From 6cf42dff52f6b7202bbb102a318727fda0639662 Mon Sep 17 00:00:00 2001 From: Wan <495709+wa0x6e@users.noreply.github.com> Date: Mon, 28 Aug 2023 15:04:02 +0900 Subject: [PATCH] fix: fix error when eth address is invalid (#837) --- jest.config.ts | 5 ++--- package.json | 1 + src/rpc.ts | 27 ++++++++++++++++++--------- test/e2e/get_vp.test.ts | 15 +++++++++++---- test/e2e/index.test.ts | 30 ++++-------------------------- test/e2e/validate.test.ts | 17 +++++++++++++++++ 6 files changed, 53 insertions(+), 42 deletions(-) diff --git a/jest.config.ts b/jest.config.ts index 5e63dde8..8b8ef747 100644 --- a/jest.config.ts +++ b/jest.config.ts @@ -11,13 +11,12 @@ export default { coverageProvider: 'v8', // An array of regexp pattern strings used to skip coverage collection - coveragePathIgnorePatterns: ['/node_modules/', '/dist/', '/test/fixtures/'], + coveragePathIgnorePatterns: ['/node_modules/', '/build/', '/test/fixtures/'], preset: 'ts-jest', testEnvironment: 'jest-environment-node-single-context', setupFiles: ['dotenv/config'], moduleFileExtensions: ['js', 'ts'], - testMatch: ['/test/e2e/**/?(*.)+(spec|test).(ts|js)'], - testPathIgnorePatterns: ['dist/'], + testPathIgnorePatterns: ['build/'], verbose: true }; diff --git a/package.json b/package.json index 4a3de80b..3b124b1a 100644 --- a/package.json +++ b/package.json @@ -18,6 +18,7 @@ }, "dependencies": { "@aws-sdk/client-s3": "^3.18.0", + "@ethersproject/address": "^5.7.0", "@snapshot-labs/keycard": "0.2.0", "@snapshot-labs/snapshot-metrics": "^1.0.0", "@snapshot-labs/snapshot-sentry": "^1.1.0", diff --git a/src/rpc.ts b/src/rpc.ts index 9ba1909b..1f1aff9d 100644 --- a/src/rpc.ts +++ b/src/rpc.ts @@ -1,5 +1,6 @@ import express from 'express'; import snapshot from '@snapshot-labs/strategies'; +import { getAddress } from '@ethersproject/address'; import scores from './scores'; import { clone, formatStrategies, rpcSuccess, rpcError, blockNumByNetwork, getIp } from './utils'; import { version } from '../package.json'; @@ -14,14 +15,22 @@ const router = express.Router(); router.post('/', async (req, res) => { const { id = null, method, params = {} } = req.body; - if (!method) return rpcError(res, 500, 'missing method', id); - if ( - (method === 'get_vp' && !params.address) || - (method === 'validate' && !params.author) || - params.address === EMPTY_ADDRESS || - params.author === EMPTY_ADDRESS - ) - return rpcError(res, 500, 'invalid address', id); + if (!method) return rpcError(res, 400, 'missing method', id); + + try { + if ( + (method === 'get_vp' && !params.address) || + (method === 'validate' && !params.author) || + params.address === EMPTY_ADDRESS || + params.author === EMPTY_ADDRESS + ) { + throw new Error('invalid address'); + } + getAddress(params.address || params.author); + } catch (e: any) { + return rpcError(res, 400, 'invalid address', id); + } + if (method === 'get_vp') { try { const response: any = await serve(JSON.stringify(params), getVp, [params]); @@ -65,7 +74,7 @@ router.post('/', async (req, res) => { } } - return rpcError(res, 500, 'wrong method', id); + return rpcError(res, 400, 'wrong method', id); }); router.get('/', (req, res) => { diff --git a/test/e2e/get_vp.test.ts b/test/e2e/get_vp.test.ts index 71609a1e..50610a4d 100644 --- a/test/e2e/get_vp.test.ts +++ b/test/e2e/get_vp.test.ts @@ -1,11 +1,18 @@ import request from 'supertest'; describe('getVp', () => { - describe('when the address params is missing', () => { - it('returns a 500 error', async () => { - const response = await request(process.env.HOST).post('/').send({ method: 'get_vp' }); + describe('when the address is invalid', () => { + it.each([ + ['empty address', '0x0000000000000000000000000000000000000000'], + ['empty string', ''], + ['null', null], + ['invalid address', 'test'] + ])('returns a 400 error on %s', async (title, address) => { + const response = await request(process.env.HOST) + .post('/') + .send({ method: 'get_vp', address }); - expect(response.status).toEqual(500); + expect(response.status).toEqual(400); }); }); diff --git a/test/e2e/index.test.ts b/test/e2e/index.test.ts index 975da144..a7229e3c 100644 --- a/test/e2e/index.test.ts +++ b/test/e2e/index.test.ts @@ -1,41 +1,19 @@ import request from 'supertest'; -const EMPTY_ADDRESS = '0x0000000000000000000000000000000000000000'; - describe('/', () => { describe('when method params is missing', () => { - it('returns a 500 error', async () => { + it('returns a 400 error', async () => { const response = await request(process.env.HOST).post('/').send({}); - expect(response.status).toEqual(500); + expect(response.status).toEqual(400); }); }); describe('when method params is invalid', () => { - it('returns a 500 error', async () => { + it('returns a 400 error', async () => { const response = await request(process.env.HOST).post('/').send({ method: 'test' }); - expect(response.status).toEqual(500); - }); - }); - - describe('when the address params is blank', () => { - it('returns a 500 error', async () => { - const response = await request(process.env.HOST) - .post('/') - .send({ method: 'get_vp', address: EMPTY_ADDRESS }); - - expect(response.status).toEqual(500); - }); - }); - - describe('when the author params is blank', () => { - it('returns a 500 error', async () => { - const response = await request(process.env.HOST) - .post('/') - .send({ method: 'get_vp', author: EMPTY_ADDRESS }); - - expect(response.status).toEqual(500); + expect(response.status).toEqual(400); }); }); }); diff --git a/test/e2e/validate.test.ts b/test/e2e/validate.test.ts index b25a3f5c..dedf7012 100644 --- a/test/e2e/validate.test.ts +++ b/test/e2e/validate.test.ts @@ -1,3 +1,20 @@ +import request from 'supertest'; + describe('validate', () => { + describe('when the author is invalid', () => { + it.each([ + ['empty address', '0x0000000000000000000000000000000000000000'], + ['empty string', ''], + ['null', null], + ['invalid address', 'test'] + ])('returns a 400 error on %s', async (title, author) => { + const response = await request(process.env.HOST) + .post('/') + .send({ method: 'validate', author }); + + expect(response.status).toEqual(400); + }); + }); + it.todo('validates the voting power'); });