Skip to content

Commit

Permalink
Add another flavor of permission api
Browse files Browse the repository at this point in the history
  • Loading branch information
runtian-zhou committed Dec 17, 2024
1 parent 2bd4613 commit 287f491
Show file tree
Hide file tree
Showing 2 changed files with 101 additions and 1 deletion.
17 changes: 16 additions & 1 deletion aptos-move/framework/aptos-framework/sources/fungible_asset.move
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ module aptos_framework::fungible_asset {
use aptos_framework::event;
use aptos_framework::function_info::{Self, FunctionInfo};
use aptos_framework::object::{Self, Object, ConstructorRef, DeleteRef, ExtendRef};
use aptos_framework::permissioned_signer;
use aptos_framework::permissioned_signer::{Self, Permission};
use std::string;
use std::features;

Expand Down Expand Up @@ -795,6 +795,21 @@ module aptos_framework::fungible_asset {
withdraw_internal(object::object_address(&store), amount)
}

public fun withdraw_with_permission<T: key>(
perm: &mut Permission<WithdrawPermission>,
store: Object<T>,
amount: u64,
): FungibleAsset acquires FungibleStore, DispatchFunctionStore, ConcurrentFungibleBalance {
withdraw_sanity_check_impl(permissioned_signer::address_of(perm), store, true);
assert!(
permissioned_signer::consume_permission(perm, amount as u256, WithdrawPermission::ByStore {
store_address: object::object_address(&store),
}),
error::permission_denied(EWITHDRAW_PERMISSION_DENIED)
);
withdraw_internal(object::object_address(&store), amount)
}

/// Check the permission for withdraw operation.
public(friend) fun withdraw_permission_check<T: key>(
owner: &signer,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,14 @@ module aptos_framework::permissioned_signer {
Capacity(u256),
}

enum Permission<K> {
V1 {
owner_address: address,
key: K,
perm: StoredPermission,
}
}

/// Create an ephermeral permission handle based on the master signer.
///
/// This handle can be used to derive a signer that can be used in the context of
Expand Down Expand Up @@ -560,6 +568,83 @@ module aptos_framework::permissioned_signer {
}
}

/// =====================================================================================================
/// Another flavor of api to extract and store permissions
///
public(friend) fun extract_permission<PermKey: copy + drop + store>(
s: &signer, weight: u256, perm: PermKey
): Permission<PermKey> acquires PermissionStorage {
assert!(
check_permission_consume(s, weight, perm),
error::permission_denied(ECANNOT_EXTRACT_PERMISSION)
);
Permission::V1 {
owner_address: signer::address_of(s),
key: perm,
perm: StoredPermission::Capacity(weight),
}
}

public(friend) fun extract_all_permission<PermKey: copy + drop + store>(
s: &signer, perm_key: PermKey
): Permission<PermKey> acquires PermissionStorage {
assert!(
is_permissioned_signer(s),
error::permission_denied(ECANNOT_EXTRACT_PERMISSION)
);
let addr = permission_address(s);
assert!(
exists<PermissionStorage>(addr),
error::permission_denied(ECANNOT_EXTRACT_PERMISSION)
);
let key = copyable_any::pack(perm_key);
let storage = &mut borrow_global_mut<PermissionStorage>(addr).perms;
let (_, value) = simple_map::remove(storage, &key);

Permission::V1 {
owner_address: signer::address_of(s),
key: perm_key,
perm: value,
}
}

public(friend) fun address_of<PermKey>(perm: &Permission<PermKey>): address {
perm.owner_address
}

public(friend) fun consume_permission<PermKey: copy + drop + store>(
perm: &mut Permission<PermKey>, weight: u256, perm_key: PermKey
): bool {
if (perm.key != perm_key) {
return false
};
consume_capacity(&mut perm.perm, weight)
}

public(friend) fun store_permission<PermKey: copy + drop + store>(
s: &signer, perm: Permission<PermKey>
) acquires PermissionStorage {
assert!(
is_permissioned_signer(s),
error::permission_denied(ENOT_PERMISSIONED_SIGNER)
);
let Permission::V1 { key, perm, owner_address } = perm;

assert!(
signer::address_of(s) == owner_address,
error::permission_denied(E_PERMISSION_MISMATCH)
);

insert_or(
s,
key,
|stored_permission| {
merge(stored_permission, perm);
},
perm,
)
}

// =====================================================================================================
// Native Functions
///
Expand Down

0 comments on commit 287f491

Please sign in to comment.