feat!: ADR-014: Permissions improvements (#886)

## Description This PR improves the permissions systems as described on [ADR-014](https://github.com/desmos-labs/desmos/blob/master/docs/architecture/adr-014-improve-permissions.md). Closes: #855 --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [x] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [x] added `!` to the type prefix if API or client breaking change - [x] targeted the correct branch (see [PR Targeting](https://github.com/desmos-labs/desmos/blob/master/CONTRIBUTING.md#pr-targeting)) - [x] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://docs.cosmos.network/v0.44/building-modules/intro.html) - [x] included the necessary unit and integration [tests](https://github.com/desmos-labs/desmos/blob/master/CONTRIBUTING.md#testing) - [x] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [x] reviewed "Files changed" and left comments if necessary - [x] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable)
desmos-labs · Jun 8, 2022 · a97e44b · a97e44b
1 parent 06d0595
commit a97e44b
Show file tree

Hide file tree

Showing 69 changed files with 2,301 additions and 1,399 deletions.
diff --git a/.changeset/entries/4f5fc33e12f7e7c70e86f7673610e57cf287522455e702b5855dfbddc5789b7c.yaml b/.changeset/entries/4f5fc33e12f7e7c70e86f7673610e57cf287522455e702b5855dfbddc5789b7c.yaml
@@ -0,0 +1,6 @@
+type: feat
+module: x/subspaces
+pull_request: 886
+description: Improved how permissions are managed
+backward_compatible: false
+date: 2022-06-07T10:03:15.871498535Z
diff --git a/client/docs/swagger-ui/swagger.yaml b/client/docs/swagger-ui/swagger.yaml
@@ -4044,7 +4044,7 @@ paths:
  format: boolean
  tags:
  - Query
- /desmos/subspaces/v1/subspaces:
+ /desmos/subspaces/v2/subspaces:
  get:
  summary: Subspaces queries all the subspaces inside Desmos
  operationId: Subspaces
@@ -4203,7 +4203,7 @@ paths:
  format: boolean
  tags:
  - Query
- '/desmos/subspaces/v1/subspaces/{subspace_id}':
+ '/desmos/subspaces/v2/subspaces/{subspace_id}':
  get:
  summary: >-
  Subspace queries all the information about the subspace with the given
@@ -4280,7 +4280,7 @@ paths:
  format: uint64
  tags:
  - Query
- '/desmos/subspaces/v1/subspaces/{subspace_id}/groups':
+ '/desmos/subspaces/v2/subspaces/{subspace_id}/groups':
  get:
  summary: >-
  UserGroups queries all the groups that are present inside the subspace
@@ -4320,8 +4320,9 @@ paths:
  type: string
  title: Optional description of this group
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  title: >-
  Permissions that will be granted to all the users part
  of this group
@@ -4453,7 +4454,7 @@ paths:
  format: boolean
  tags:
  - Query
- '/desmos/subspaces/v1/subspaces/{subspace_id}/groups/{group_id}':
+ '/desmos/subspaces/v2/subspaces/{subspace_id}/groups/{group_id}':
  get:
  summary: |-
  UserGroup queries the user group having the given id inside the specific
@@ -4489,8 +4490,9 @@ paths:
  type: string
  title: Optional description of this group
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  title: >-
  Permissions that will be granted to all the users part of
  this group
@@ -4535,7 +4537,7 @@ paths:
  format: int64
  tags:
  - Query
- '/desmos/subspaces/v1/subspaces/{subspace_id}/groups/{group_id}/members':
+ '/desmos/subspaces/v2/subspaces/{subspace_id}/groups/{group_id}/members':
  get:
  summary: UserGroupMembers queries all the members of a given user group
  operationId: UserGroupMembers
@@ -4672,7 +4674,7 @@ paths:
  format: boolean
  tags:
  - Query
- '/desmos/subspaces/v1/subspaces/{subspace_id}/permissions/{user}':
+ '/desmos/subspaces/v2/subspaces/{subspace_id}/permissions/{user}':
  get:
  summary: UserPermissions queries the permissions for the given user
  operationId: UserPermissions
@@ -4683,8 +4685,9 @@ paths:
  type: object
  properties:
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  details:
  type: array
  items:
@@ -4706,9 +4709,10 @@ paths:
  type: string
  title: User for which the permission was set
  permission:
- type: integer
- format: int64
- title: Permission set to the user
+ type: array
+ items:
+ type: string
+ title: Permissions set to the user
  group:
  title: Group represents a group permission
  type: object
@@ -4718,9 +4722,10 @@ paths:
  format: int64
  title: Unique id of the group
  permission:
- type: integer
- format: int64
- title: Permission set to the group
+ type: array
+ items:
+ type: string
+ title: Permissions set to the group
  title: PermissionDetail contains the details data of a permission
  title: |-
  QueryUserPermissionsRequest is the response type for the
@@ -12232,9 +12237,10 @@ definitions:
  type: string
  title: User for which the permission was set
  permission:
- type: integer
- format: int64
- title: Permission set to the user
+ type: array
+ items:
+ type: string
+ title: Permissions set to the user
  group:
  title: Group represents a group permission
  type: object
@@ -12244,9 +12250,10 @@ definitions:
  format: int64
  title: Unique id of the group
  permission:
- type: integer
- format: int64
- title: Permission set to the group
+ type: array
+ items:
+ type: string
+ title: Permissions set to the group
  title: PermissionDetail contains the details data of a permission
  desmos.subspaces.v2.PermissionDetail.Group:
  type: object
@@ -12256,9 +12263,10 @@ definitions:
  format: int64
  title: Unique id of the group
  permission:
- type: integer
- format: int64
- title: Permission set to the group
+ type: array
+ items:
+ type: string
+ title: Permissions set to the group
  title: Group is a permission that has been set to a user group
  desmos.subspaces.v2.PermissionDetail.User:
  type: object
@@ -12267,9 +12275,10 @@ definitions:
  type: string
  title: User for which the permission was set
  permission:
- type: integer
- format: int64
- title: Permission set to the user
+ type: array
+ items:
+ type: string
+ title: Permissions set to the user
  title: User is a permission that has been set to a specific user
  desmos.subspaces.v2.QuerySectionResponse:
  type: object
@@ -12509,8 +12518,9 @@ definitions:
  type: string
  title: Optional description of this group
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  title: >-
  Permissions that will be granted to all the users part of this
  group
@@ -12545,8 +12555,9 @@ definitions:
  type: string
  title: Optional description of this group
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  title: >-
  Permissions that will be granted to all the users part of this
  group
@@ -12583,8 +12594,9 @@ definitions:
  type: object
  properties:
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  details:
  type: array
  items:
@@ -12606,9 +12618,10 @@ definitions:
  type: string
  title: User for which the permission was set
  permission:
- type: integer
- format: int64
- title: Permission set to the user
+ type: array
+ items:
+ type: string
+ title: Permissions set to the user
  group:
  title: Group represents a group permission
  type: object
@@ -12618,9 +12631,10 @@ definitions:
  format: int64
  title: Unique id of the group
  permission:
- type: integer
- format: int64
- title: Permission set to the group
+ type: array
+ items:
+ type: string
+ title: Permissions set to the group
  title: PermissionDetail contains the details data of a permission
  title: |-
  QueryUserPermissionsRequest is the response type for the
@@ -12700,8 +12714,9 @@ definitions:
  type: string
  title: Optional description of this group
  permissions:
- type: integer
- format: int64
+ type: array
+ items:
+ type: string
  title: Permissions that will be granted to all the users part of this group
  title: UserGroup represents a group of users
  desmos.posts.v1.Attachment:

diff --git a/proto/desmos/subspaces/v2/genesis.proto b/proto/desmos/subspaces/v2/genesis.proto
@@ -38,17 +38,6 @@ message SubspaceData {
  uint32 next_section_id = 3 [ (gogoproto.customname) = "NextSectionID" ];
 }
 
-// UserPermission represents a single Access Control List entry
-message UserPermission {
- option (gogoproto.equal) = true;
- option (gogoproto.goproto_stringer) = true;
-
- uint64 subspace_id = 1 [ (gogoproto.customname) = "SubspaceID" ];
- uint32 section_id = 2 [ (gogoproto.customname) = "SectionID" ];
- string user = 3;
- uint32 permissions = 4;
-}
-
 // UserGroupMemberEntry contains the details of a user group member
 message UserGroupMemberEntry {
  option (gogoproto.equal) = true;

diff --git a/proto/desmos/subspaces/v2/models.proto b/proto/desmos/subspaces/v2/models.proto
@@ -95,5 +95,19 @@ message UserGroup {
  string description = 5 [ (gogoproto.moretags) = "yaml:\"description\"" ];
 
  // Permissions that will be granted to all the users part of this group
- uint32 permissions = 6 [ (gogoproto.moretags) = "yaml:\"permissions\"" ];
+ repeated string permissions = 6 [
+ (gogoproto.castrepeated) = "Permissions",
+ (gogoproto.moretags) = "yaml:\"permissions\""
+ ];
 }
+
+// UserPermission represents a single Access Control List entry
+message UserPermission {
+ option (gogoproto.equal) = true;
+ option (gogoproto.goproto_stringer) = true;
+
+ uint64 subspace_id = 1 [ (gogoproto.customname) = "SubspaceID" ];
+ uint32 section_id = 2 [ (gogoproto.customname) = "SectionID" ];
+ string user = 3;
+ repeated string permissions = 4 [ (gogoproto.castrepeated) = "Permissions" ];
+}
diff --git a/proto/desmos/subspaces/v2/msgs.proto b/proto/desmos/subspaces/v2/msgs.proto
@@ -253,7 +253,7 @@ message MsgCreateUserGroup {
  string description = 4 [ (gogoproto.moretags) = "yaml:\"description\"" ];
 
  // Default permissions to be applied to the group
- uint32 default_permissions = 5
+ repeated string default_permissions = 5
  [ (gogoproto.moretags) = "yaml:\"default_permissions\"" ];
 
  // Creator of the group
@@ -339,7 +339,8 @@ message MsgSetUserGroupPermissions {
  ];
 
  // New permissions to be set to the group
- uint32 permissions = 3 [ (gogoproto.moretags) = "yaml:\"permissions\"" ];
+ repeated string permissions = 3
+ [ (gogoproto.moretags) = "yaml:\"permissions\"" ];
 
  // User setting the new permissions
  string signer = 4 [ (gogoproto.moretags) = "yaml:\"signer\"" ];
@@ -445,7 +446,8 @@ message MsgSetUserPermissions {
  string user = 3 [ (gogoproto.moretags) = "yaml:\"user\"" ];
 
  // Permissions to be set to the user
- uint32 permissions = 4 [ (gogoproto.moretags) = "yaml:\"permissions\"" ];
+ repeated string permissions = 4
+ [ (gogoproto.moretags) = "yaml:\"permissions\"" ];
 
  // User signing the message
  string signer = 5 [ (gogoproto.moretags) = "yaml:\"signer\"" ];