Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add missing asset authorization checks for some operations #2468

Merged
merged 6 commits into from
May 31, 2021
Merged

Add missing asset authorization checks for some operations #2468

merged 6 commits into from
May 31, 2021

Conversation

abitmore
Copy link
Member

@abitmore abitmore commented May 29, 2021
edited
Loading

Add asset authorization checks for some operations.

Affected operations:

  • asset_settle_operation
    • new rule: unable to settle if not authorized by either the debt asset or collateral asset
  • bid_collateral_operation
    • new rule: unable to bid (newly bid, or update or cancel existing bid) if not authorized by either the debt asset or collateral asset
  • call_order_update_operation
    • new rule: unable to update debt position (create new position, or update or close existing position) if not authorized by either the debt asset or collateral asset
  • vesting_balance_create_operation
    • new rule: unable to create the vesting_balance object if either the creator or the receiver is not authorized by the asset
    • note: no asset authorization check on vesting_balance_withdraw_operation since in my opinion it's OK to allow the funds to be moved from vesting balance objects to account balance.

And slightly refactor nearby code for better performance.

Fixes #972, fixes #973.

abitmore added 5 commits May 23, 2021 22:25
@abitmore
Add asset authorization checks for some operations
a5fd69b 
Affected operations:
- asset_settle_operation
- bid_collateral_operation
- call_order_update_operation
- vesting_balance_create_operation

And slightly refactor nearby code for better performance
@abitmore
Add tests for asset auth on vesting balance create
4f1e419
@abitmore
Add tests for asset auth on call order update op
90973cb
@abitmore
Add tests for asset auth on asset settle operation
18427ee
@abitmore
Add tests for asset auth on collateral bid op
12615d1
@abitmore abitmore mentioned this pull request May 29, 2021
Closed
3 tasks
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

100.0% 100.0% Coverage
0.0% 0.0% Duplication

@abitmore abitmore merged commit 3f15b32 into hardfork May 31, 2021
@abitmore abitmore deleted the pr-973-asset-auths branch May 31, 2021 20:36
@abitmore abitmore mentioned this pull request May 31, 2021
Closed
17 tasks
@abitmore abitmore changed the title Add asset authorization checks for some operations Add missing asset authorization checks for some operations Oct 10, 2021
@abitmore abitmore mentioned this pull request Oct 10, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
hardfork
Projects
None yet
Milestone
6.0.0 - Protocol Upgrade Release
Development

Successfully merging this pull request may close these issues.
1 participant
@abitmore