From c0f3519cdcecef7d507915aae25b9a6e6541f7cc Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Tue, 12 Oct 2021 16:40:49 +0200 Subject: [PATCH 01/15] Merge pull request from GHSA-2p6r-37p9-89p2 * test: adding authz grant tests * fix TestCLITxGrantAuthorization/Invalid_expiration_time test case * comment out the test * reenable test --- x/authz/authorization_grant.go | 10 +++---- x/authz/authorization_grant_test.go | 44 +++++++++++++++++++++++++++++ x/authz/client/testutil/tx.go | 6 ++-- x/authz/keeper/msg_server.go | 2 +- x/authz/msgs_test.go | 2 +- 5 files changed, 54 insertions(+), 10 deletions(-) create mode 100644 x/authz/authorization_grant_test.go diff --git a/x/authz/authorization_grant.go b/x/authz/authorization_grant.go index f5ebf8797be0..a873499b621b 100644 --- a/x/authz/authorization_grant.go +++ b/x/authz/authorization_grant.go @@ -10,7 +10,11 @@ import ( ) // NewGrant returns new Grant -func NewGrant(a Authorization, expiration time.Time) (Grant, error) { +func NewGrant( /*blockTime time.Time, */ a Authorization, expiration time.Time) (Grant, error) { + // TODO: add this for 0.45 + // if !expiration.After(blockTime) { + // return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339)) + // } g := Grant{ Expiration: expiration, } @@ -51,10 +55,6 @@ func (g Grant) GetAuthorization() Authorization { } func (g Grant) ValidateBasic() error { - if g.Expiration.Unix() < time.Now().Unix() { - return sdkerrors.Wrap(ErrInvalidExpirationTime, "Time can't be in the past") - } - av := g.Authorization.GetCachedValue() a, ok := av.(Authorization) if !ok { diff --git a/x/authz/authorization_grant_test.go b/x/authz/authorization_grant_test.go new file mode 100644 index 000000000000..9f9f00108c73 --- /dev/null +++ b/x/authz/authorization_grant_test.go @@ -0,0 +1,44 @@ +package authz + +import ( + "testing" + "time" + + // banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" + "github.com/stretchr/testify/require" +) + +func expecError(r *require.Assertions, expected string, received error) { + if expected == "" { + r.NoError(received) + } else { + r.Error(received) + r.Contains(received.Error(), expected) + } +} + +func TestNewGrant(t *testing.T) { + // ba := banktypes.NewSendAuthorization(sdk.NewCoins(sdk.NewInt64Coin("foo", 123))) + a := NewGenericAuthorization("some-type") + var tcs = []struct { + title string + a Authorization + blockTime time.Time + expire time.Time + err string + }{ + // {"wrong expire time (1)", a, time.Unix(10, 0), time.Unix(8, 0), "expiration must be after"}, + // {"wrong expire time (2)", a, time.Unix(10, 0), time.Unix(10, 0), "expiration must be after"}, + {"good expire time (1)", a, time.Unix(10, 0), time.Unix(10, 1), ""}, + {"good expire time (2)", a, time.Unix(10, 0), time.Unix(11, 0), ""}, + } + + for _, tc := range tcs { + t.Run(tc.title, func(t *testing.T) { + // _, err := NewGrant(tc.blockTime, tc.a, tc.expire) + _, err := NewGrant(tc.a, tc.expire) + expecError(require.New(t), tc.err, err) + }) + } + +} diff --git a/x/authz/client/testutil/tx.go b/x/authz/client/testutil/tx.go index dc4f1b00e281..de30830be13e 100644 --- a/x/authz/client/testutil/tx.go +++ b/x/authz/client/testutil/tx.go @@ -163,11 +163,11 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { "send", fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit), fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()), - fmt.Sprintf("--%s=true", flags.FlagGenerateOnly), + fmt.Sprintf("--%s=true", flags.FlagSkipConfirmation), fmt.Sprintf("--%s=%d", cli.FlagExpiration, pastHour), }, - 0, - true, + 0xd, + false, // TODO: enable in v0.45 }, { "fail with error invalid msg-type", diff --git a/x/authz/keeper/msg_server.go b/x/authz/keeper/msg_server.go index e13b29fbd4de..2e5183865a2a 100644 --- a/x/authz/keeper/msg_server.go +++ b/x/authz/keeper/msg_server.go @@ -10,7 +10,7 @@ import ( var _ authz.MsgServer = Keeper{} -// GrantAuthorization implements the MsgServer.Grant method. +// GrantAuthorization implements the MsgServer.Grant method to create a new grant. func (k Keeper) Grant(goCtx context.Context, msg *authz.MsgGrant) (*authz.MsgGrantResponse, error) { ctx := sdk.UnwrapSDKContext(goCtx) grantee, err := sdk.AccAddressFromBech32(msg.Grantee) diff --git a/x/authz/msgs_test.go b/x/authz/msgs_test.go index 7a41c1befb5d..c7b4192d3783 100644 --- a/x/authz/msgs_test.go +++ b/x/authz/msgs_test.go @@ -80,7 +80,7 @@ func TestMsgGrantAuthorization(t *testing.T) { {"nil granter and grantee address", nil, nil, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now(), false, false}, {"nil authorization", granter, grantee, nil, time.Now(), true, false}, {"valid test case", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 1, 0), false, true}, - {"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, false}, + {"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, true}, // TODO need 0.45 } for i, tc := range tests { msg, err := authz.NewMsgGrant( From a880e95fabe890724f408d5bc0ba4700e36d1109 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 00:15:02 +0200 Subject: [PATCH 02/15] master update --- x/authz/authorization_grant.go | 9 ++++----- x/authz/authorization_grant_test.go | 7 +++---- x/authz/keeper/keeper.go | 2 +- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/x/authz/authorization_grant.go b/x/authz/authorization_grant.go index a873499b621b..90f953e5026f 100644 --- a/x/authz/authorization_grant.go +++ b/x/authz/authorization_grant.go @@ -10,11 +10,10 @@ import ( ) // NewGrant returns new Grant -func NewGrant( /*blockTime time.Time, */ a Authorization, expiration time.Time) (Grant, error) { - // TODO: add this for 0.45 - // if !expiration.After(blockTime) { - // return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339)) - // } +func NewGrant(blockTime time.Time, a Authorization, expiration time.Time) (Grant, error) { + if !expiration.After(blockTime) { + return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339)) + } g := Grant{ Expiration: expiration, } diff --git a/x/authz/authorization_grant_test.go b/x/authz/authorization_grant_test.go index 9f9f00108c73..0d56ea37dd58 100644 --- a/x/authz/authorization_grant_test.go +++ b/x/authz/authorization_grant_test.go @@ -27,16 +27,15 @@ func TestNewGrant(t *testing.T) { expire time.Time err string }{ - // {"wrong expire time (1)", a, time.Unix(10, 0), time.Unix(8, 0), "expiration must be after"}, - // {"wrong expire time (2)", a, time.Unix(10, 0), time.Unix(10, 0), "expiration must be after"}, + {"wrong expire time (1)", a, time.Unix(10, 0), time.Unix(8, 0), "expiration must be after"}, + {"wrong expire time (2)", a, time.Unix(10, 0), time.Unix(10, 0), "expiration must be after"}, {"good expire time (1)", a, time.Unix(10, 0), time.Unix(10, 1), ""}, {"good expire time (2)", a, time.Unix(10, 0), time.Unix(11, 0), ""}, } for _, tc := range tcs { t.Run(tc.title, func(t *testing.T) { - // _, err := NewGrant(tc.blockTime, tc.a, tc.expire) - _, err := NewGrant(tc.a, tc.expire) + _, err := NewGrant(tc.blockTime, tc.a, tc.expire) expecError(require.New(t), tc.err, err) }) } diff --git a/x/authz/keeper/keeper.go b/x/authz/keeper/keeper.go index 43c3ccc15d4d..ced2c8e00193 100644 --- a/x/authz/keeper/keeper.go +++ b/x/authz/keeper/keeper.go @@ -134,7 +134,7 @@ func (k Keeper) DispatchActions(ctx sdk.Context, grantee sdk.AccAddress, msgs [] func (k Keeper) SaveGrant(ctx sdk.Context, grantee, granter sdk.AccAddress, authorization authz.Authorization, expiration time.Time) error { store := ctx.KVStore(k.storeKey) - grant, err := authz.NewGrant(authorization, expiration) + grant, err := authz.NewGrant(ctx.BlockTime(), authorization, expiration) if err != nil { return err } From f8c86ca2b32b0c2276a691deff289b6d97e91241 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 00:18:05 +0200 Subject: [PATCH 03/15] update changelog and cli test --- CHANGELOG.md | 4 +++- x/authz/client/testutil/tx.go | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9c32cf5f40ab..141721f1ea9f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -97,6 +97,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * Move Msg routers from BaseApp to middlewares. * Move Baseapp panic recovery into a middleware. * Rename simulation helper methods `baseapp.{Check,Deliver}` to `baseapp.Sim{Check,Deliver}`. +* (x/authz) [\#10350](https://github.com/cosmos/cosmos-sdk/issues/10350) authz `NewGrant` takes a new argument: block time, to correctly validate expire time. ### Client Breaking Changes @@ -129,7 +130,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Bug Fixes -* (client) [#10226](https://github.com/cosmos/cosmos-sdk/pull/10226) Fix --home flag parsing. +* (client) [#10226](https://github.com/cosmos/cosmos-sdk/pull/10226) Fix --home flag parsing. * [#10180](https://github.com/cosmos/cosmos-sdk/issues/10180) Documentation: make references to Cosmos SDK consistent * (x/genutil) [#10104](https://github.com/cosmos/cosmos-sdk/pull/10104) Ensure the `init` command reads the `--home` flag value correctly. * [\#9651](https://github.com/cosmos/cosmos-sdk/pull/9651) Change inconsistent limit of `0` to `MaxUint64` on InfiniteGasMeter and add GasRemaining func to GasMeter. @@ -149,6 +150,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * [\#10184](https://github.com/cosmos/cosmos-sdk/pull/10184) Fixed CLI tx commands to no longer explicitly require the chain-id flag as this value can come from a user config. * [\#10239](https://github.com/cosmos/cosmos-sdk/pull/10239) Fixed x/bank/044 migrateDenomMetadata. * (x/upgrade) [\#10189](https://github.com/cosmos/cosmos-sdk/issues/10189) Removed potential sources of non-determinism in upgrades +* (x/authz) [\#10350](https://github.com/cosmos/cosmos-sdk/issues/10350) Fix authz `NewGrant` expiration check. ### State Machine Breaking diff --git a/x/authz/client/testutil/tx.go b/x/authz/client/testutil/tx.go index de30830be13e..dc4f1b00e281 100644 --- a/x/authz/client/testutil/tx.go +++ b/x/authz/client/testutil/tx.go @@ -163,11 +163,11 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { "send", fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit), fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()), - fmt.Sprintf("--%s=true", flags.FlagSkipConfirmation), + fmt.Sprintf("--%s=true", flags.FlagGenerateOnly), fmt.Sprintf("--%s=%d", cli.FlagExpiration, pastHour), }, - 0xd, - false, // TODO: enable in v0.45 + 0, + true, }, { "fail with error invalid msg-type", From 9825643bef70557749c34e03eb3a25859a936069 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 00:44:38 +0200 Subject: [PATCH 04/15] fix keeper tests --- x/authz/keeper/keeper_test.go | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/x/authz/keeper/keeper_test.go b/x/authz/keeper/keeper_test.go index e12a0b0d04b6..6b0707568e9b 100644 --- a/x/authz/keeper/keeper_test.go +++ b/x/authz/keeper/keeper_test.go @@ -55,13 +55,12 @@ func (s *TestSuite) TestKeeper() { s.Require().Nil(authorization) s.Require().Equal(expiration, time.Time{}) now := s.ctx.BlockHeader().Time - s.Require().NotNil(now) newCoins := sdk.NewCoins(sdk.NewInt64Coin("steak", 100)) s.T().Log("verify if expired authorization is rejected") x := &banktypes.SendAuthorization{SpendLimit: newCoins} err := app.AuthzKeeper.SaveGrant(ctx, granterAddr, granteeAddr, x, now.Add(-1*time.Hour)) - s.Require().NoError(err) + s.Require().Error(err) authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, bankSendAuthMsgType) s.Require().Nil(authorization) @@ -105,14 +104,13 @@ func (s *TestSuite) TestKeeperIter() { authorization, expiration := app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, "Abcd") s.Require().Nil(authorization) s.Require().Equal(time.Time{}, expiration) - now := s.ctx.BlockHeader().Time - s.Require().NotNil(now) + now := s.ctx.BlockHeader().Time.Add(time.Second) newCoins := sdk.NewCoins(sdk.NewInt64Coin("steak", 100)) s.T().Log("verify if expired authorization is rejected") x := &banktypes.SendAuthorization{SpendLimit: newCoins} err := app.AuthzKeeper.SaveGrant(ctx, granteeAddr, granterAddr, x, now.Add(-1*time.Hour)) - s.Require().NoError(err) + s.Require().Error(err) authorization, _ = app.AuthzKeeper.GetCleanAuthorization(ctx, granteeAddr, granterAddr, "abcd") s.Require().Nil(authorization) @@ -131,8 +129,7 @@ func (s *TestSuite) TestKeeperFees() { granteeAddr := addrs[1] recipientAddr := addrs[2] s.Require().NoError(testutil.FundAccount(app.BankKeeper, s.ctx, granterAddr, sdk.NewCoins(sdk.NewInt64Coin("steak", 10000)))) - now := s.ctx.BlockHeader().Time - s.Require().NotNil(now) + expiration := s.ctx.BlockHeader().Time.Add(1 * time.Second) smallCoin := sdk.NewCoins(sdk.NewInt64Coin("steak", 20)) someCoin := sdk.NewCoins(sdk.NewInt64Coin("steak", 123)) @@ -157,7 +154,7 @@ func (s *TestSuite) TestKeeperFees() { s.T().Log("verify dispatch executes with correct information") // grant authorization - err = app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: smallCoin}, now) + err = app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: smallCoin}, expiration) s.Require().NoError(err) authorization, _ := app.AuthzKeeper.GetCleanAuthorization(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) s.Require().NotNil(authorization) @@ -206,8 +203,7 @@ func (s *TestSuite) TestDispatchedEvents() { granteeAddr := addrs[1] recipientAddr := addrs[2] require.NoError(testutil.FundAccount(app.BankKeeper, s.ctx, granterAddr, sdk.NewCoins(sdk.NewInt64Coin("steak", 10000)))) - now := s.ctx.BlockHeader().Time - require.NotNil(now) + expiration := s.ctx.BlockHeader().Time.Add(1 * time.Second) // must be in the future smallCoin := sdk.NewCoins(sdk.NewInt64Coin("steak", 20)) msgs := authz.NewMsgExec(granteeAddr, []sdk.Msg{ @@ -219,7 +215,7 @@ func (s *TestSuite) TestDispatchedEvents() { }) // grant authorization - err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: smallCoin}, now) + err := app.AuthzKeeper.SaveGrant(s.ctx, granteeAddr, granterAddr, &banktypes.SendAuthorization{SpendLimit: smallCoin}, expiration) require.NoError(err) authorization, _ := app.AuthzKeeper.GetCleanAuthorization(s.ctx, granteeAddr, granterAddr, bankSendAuthMsgType) require.NotNil(authorization) From 972a7b8cc7764979b7713f1d0a7d844f1e922662 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 00:52:09 +0200 Subject: [PATCH 05/15] fix decoder test --- x/authz/simulation/decoder_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x/authz/simulation/decoder_test.go b/x/authz/simulation/decoder_test.go index 4851b6ec2ca2..cb6e1502fb4f 100644 --- a/x/authz/simulation/decoder_test.go +++ b/x/authz/simulation/decoder_test.go @@ -20,7 +20,8 @@ func TestDecodeStore(t *testing.T) { cdc := simapp.MakeTestEncodingConfig().Codec dec := simulation.NewDecodeStore(cdc) - grant, _ := authz.NewGrant(banktypes.NewSendAuthorization(sdk.NewCoins(sdk.NewInt64Coin("foo", 123))), time.Now().UTC()) + now := time.Now().UTC() + grant, _ := authz.NewGrant(now, banktypes.NewSendAuthorization(sdk.NewCoins(sdk.NewInt64Coin("foo", 123))), now.Add(1)) grantBz, err := cdc.Marshal(&grant) require.NoError(t, err) kvPairs := kv.Pairs{ From f2799e1213d7a4d519027e91027c2daa9706cff3 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 12:00:39 +0200 Subject: [PATCH 06/15] cleaning --- x/authz/authorization_grant_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/x/authz/authorization_grant_test.go b/x/authz/authorization_grant_test.go index 0d56ea37dd58..130527ada698 100644 --- a/x/authz/authorization_grant_test.go +++ b/x/authz/authorization_grant_test.go @@ -4,7 +4,6 @@ import ( "testing" "time" - // banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" "github.com/stretchr/testify/require" ) @@ -18,7 +17,6 @@ func expecError(r *require.Assertions, expected string, received error) { } func TestNewGrant(t *testing.T) { - // ba := banktypes.NewSendAuthorization(sdk.NewCoins(sdk.NewInt64Coin("foo", 123))) a := NewGenericAuthorization("some-type") var tcs = []struct { title string From 2dd1818a0929ffc0c8027cdb9f1c9c2322505b93 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 14:47:58 +0200 Subject: [PATCH 07/15] wip - tests --- x/authz/authorization_grant.go | 2 ++ x/authz/client/testutil/tx.go | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/x/authz/authorization_grant.go b/x/authz/authorization_grant.go index 90f953e5026f..f537307b93aa 100644 --- a/x/authz/authorization_grant.go +++ b/x/authz/authorization_grant.go @@ -1,6 +1,7 @@ package authz import ( + fmt "fmt" "time" proto "github.com/gogo/protobuf/proto" @@ -11,6 +12,7 @@ import ( // NewGrant returns new Grant func NewGrant(blockTime time.Time, a Authorization, expiration time.Time) (Grant, error) { + fmt.Println(">>> blockTime", blockTime, "expiration: ", expiration) if !expiration.After(blockTime) { return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339)) } diff --git a/x/authz/client/testutil/tx.go b/x/authz/client/testutil/tx.go index dc4f1b00e281..7f4c86863057 100644 --- a/x/authz/client/testutil/tx.go +++ b/x/authz/client/testutil/tx.go @@ -121,8 +121,8 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { val := s.network.Validators[0] grantee := s.grantee[0] - twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() - pastHour := time.Now().Add(time.Minute * time.Duration(-60)).Unix() + twoHours := time.Now().Add(time.Minute * 120).Unix() + pastHour := time.Now().Add(time.Minute * -60).Unix() testCases := []struct { name string @@ -314,9 +314,13 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { } for _, tc := range testCases { + if "Invalid expiration time" != tc.name { + continue + } tc := tc s.Run(tc.name, func() { clientCtx := val.ClientCtx + fmt.Println(">> test", tc.name, pastHour, "\n-----") out, err := ExecGrant( val, tc.args, From bed10a3ec2f2cace62b1be6c21a4940ed31fecb3 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 20:20:13 +0200 Subject: [PATCH 08/15] fix cli test --- x/authz/authorization_grant.go | 2 -- x/authz/authorization_grant_test.go | 1 + x/authz/client/cli/tx.go | 2 +- x/authz/client/testutil/grpc.go | 2 +- x/authz/client/testutil/query.go | 4 +-- x/authz/client/testutil/test_helpers.go | 2 +- x/authz/client/testutil/tx.go | 37 +++++++++++-------------- 7 files changed, 22 insertions(+), 28 deletions(-) diff --git a/x/authz/authorization_grant.go b/x/authz/authorization_grant.go index f537307b93aa..90f953e5026f 100644 --- a/x/authz/authorization_grant.go +++ b/x/authz/authorization_grant.go @@ -1,7 +1,6 @@ package authz import ( - fmt "fmt" "time" proto "github.com/gogo/protobuf/proto" @@ -12,7 +11,6 @@ import ( // NewGrant returns new Grant func NewGrant(blockTime time.Time, a Authorization, expiration time.Time) (Grant, error) { - fmt.Println(">>> blockTime", blockTime, "expiration: ", expiration) if !expiration.After(blockTime) { return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339)) } diff --git a/x/authz/authorization_grant_test.go b/x/authz/authorization_grant_test.go index 130527ada698..849b48d32ac8 100644 --- a/x/authz/authorization_grant_test.go +++ b/x/authz/authorization_grant_test.go @@ -32,6 +32,7 @@ func TestNewGrant(t *testing.T) { } for _, tc := range tcs { + tc := tc t.Run(tc.title, func(t *testing.T) { _, err := NewGrant(tc.blockTime, tc.a, tc.expire) expecError(require.New(t), tc.err, err) diff --git a/x/authz/client/cli/tx.go b/x/authz/client/cli/tx.go index c3157684d24c..19349e2c65dc 100644 --- a/x/authz/client/cli/tx.go +++ b/x/authz/client/cli/tx.go @@ -56,7 +56,7 @@ func NewCmdGrantAuthorization() *cobra.Command { Use: "grant --from ", Short: "Grant authorization to an address", Long: strings.TrimSpace( - fmt.Sprintf(`grant authorization to an address to execute a transaction on your behalf: + fmt.Sprintf(`create a new grant authorization to an address to execute a transaction on your behalf: Examples: $ %s tx %s grant cosmos1skjw.. send %s --spend-limit=1000stake --from=cosmos1skl.. diff --git a/x/authz/client/testutil/grpc.go b/x/authz/client/testutil/grpc.go index 8f5d6a429a30..0f8fd7acb565 100644 --- a/x/authz/client/testutil/grpc.go +++ b/x/authz/client/testutil/grpc.go @@ -107,7 +107,7 @@ func (s *IntegrationTestSuite) TestQueryGrantsGRPC() { false, "", func() { - _, err := ExecGrant(val, []string{ + _, err := CreateGrant(val, []string{ grantee.String(), "generic", fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()), diff --git a/x/authz/client/testutil/query.go b/x/authz/client/testutil/query.go index 1fdad077c136..554ba3037158 100644 --- a/x/authz/client/testutil/query.go +++ b/x/authz/client/testutil/query.go @@ -20,7 +20,7 @@ func (s *IntegrationTestSuite) TestQueryAuthorizations() { grantee := s.grantee[0] twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -98,7 +98,7 @@ func (s *IntegrationTestSuite) TestQueryAuthorization() { grantee := s.grantee[0] twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), diff --git a/x/authz/client/testutil/test_helpers.go b/x/authz/client/testutil/test_helpers.go index 1a1cd4830fc1..f1a990c54c9a 100644 --- a/x/authz/client/testutil/test_helpers.go +++ b/x/authz/client/testutil/test_helpers.go @@ -7,7 +7,7 @@ import ( "github.com/cosmos/cosmos-sdk/x/authz/client/cli" ) -func ExecGrant(val *network.Validator, args []string) (testutil.BufferWriter, error) { +func CreateGrant(val *network.Validator, args []string) (testutil.BufferWriter, error) { cmd := cli.NewCmdGrantAuthorization() clientCtx := val.ClientCtx return clitestutil.ExecTestCLICmd(clientCtx, cmd, args) diff --git a/x/authz/client/testutil/tx.go b/x/authz/client/testutil/tx.go index 7f4c86863057..742c38b8d491 100644 --- a/x/authz/client/testutil/tx.go +++ b/x/authz/client/testutil/tx.go @@ -64,7 +64,7 @@ func (s *IntegrationTestSuite) SetupSuite() { s.msgSendExec(s.grantee[1]) // grant send authorization to grantee2 - out, err := ExecGrant(val, []string{ + out, err := CreateGrant(val, []string{ s.grantee[1].String(), "send", fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit), @@ -122,7 +122,7 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { grantee := s.grantee[0] twoHours := time.Now().Add(time.Minute * 120).Unix() - pastHour := time.Now().Add(time.Minute * -60).Unix() + pastHour := time.Now().Add(-time.Minute * 60).Unix() testCases := []struct { name string @@ -163,7 +163,7 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { "send", fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit), fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()), - fmt.Sprintf("--%s=true", flags.FlagGenerateOnly), + fmt.Sprintf("--%s=true", flags.FlagBroadcastMode), fmt.Sprintf("--%s=%d", cli.FlagExpiration, pastHour), }, 0, @@ -314,19 +314,14 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() { } for _, tc := range testCases { - if "Invalid expiration time" != tc.name { - continue - } - tc := tc s.Run(tc.name, func() { clientCtx := val.ClientCtx - fmt.Println(">> test", tc.name, pastHour, "\n-----") - out, err := ExecGrant( + out, err := CreateGrant( val, tc.args, ) if tc.expectErr { - s.Require().Error(err) + s.Require().Error(err, out) } else { var txResp sdk.TxResponse s.Require().NoError(err) @@ -350,7 +345,7 @@ func (s *IntegrationTestSuite) TestCmdRevokeAuthorizations() { twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() // send-authorization - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -366,7 +361,7 @@ func (s *IntegrationTestSuite) TestCmdRevokeAuthorizations() { s.Require().NoError(err) // generic-authorization - _, err = ExecGrant( + _, err = CreateGrant( val, []string{ grantee.String(), @@ -382,7 +377,7 @@ func (s *IntegrationTestSuite) TestCmdRevokeAuthorizations() { s.Require().NoError(err) // generic-authorization used for amino testing - _, err = ExecGrant( + _, err = CreateGrant( val, []string{ grantee.String(), @@ -495,7 +490,7 @@ func (s *IntegrationTestSuite) TestExecAuthorizationWithExpiration() { grantee := s.grantee[0] tenSeconds := time.Now().Add(time.Second * time.Duration(10)).Unix() - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -535,7 +530,7 @@ func (s *IntegrationTestSuite) TestNewExecGenericAuthorized() { grantee := s.grantee[0] twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -637,7 +632,7 @@ func (s *IntegrationTestSuite) TestNewExecGrantAuthorized() { grantee := s.grantee[0] twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -722,7 +717,7 @@ func (s *IntegrationTestSuite) TestExecDelegateAuthorization() { grantee := s.grantee[0] twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -814,7 +809,7 @@ func (s *IntegrationTestSuite) TestExecDelegateAuthorization() { } // test delegate no spend-limit - _, err = ExecGrant( + _, err = CreateGrant( val, []string{ grantee.String(), @@ -891,7 +886,7 @@ func (s *IntegrationTestSuite) TestExecDelegateAuthorization() { } // test delegating to denied validator - _, err = ExecGrant( + _, err = CreateGrant( val, []string{ grantee.String(), @@ -926,7 +921,7 @@ func (s *IntegrationTestSuite) TestExecUndelegateAuthorization() { twoHours := time.Now().Add(time.Minute * time.Duration(120)).Unix() // granting undelegate msg authorization - _, err := ExecGrant( + _, err := CreateGrant( val, []string{ grantee.String(), @@ -1035,7 +1030,7 @@ func (s *IntegrationTestSuite) TestExecUndelegateAuthorization() { } // grant undelegate authorization without limit - _, err = ExecGrant( + _, err = CreateGrant( val, []string{ grantee.String(), From 44acf3f7442fe7c920715f48cab8f35e7f649371 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 13 Oct 2021 23:31:19 +0200 Subject: [PATCH 09/15] add a comment --- x/authz/authorization_grant_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/x/authz/authorization_grant_test.go b/x/authz/authorization_grant_test.go index 849b48d32ac8..ece0668c2f64 100644 --- a/x/authz/authorization_grant_test.go +++ b/x/authz/authorization_grant_test.go @@ -7,6 +7,7 @@ import ( "github.com/stretchr/testify/require" ) +// TODO: remove and use: robert/expect-error func expecError(r *require.Assertions, expected string, received error) { if expected == "" { r.NoError(received) From 5b1a54fbc24360566480bbebd4e566895244dde1 Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Thu, 14 Oct 2021 00:46:45 +0200 Subject: [PATCH 10/15] update TestMsgGrantAuthorization --- x/authz/msgs_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/authz/msgs_test.go b/x/authz/msgs_test.go index c7b4192d3783..722ba38f0ca8 100644 --- a/x/authz/msgs_test.go +++ b/x/authz/msgs_test.go @@ -80,7 +80,7 @@ func TestMsgGrantAuthorization(t *testing.T) { {"nil granter and grantee address", nil, nil, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now(), false, false}, {"nil authorization", granter, grantee, nil, time.Now(), true, false}, {"valid test case", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 1, 0), false, true}, - {"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, true}, // TODO need 0.45 + {"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), true, true}, } for i, tc := range tests { msg, err := authz.NewMsgGrant( From 3bf3409876eab07c5341f0fa8807e2c23c4d7aac Mon Sep 17 00:00:00 2001 From: Robert Zaremba Date: Wed, 27 Oct 2021 13:37:27 +0200 Subject: [PATCH 11/15] udpate changelog --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ec5ca6c31630..ac3cb313b0b4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -101,8 +101,8 @@ Ref: https://keepachangelog.com/en/1.0.0/ * Move Msg routers from BaseApp to middlewares. * Move Baseapp panic recovery into a middleware. * Rename simulation helper methods `baseapp.{Check,Deliver}` to `baseapp.Sim{Check,Deliver}`. -* (x/authz) [\#10350](https://github.com/cosmos/cosmos-sdk/issues/10350) authz `NewGrant` takes a new argument: block time, to correctly validate expire time. * [\#10348](https://github.com/cosmos/cosmos-sdk/pull/10348) StdSignBytes takes a new argument of type `*tx.Tip` for signing over tips using LEGACY_AMINO_JSON. +* (x/authz) [\#10447](https://github.com/cosmos/cosmos-sdk/pull/10447) authz `NewGrant` takes a new argument: block time, to correctly validate expire time. ### Client Breaking Changes @@ -160,7 +160,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * [\#10239](https://github.com/cosmos/cosmos-sdk/pull/10239) Fixed x/bank/044 migrateDenomMetadata. * (x/upgrade) [\#10189](https://github.com/cosmos/cosmos-sdk/issues/10189) Removed potential sources of non-determinism in upgrades * [\#10258](https://github.com/cosmos/cosmos-sdk/issues/10258) Fixes issue related to segmentaiton fault on mac m1 arm64 -* (x/authz) [\#10350](https://github.com/cosmos/cosmos-sdk/issues/10350) Fix authz `NewGrant` expiration check. +* (x/authz) [\#10447](https://github.com/cosmos/cosmos-sdk/pull/10447) Fix authz `NewGrant` expiration check. ### State Machine Breaking From 7163865d4654d5a899a0a633b784fba777b02b06 Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Mon, 7 Feb 2022 15:22:28 +0530 Subject: [PATCH 12/15] fix sims --- x/authz/keeper/keeper.go | 6 +++ x/authz/simulation/genesis.go | 6 ++- x/authz/simulation/operations.go | 59 ++++++++++++--------------- x/authz/simulation/operations_test.go | 8 ++-- 4 files changed, 41 insertions(+), 38 deletions(-) diff --git a/x/authz/keeper/keeper.go b/x/authz/keeper/keeper.go index ced2c8e00193..11ad84ee7867 100644 --- a/x/authz/keeper/keeper.go +++ b/x/authz/keeper/keeper.go @@ -234,14 +234,20 @@ func (k Keeper) ExportGenesis(ctx sdk.Context) *authz.GenesisState { // InitGenesis new authz genesis func (k Keeper) InitGenesis(ctx sdk.Context, data *authz.GenesisState) { for _, entry := range data.Authorization { + if entry.Expiration.Before(ctx.BlockTime()) { + continue + } + grantee, err := sdk.AccAddressFromBech32(entry.Grantee) if err != nil { panic(err) } + granter, err := sdk.AccAddressFromBech32(entry.Granter) if err != nil { panic(err) } + a, ok := entry.Authorization.GetCachedValue().(authz.Authorization) if !ok { panic("expected authorization") diff --git a/x/authz/simulation/genesis.go b/x/authz/simulation/genesis.go index b95207be9758..d6d0e2e8626a 100644 --- a/x/authz/simulation/genesis.go +++ b/x/authz/simulation/genesis.go @@ -2,6 +2,7 @@ package simulation import ( "math/rand" + "time" codectypes "github.com/cosmos/cosmos-sdk/codec/types" sdk "github.com/cosmos/cosmos-sdk/types" @@ -13,7 +14,7 @@ import ( ) // genGrant returns a slice of authorization grants. -func genGrant(r *rand.Rand, accounts []simtypes.Account) []authz.GrantAuthorization { +func genGrant(r *rand.Rand, accounts []simtypes.Account, genT time.Time) []authz.GrantAuthorization { authorizations := make([]authz.GrantAuthorization, len(accounts)-1) for i := 0; i < len(accounts)-1; i++ { granter := accounts[i] @@ -22,6 +23,7 @@ func genGrant(r *rand.Rand, accounts []simtypes.Account) []authz.GrantAuthorizat Granter: granter.Address.String(), Grantee: grantee.Address.String(), Authorization: generateRandomGrant(r), + Expiration: genT.AddDate(1, 0, 0), } } @@ -50,7 +52,7 @@ func RandomizedGenState(simState *module.SimulationState) { var grants []authz.GrantAuthorization simState.AppParams.GetOrGenerate( simState.Cdc, "authz", &grants, simState.Rand, - func(r *rand.Rand) { grants = genGrant(r, simState.Accounts) }, + func(r *rand.Rand) { grants = genGrant(r, simState.Accounts, simState.GenTimestamp) }, ) authzGrantsGenesis := authz.NewGenesisState(grants) diff --git a/x/authz/simulation/operations.go b/x/authz/simulation/operations.go index 841acb79f66a..977f83926399 100644 --- a/x/authz/simulation/operations.go +++ b/x/authz/simulation/operations.go @@ -1,11 +1,8 @@ package simulation import ( - "fmt" "math/rand" - "github.com/gogo/protobuf/proto" - "github.com/cosmos/cosmos-sdk/baseapp" "github.com/cosmos/cosmos-sdk/codec" cdctypes "github.com/cosmos/cosmos-sdk/codec/types" @@ -49,8 +46,8 @@ func WeightedOperations( var ( weightMsgGrant int - weightRevoke int weightExec int + weightRevoke int ) appParams.GetOrGenerate(cdc, OpWeightMsgGrant, &weightMsgGrant, nil, @@ -59,15 +56,15 @@ func WeightedOperations( }, ) - appParams.GetOrGenerate(cdc, OpWeightRevoke, &weightRevoke, nil, + appParams.GetOrGenerate(cdc, OpWeightExec, &weightExec, nil, func(_ *rand.Rand) { - weightRevoke = WeightRevoke + weightExec = WeightExec }, ) - appParams.GetOrGenerate(cdc, OpWeightExec, &weightExec, nil, + appParams.GetOrGenerate(cdc, OpWeightRevoke, &weightRevoke, nil, func(_ *rand.Rand) { - weightExec = WeightExec + weightRevoke = WeightRevoke }, ) @@ -76,14 +73,14 @@ func WeightedOperations( weightMsgGrant, SimulateMsgGrant(ak, bk, k), ), - simulation.NewWeightedOperation( - weightRevoke, - SimulateMsgRevoke(ak, bk, k), - ), simulation.NewWeightedOperation( weightExec, SimulateMsgExec(ak, bk, k, appCdc), ), + simulation.NewWeightedOperation( + weightRevoke, + SimulateMsgRevoke(ak, bk, k), + ), } } @@ -236,42 +233,40 @@ func SimulateMsgExec(ak authz.AccountKeeper, bk authz.BankKeeper, k keeper.Keepe return simtypes.NoOpMsg(authz.ModuleName, TypeMsgRevoke, "Account not found"), nil, sdkerrors.Wrapf(sdkerrors.ErrNotFound, "granter account not found") } - if targetGrant.Expiration.Before(ctx.BlockHeader().Time) { - return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "grant expired"), nil, nil - } + granterspendableCoins := bk.SpendableCoins(ctx, granterAddr) + coins := simtypes.RandSubsetCoins(r, granterspendableCoins) - coins := sdk.NewCoins(sdk.NewCoin("stake", sdk.NewInt(int64(simtypes.RandIntBetween(r, 100, 1000000))))) + msg := []sdk.Msg{banktype.NewMsgSend(granterAddr, granteeAddr, coins)} + sendAuth, ok := targetGrant.GetAuthorization().(*banktype.SendAuthorization) + if !ok { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "not a send authorization"), nil, nil + } - // Check send_enabled status of each sent coin denom - if err := bk.IsSendEnabledCoins(ctx, coins...); err != nil { - return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, err.Error()), nil, nil + if sendAuth.SpendLimit.IsAllLTE(coins) { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "over spent"), nil, nil } - if targetGrant.Authorization.TypeUrl == fmt.Sprintf("/%s", proto.MessageName(&banktype.SendAuthorization{})) { - sendAuthorization := targetGrant.GetAuthorization().(*banktype.SendAuthorization) - if sendAuthorization.SpendLimit.IsAllLT(coins) { - return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "over spend limit"), nil, nil - } + res, err := sendAuth.Accept(ctx, msg[0]) + if err != nil { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, err.Error()), nil, err } - granterspendableCoins := bk.SpendableCoins(ctx, granterAddr) - if granterspendableCoins.IsAllLTE(coins) { - return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "insufficient funds"), nil, nil + if !res.Accept { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "expired or invalid grant"), nil, nil } + msgExec := authz.NewMsgExec(granteeAddr, msg) granteeSpendableCoins := bk.SpendableCoins(ctx, granteeAddr) fees, err := simtypes.RandomFees(r, ctx, granteeSpendableCoins) if err != nil { return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "fee error"), nil, err } - - msg := authz.NewMsgExec(granteeAddr, []sdk.Msg{banktype.NewMsgSend(granterAddr, granteeAddr, coins)}) txCfg := simappparams.MakeTestEncodingConfig().TxConfig granteeAcc := ak.GetAccount(ctx, granteeAddr) tx, err := helpers.GenTx( txCfg, - []sdk.Msg{&msg}, + []sdk.Msg{&msgExec}, fees, helpers.DefaultGenTxGas, chainID, @@ -288,10 +283,10 @@ func SimulateMsgExec(ak authz.AccountKeeper, bk authz.BankKeeper, k keeper.Keepe return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, err.Error()), nil, err } - err = msg.UnpackInterfaces(cdc) + err = msgExec.UnpackInterfaces(cdc) if err != nil { return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "unmarshal error"), nil, err } - return simtypes.NewOperationMsg(&msg, true, "success", nil), nil, nil + return simtypes.NewOperationMsg(&msgExec, true, "success", nil), nil, nil } } diff --git a/x/authz/simulation/operations_test.go b/x/authz/simulation/operations_test.go index 42255c84977e..ac57333bc32c 100644 --- a/x/authz/simulation/operations_test.go +++ b/x/authz/simulation/operations_test.go @@ -43,16 +43,16 @@ func (suite *SimTestSuite) TestWeightedOperations() { // setup 3 accounts s := rand.NewSource(1) r := rand.New(s) - accs := suite.getTestingAccounts(r, 3) + accs := suite.getTestingAccounts(r, 2) expected := []struct { weight int opMsgRoute string opMsgName string }{ - {simulation.WeightGrant, authz.ModuleName, simulation.TypeMsgGrant}, - {simulation.WeightRevoke, authz.ModuleName, simulation.TypeMsgRevoke}, - {simulation.WeightExec, authz.ModuleName, simulation.TypeMsgExec}, + {simulation.WeightGrant, simulation.TypeMsgGrant, simulation.TypeMsgGrant}, + {simulation.WeightExec, simulation.TypeMsgExec, simulation.TypeMsgExec}, + {simulation.WeightRevoke, simulation.TypeMsgRevoke, simulation.TypeMsgRevoke}, } for i, w := range weightedOps { From c5e211b2d7eec33b05411b672b3e2192a1aca496 Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Mon, 7 Feb 2022 15:49:34 +0530 Subject: [PATCH 13/15] fix sims --- CHANGELOG.md | 1 + x/authz/client/testutil/tx.go | 2 +- x/authz/simulation/operations.go | 5 +++++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7b2afd89c94c..ce740cfc0161 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -110,6 +110,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * Move Msg routers from BaseApp to middlewares. * Move Baseapp panic recovery into a middleware. * Rename simulation helper methods `baseapp.{Check,Deliver}` to `baseapp.Sim{Check,Deliver}`. +* (x/gov) [\#10373](https://github.com/cosmos/cosmos-sdk/pull/10373) Removed gov `keeper.{MustMarshal, MustUnmarshal}`. * [\#10348](https://github.com/cosmos/cosmos-sdk/pull/10348) StdSignBytes takes a new argument of type `*tx.Tip` for signing over tips using LEGACY_AMINO_JSON. * [\#10208](https://github.com/cosmos/cosmos-sdk/pull/10208) The `x/auth/signing.Tx` interface now also includes a new `GetTip() *tx.Tip` method for verifying tipped transactions. The `x/auth/types` expected BankKeeper interface now expects the `SendCoins` method too. * [\#10612](https://github.com/cosmos/cosmos-sdk/pull/10612) `baseapp.NewBaseApp` constructor function doesn't take the `sdk.TxDecoder` anymore. This logic has been moved into the TxDecoderMiddleware. diff --git a/x/authz/client/testutil/tx.go b/x/authz/client/testutil/tx.go index 1c488ebd63aa..200cc9f602c3 100644 --- a/x/authz/client/testutil/tx.go +++ b/x/authz/client/testutil/tx.go @@ -85,7 +85,7 @@ func (s *IntegrationTestSuite) SetupSuite() { s.grantee[2] = s.createAccount("grantee3") // grant send authorization to grantee3 - out, err = ExecGrant(val, []string{ + out, err = CreateGrant(val, []string{ s.grantee[2].String(), "send", fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit), diff --git a/x/authz/simulation/operations.go b/x/authz/simulation/operations.go index 977f83926399..7830b7b4548f 100644 --- a/x/authz/simulation/operations.go +++ b/x/authz/simulation/operations.go @@ -236,6 +236,11 @@ func SimulateMsgExec(ak authz.AccountKeeper, bk authz.BankKeeper, k keeper.Keepe granterspendableCoins := bk.SpendableCoins(ctx, granterAddr) coins := simtypes.RandSubsetCoins(r, granterspendableCoins) + // Check send_enabled status of each sent coin denom + if err := bk.IsSendEnabledCoins(ctx, coins...); err != nil { + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, err.Error()), nil, nil + } + msg := []sdk.Msg{banktype.NewMsgSend(granterAddr, granteeAddr, coins)} sendAuth, ok := targetGrant.GetAuthorization().(*banktype.SendAuthorization) if !ok { From d2045b19c4c426e448ac70377e196293f1d0f34c Mon Sep 17 00:00:00 2001 From: aleem1314 Date: Mon, 7 Feb 2022 16:19:40 +0530 Subject: [PATCH 14/15] update changelog --- CHANGELOG.md | 2 +- x/authz/simulation/operations.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ce740cfc0161..955e47976ac1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -109,7 +109,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * Replace `baseapp.SetAnteHandler` with `baseapp.SetTxHandler`. * Move Msg routers from BaseApp to middlewares. * Move Baseapp panic recovery into a middleware. - * Rename simulation helper methods `baseapp.{Check,Deliver}` to `baseapp.Sim{Check,Deliver}`. + * Rename simulation helper methods `baseapp.{Check,Deliver}` to `baseapp.Sim{Check,Deliver}**`. * (x/gov) [\#10373](https://github.com/cosmos/cosmos-sdk/pull/10373) Removed gov `keeper.{MustMarshal, MustUnmarshal}`. * [\#10348](https://github.com/cosmos/cosmos-sdk/pull/10348) StdSignBytes takes a new argument of type `*tx.Tip` for signing over tips using LEGACY_AMINO_JSON. * [\#10208](https://github.com/cosmos/cosmos-sdk/pull/10208) The `x/auth/signing.Tx` interface now also includes a new `GetTip() *tx.Tip` method for verifying tipped transactions. The `x/auth/types` expected BankKeeper interface now expects the `SendCoins` method too. diff --git a/x/authz/simulation/operations.go b/x/authz/simulation/operations.go index 7830b7b4548f..b70c3be054a7 100644 --- a/x/authz/simulation/operations.go +++ b/x/authz/simulation/operations.go @@ -248,7 +248,7 @@ func SimulateMsgExec(ak authz.AccountKeeper, bk authz.BankKeeper, k keeper.Keepe } if sendAuth.SpendLimit.IsAllLTE(coins) { - return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "over spent"), nil, nil + return simtypes.NoOpMsg(authz.ModuleName, TypeMsgExec, "over spend limit"), nil, nil } res, err := sendAuth.Accept(ctx, msg[0]) From e5a3683a653e6e03125dcea4f5a93eb2637876f9 Mon Sep 17 00:00:00 2001 From: Amaury <1293565+amaurym@users.noreply.github.com> Date: Mon, 7 Feb 2022 15:20:35 +0100 Subject: [PATCH 15/15] Update x/authz/authorization_grant.go --- x/authz/authorization_grant.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x/authz/authorization_grant.go b/x/authz/authorization_grant.go index 90f953e5026f..30bc1eec467d 100644 --- a/x/authz/authorization_grant.go +++ b/x/authz/authorization_grant.go @@ -9,7 +9,8 @@ import ( sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" ) -// NewGrant returns new Grant +// NewGrant returns new Grant. It returns an error if the expiration is before +// the current block time, which is passed into the `blockTime` arg. func NewGrant(blockTime time.Time, a Authorization, expiration time.Time) (Grant, error) { if !expiration.After(blockTime) { return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339))