Fix contributor oracle permission auth
It seems that the entity is either defined by the permission or if we want to use the oracle the permission must be defined for any_entity. In that case the oracle does not get the msg.sender as who/entity thus we will use tx.origin in that case.
This commit is contained in:
parent
91135dbc82
commit
1b09a30646
@ -14,20 +14,20 @@ contract Contributor is AragonApp {
|
|||||||
bool exists;
|
bool exists;
|
||||||
}
|
}
|
||||||
|
|
||||||
mapping (address => uint) public contributorIds;
|
mapping (address => uint256) public contributorIds;
|
||||||
mapping (uint => Contributor) public contributors;
|
mapping (uint256 => Contributor) public contributors;
|
||||||
uint256 public contributorsCount;
|
uint256 public contributorsCount;
|
||||||
|
|
||||||
// ensure alphabetic order
|
// ensure alphabetic order
|
||||||
enum Apps { Contribution, Contributor, Proposal, Token }
|
enum Apps { Contribution, Contributor, Proposal, Token }
|
||||||
bytes32[4] public appIds;
|
bytes32[4] public appIds;
|
||||||
|
|
||||||
event ContributorProfileUpdated(uint id, bytes32 oldIpfsHash, bytes32 newIpfsHash);
|
event ContributorProfileUpdated(uint256 id, bytes32 oldIpfsHash, bytes32 newIpfsHash);
|
||||||
event ContributorAccountUpdated(uint id, address oldAccount, address newAccount);
|
event ContributorAccountUpdated(uint256 id, address oldAccount, address newAccount);
|
||||||
event ContributorAdded(uint id, address account);
|
event ContributorAdded(uint256 id, address account);
|
||||||
|
|
||||||
function initialize(address root,bytes32[4] _appIds) public onlyInit {
|
function initialize(address root,bytes32[4] _appIds) public onlyInit {
|
||||||
uint _id = contributorsCount + 1;
|
uint256 _id = contributorsCount + 1;
|
||||||
Contributor storage c = contributors[_id];
|
Contributor storage c = contributors[_id];
|
||||||
c.exists = true;
|
c.exists = true;
|
||||||
c.isCore = true;
|
c.isCore = true;
|
||||||
@ -40,8 +40,8 @@ contract Contributor is AragonApp {
|
|||||||
initialized();
|
initialized();
|
||||||
}
|
}
|
||||||
|
|
||||||
function coreContributorsCount() view public returns (uint) {
|
function coreContributorsCount() view public returns (uint256) {
|
||||||
uint count = 0;
|
uint256 count = 0;
|
||||||
for (uint256 i = 1; i <= contributorsCount; i++) {
|
for (uint256 i = 1; i <= contributorsCount; i++) {
|
||||||
if (contributors[i].isCore) {
|
if (contributors[i].isCore) {
|
||||||
count += 1;
|
count += 1;
|
||||||
@ -50,14 +50,14 @@ contract Contributor is AragonApp {
|
|||||||
return count;
|
return count;
|
||||||
}
|
}
|
||||||
|
|
||||||
function updateContributorAccount(uint id, address oldAccount, address newAccount) public auth(MANAGE_CONTRIBUTORS_ROLE) {
|
function updateContributorAccount(uint256 id, address oldAccount, address newAccount) public auth(MANAGE_CONTRIBUTORS_ROLE) {
|
||||||
contributorIds[oldAccount] = 0;
|
contributorIds[oldAccount] = 0;
|
||||||
contributorIds[newAccount] = id;
|
contributorIds[newAccount] = id;
|
||||||
contributors[id].account = newAccount;
|
contributors[id].account = newAccount;
|
||||||
ContributorAccountUpdated(id, oldAccount, newAccount);
|
ContributorAccountUpdated(id, oldAccount, newAccount);
|
||||||
}
|
}
|
||||||
|
|
||||||
function updateContributorIpfsHash(uint id, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {
|
function updateContributorIpfsHash(uint256 id, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {
|
||||||
Contributor storage c = contributors[id];
|
Contributor storage c = contributors[id];
|
||||||
bytes32 oldIpfsHash = c.ipfsHash;
|
bytes32 oldIpfsHash = c.ipfsHash;
|
||||||
c.ipfsHash = ipfsHash;
|
c.ipfsHash = ipfsHash;
|
||||||
@ -69,7 +69,7 @@ contract Contributor is AragonApp {
|
|||||||
|
|
||||||
function addContributor(address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {
|
function addContributor(address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {
|
||||||
require(!addressExists(account));
|
require(!addressExists(account));
|
||||||
uint _id = contributorsCount + 1;
|
uint256 _id = contributorsCount + 1;
|
||||||
assert(!contributors[_id].exists); // this can not be acually
|
assert(!contributors[_id].exists); // this can not be acually
|
||||||
Contributor storage c = contributors[_id];
|
Contributor storage c = contributors[_id];
|
||||||
c.exists = true;
|
c.exists = true;
|
||||||
@ -84,11 +84,11 @@ contract Contributor is AragonApp {
|
|||||||
emit ContributorAdded(_id, account);
|
emit ContributorAdded(_id, account);
|
||||||
}
|
}
|
||||||
|
|
||||||
function isCore(uint id) view public returns (bool) {
|
function isCore(uint256 id) view public returns (bool) {
|
||||||
return contributors[id].isCore;
|
return contributors[id].isCore;
|
||||||
}
|
}
|
||||||
|
|
||||||
function exists(uint id) view public returns (bool) {
|
function exists(uint256 id) view public returns (bool) {
|
||||||
return contributors[id].exists;
|
return contributors[id].exists;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -100,20 +100,20 @@ contract Contributor is AragonApp {
|
|||||||
return getContributorByAddress(account).exists;
|
return getContributorByAddress(account).exists;
|
||||||
}
|
}
|
||||||
|
|
||||||
function getContributorIdByAddress(address account) view public returns (uint) {
|
function getContributorIdByAddress(address account) view public returns (uint256) {
|
||||||
return contributorIds[account];
|
return contributorIds[account];
|
||||||
}
|
}
|
||||||
|
|
||||||
function getContributorAddressById(uint id) view public returns (address) {
|
function getContributorAddressById(uint256 id) view public returns (address) {
|
||||||
return contributors[id].account;
|
return contributors[id].account;
|
||||||
}
|
}
|
||||||
|
|
||||||
function getContributorByAddress(address account) internal view returns (Contributor) {
|
function getContributorByAddress(address account) internal view returns (Contributor) {
|
||||||
uint id = contributorIds[account];
|
uint256 id = contributorIds[account];
|
||||||
return contributors[id];
|
return contributors[id];
|
||||||
}
|
}
|
||||||
|
|
||||||
function getContributorById(uint _id) public view returns (uint id, address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore, bool exists ) {
|
function getContributorById(uint256 _id) public view returns (uint256 id, address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore, bool exists ) {
|
||||||
id = _id;
|
id = _id;
|
||||||
Contributor storage c = contributors[_id];
|
Contributor storage c = contributors[_id];
|
||||||
account = c.account;
|
account = c.account;
|
||||||
@ -124,7 +124,16 @@ contract Contributor is AragonApp {
|
|||||||
exists = c.exists;
|
exists = c.exists;
|
||||||
}
|
}
|
||||||
|
|
||||||
function canPerform(address _who, address _where, bytes32 _what, uint256[] _how) public view returns (bool) {
|
function canPerform(address _who, address _where, bytes32 _what, uint256[] memory _how) public returns (bool) {
|
||||||
return addressExists(_who);
|
address sender = _who;
|
||||||
|
if (sender == address(-1)) {
|
||||||
|
sender = tx.origin;
|
||||||
|
}
|
||||||
|
// _what == keccak256('VOTE_PROPOSAL_ROLE')
|
||||||
|
if (_what == 0xd61216798314d2fc33e42ff2021d66707b1e38517d3f7166798a9d3a196a9c96) {
|
||||||
|
return contributorIds[sender] != uint256(0);
|
||||||
|
}
|
||||||
|
|
||||||
|
return addressIsCore(sender);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -50,15 +50,16 @@ contract KreditsKit is KitBase {
|
|||||||
|
|
||||||
uint256[] memory params = new uint256[](1);
|
uint256[] memory params = new uint256[](1);
|
||||||
params[0] = uint256(203) << 248 | uint256(1) << 240 | uint240(contributor);
|
params[0] = uint256(203) << 248 | uint256(1) << 240 | uint240(contributor);
|
||||||
acl.grantPermissionP(root, contribution, contribution.ADD_CONTRIBUTION_ROLE(), params);
|
acl.grantPermissionP(acl.ANY_ENTITY(), contribution, contribution.ADD_CONTRIBUTION_ROLE(), params);
|
||||||
acl.grantPermissionP(root, contribution, contribution.VETO_CONTRIBUTION_ROLE(), params);
|
acl.grantPermissionP(acl.ANY_ENTITY(), contribution, contribution.VETO_CONTRIBUTION_ROLE(), params);
|
||||||
|
|
||||||
//acl.setPermissionManager(this, proposal, proposal.VOTE_PROPOSAL_ROLE();
|
//acl.setPermissionManager(this, proposal, proposal.VOTE_PROPOSAL_ROLE();
|
||||||
acl.createPermission(root, proposal, proposal.VOTE_PROPOSAL_ROLE(), this);
|
acl.createPermission(root, proposal, proposal.VOTE_PROPOSAL_ROLE(), this);
|
||||||
acl.grantPermissionP(root, proposal, proposal.VOTE_PROPOSAL_ROLE(), params);
|
acl.grantPermissionP(acl.ANY_ENTITY(), proposal, proposal.VOTE_PROPOSAL_ROLE(), params);
|
||||||
|
|
||||||
acl.createPermission(root, proposal, proposal.ADD_PROPOSAL_ROLE(), this);
|
acl.createPermission(root, proposal, proposal.ADD_PROPOSAL_ROLE(), this);
|
||||||
acl.grantPermissionP(root, proposal, proposal.ADD_PROPOSAL_ROLE(), params);
|
//acl.grantPermissionP(address(-1), proposal, proposal.ADD_PROPOSAL_ROLE(), params);
|
||||||
|
acl.grantPermission(acl.ANY_ENTITY(), proposal, proposal.ADD_PROPOSAL_ROLE());
|
||||||
|
|
||||||
acl.setPermissionManager(root, proposal, proposal.VOTE_PROPOSAL_ROLE());
|
acl.setPermissionManager(root, proposal, proposal.VOTE_PROPOSAL_ROLE());
|
||||||
acl.setPermissionManager(root, proposal, proposal.ADD_PROPOSAL_ROLE());
|
acl.setPermissionManager(root, proposal, proposal.ADD_PROPOSAL_ROLE());
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user