String,
) -> StdResult<Binary> {
let prev_claim = NATIVE_CLAIMS
.get(deps.storage, &(sender.clone(), denom.clone()))
.unwrap_or_default();
Expand All @@ -551,11 +547,12 @@ pub fn query_native_entitlement(deps: Deps, auth: Auth, denom: String) -> StdRes
})
}

pub fn query_snip20_entitlement(deps: Deps, auth: Auth, token: String) -> StdResult<Binary> {
let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth.clone() {
sender = deps.api.addr_validate(&address)?;
}
pub fn query_snip20_entitlement(
deps: Deps,
auth: Auth,
sender: Addr,
token: String,
) -> StdResult<Binary> {
let token = Addr::unchecked(token);

let prev_claim = SNIP20_CLAIMS
Expand All @@ -579,13 +576,10 @@ pub fn query_snip20_entitlement(deps: Deps, auth: Auth, token: String) -> StdRes
pub fn query_native_entitlements(
deps: Deps,
auth: Auth,
sender: Addr,
start_at: Option<String>,
limit: Option<u32>,
) -> StdResult<Binary> {
let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth.clone() {
sender = deps.api.addr_validate(&address)?;
}
let relative_share = get_relative_share(&deps, auth)?;
let mut start = start_at.clone(); // Clone start_after to mutate it if necessary
let limit = limit.unwrap_or(DEFAULT_LIMIT).min(MAX_LIMIT) as usize;
Expand Down Expand Up @@ -634,13 +628,10 @@ const DEFAULT_LIMIT: u32 = 10;
pub fn query_snip20_entitlements(
deps: Deps,
auth: Auth,
sender: Addr,
start_at: Option<String>,
limit: Option<u32>,
) -> StdResult<Binary> {
let mut sender = Addr::unchecked("");
if let Auth::ViewingKey { address, .. } = auth.clone() {
sender = deps.api.addr_validate(&address)?;
}
let relative_share = get_relative_share(&deps, auth)?;
let mut start = start_at.map(|h| deps.api.addr_validate(&h)).transpose()?;
let limit = limit.unwrap_or(DEFAULT_LIMIT).min(MAX_LIMIT) as usize;
Expand Down Expand Up @@ -764,6 +755,10 @@ pub fn authenticate(deps: Deps, auth: Auth, query_auth: Contract) -> StdResult<A
Ok(address)
}
Auth::Permit(permit) => {
let dao = DAO.load(deps.storage)?;
if permit.params.key != dao {
return Err(StdError::generic_err("Invalid permit Key"));
}
let res: PermitAuthentication<AuthPermit> =
authenticate_permit(permit, &deps.querier, query_auth)?;
if res.revoked {
Expand Down
1 change: 1 addition & 0 deletions contracts/external/cw-fund-distributor/src/state.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,3 +40,4 @@ pub static NATIVE_CLAIMS: Keymap<(Addr, String), Uint128> = Keymap::new(b"native
pub static SNIP20S_CODE_HASH: Keymap<Addr, String> = Keymap::new(b"snip20s_code_hash");

pub const CONFIG: Item<Config> = Item::new("config");
pub const DAO: Item<String> = Item::new("dao");
6 changes: 4 additions & 2 deletions contracts/external/cw4-group/src/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,9 @@ use shade_protocol::Contract;
use crate::error::ContractError;
use crate::helpers::validate_unique_members;
use crate::msg::{ExecuteMsg, InstantiateMsg, QueryMsg};
use crate::state::{MembersStore, TotalStore, ADMIN, DAO, HOOKS, MEMBERS_PRIMARY, OWNER, QUERY_AUTH};
use crate::state::{
MembersStore, TotalStore, ADMIN, DAO, HOOKS, MEMBERS_PRIMARY, OWNER, QUERY_AUTH,
};

// version info for migration info
const CONTRACT_NAME: &str = "crates.io:cw4-group";
Expand Down Expand Up @@ -288,7 +290,7 @@ pub fn authenticate(deps: Deps, auth: Auth, query_auth: Contract) -> StdResult<A
Ok(address)
}
Auth::Permit(permit) => {
if permit.params.key!=DAO.load(deps.storage)?{
if permit.params.key != DAO.load(deps.storage)? {
return Err(StdError::generic_err("Invalid permit Key"));
}
let res: PermitAuthentication<AuthPermit> =
Expand Down
1 change: 0 additions & 1 deletion contracts/external/cw4-group/src/state.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ pub const QUERY_AUTH: Item<Contract> = Item::new("query_auth");
pub const OWNER: Item<Addr> = Item::new("owner");
pub const DAO: Item<String> = Item::new("dao");


// pub const TOTAL: SnapshotItem<u64> = SnapshotItem::new(
// TOTAL_KEY,
// TOTAL_KEY_CHECKPOINTS,
Expand Down
7 changes: 6 additions & 1 deletion contracts/external/snip721-roles/src/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ use snip721_roles_impl::{
use std::cmp::Ordering;

use crate::msg::{ExecuteMsg, QueryMsg};
use crate::state::{MembersStore, TotalStore, MEMBERS_PRIMARY};
use crate::state::{MembersStore, TotalStore, DAO, MEMBERS_PRIMARY};
use crate::{error::RolesContractError as ContractError, state::HOOKS};

// Version info for migration
Expand All @@ -44,6 +44,7 @@ pub fn instantiate(
msg: Snip721BaseInstantiateMsg,
) -> Result<Response, ContractError> {
Snip721roles::default().instantiate(deps.branch(), env.clone(), info.clone(), msg)?;
DAO.save(deps.storage, &info.sender.to_string())?;

// Initialize total weight to zero
TotalStore::save(deps.storage, env.block.height, 0)?;
Expand Down Expand Up @@ -683,6 +684,10 @@ pub fn authenticate(deps: Deps, auth: Auth, query_auth: Contract) -> StdResult<A
Ok(address)
}
Auth::Permit(permit) => {
let dao = DAO.load(deps.storage)?;
if permit.params.key != dao {
return Err(StdError::generic_err("Invalid permit Key"));
}
let res: PermitAuthentication<AuthPermit> =
authenticate_permit(permit, &deps.querier, query_auth)?;
if res.revoked {
Expand Down
1 change: 1 addition & 0 deletions contracts/external/snip721-roles/src/state.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ pub struct Config {
// Hooks to contracts that will receive staking and unstaking messages.
pub const HOOKS: Hooks = Hooks::new("hooks");
pub const SNIP721_INFO: Item<Config> = Item::new("si");
pub const DAO: Item<String> = Item::new("dao");

// /// A historic snapshot of total weight over time
// pub const TOTAL: SnapshotItem<u64> = SnapshotItem::new(
Expand Down
4 changes: 4 additions & 0 deletions contracts/proposal/dao-proposal-multiple/src/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -950,6 +950,10 @@ pub fn authenticate(deps: Deps, auth: Auth, query_auth: Contract) -> StdResult<A
Ok(address)
}
Auth::Permit(permit) => {
let dao = DAO.load(deps.storage)?.addr.to_string();
if permit.params.key != dao {
return Err(StdError::generic_err("Invalid permit Key"));
}
let res: PermitAuthentication<AuthPermit> =
authenticate_permit(permit, &deps.querier, query_auth)?;
if res.revoked {
Expand Down
4 changes: 4 additions & 0 deletions contracts/proposal/dao-proposal-single/src/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -941,6 +941,10 @@ pub fn authenticate(deps: Deps, auth: Auth, query_auth: Contract) -> StdResult<A
Ok(address)
}
Auth::Permit(permit) => {
let dao = DAO.load(deps.storage)?.addr.to_string();
if permit.params.key != dao {
return Err(StdError::generic_err("Invalid permit Key"));
}
let res: PermitAuthentication<AuthPermit> =
authenticate_permit(permit, &deps.querier, query_auth)?;
if res.revoked {
Expand Down
Loading

0 comments on commit d7a652e

Please sign in to comment.