.eslintrc.js

@@ -2,12 +2,19 @@ module.exports = {
   'env': {
     'browser': true,
     'es6': true,
-    'node': true
+    'node': true,
+    'mocha': true
   },
   'extends': 'eslint:recommended',
   'globals': {
     'Atomics': 'readonly',
-    'SharedArrayBuffer': 'readonly'
+    'SharedArrayBuffer': 'readonly',
+    'artifacts': 'true',
+    'contract': 'true',
+    'accounts': 'true',
+    'web3': 'true',
+    'it': 'true',
+    'assert': 'true'
   },
   'parserOptions': {
     'ecmaVersion': 2018,

apps/contribution/artifacts.js

@@ -0,0 +1,5 @@
+module.exports = {
+    Contribution: artifacts.require('Contribution.sol'),
+    getContributionContract: name => artifacts.require(name)
+}
+  

apps/contribution/contracts/Contribution.sol

@@ -157,6 +157,7 @@ contract Contribution is AragonApp {
 
   function add(uint32 amount, uint32 contributorId, bytes32 hashDigest, uint8 hashFunction, uint8 hashSize) public isInitialized auth(ADD_CONTRIBUTION_ROLE) {
     //require(canPerform(msg.sender, ADD_CONTRIBUTION_ROLE, new uint32[](0)), 'nope');
+    require(amount > 0, "amount equal to zero");
     uint32 contributionId = contributionsCount + 1;
     ContributionData storage c = contributions[contributionId];
     c.exists = true;

apps/contribution/contracts/test/Spoof.sol

@@ -0,0 +1,16 @@
+pragma solidity ^0.4.24;
+
+import "@aragon/os/contracts/acl/ACL.sol";
+import "@aragon/os/contracts/kernel/Kernel.sol";
+import "@aragon/os/contracts/factory/DAOFactory.sol";
+
+// You might think this file is a bit odd, but let me explain.
+// We only use for now those imported contracts in our tests, which
+// means Truffle will not compile them for us, because they are from
+// an external dependency.
+
+
+// solium-disable-next-line no-empty-blocks
+contract Spoof {
+  // ...
+}

apps/contribution/package.json

@@ -6,13 +6,14 @@
     "@aragon/os": "^4.1.0",
     "@aragon/cli": "^5.5.0"
   },
-  "devDependencies": {},
+  "devDependencies": {
+    "@aragon/test-helpers": "^1.0.0"
+  },
   "scripts": {
     "start": "npm run start:aragon:ipfs",
     "start:aragon:ipfs": "aragon run",
     "start:aragon:http": "aragon run --http localhost:8001 --http-served-from ./dist",
     "start:app": "",
-    "test": "aragon contracts test",
     "compile": "aragon contracts compile",
     "sync-assets": "",
     "build:app": "",
@@ -21,7 +22,10 @@
     "publish:patch": "aragon apm publish patch",
     "publish:minor": "aragon apm publish minor",
     "publish:major": "aragon apm publish major",
-    "versions": "aragon apm versions"
+    "versions": "aragon apm versions",
+    "ganache-cli:test": "./node_modules/@aragon/test-helpers/ganache-cli.sh",
+    "test": "aragon contracts test",
+    "coverage": "SOLIDITY_COVERAGE=true npm run ganache-cli:test"
   },
   "keywords": []
 }

apps/contribution/test/contribution.js

@@ -0,0 +1,205 @@
+const namehash = require('eth-ens-namehash').hash;
+
+// eslint-disable-next-line no-undef
+const Contribution = artifacts.require("Contribution.sol");
+const { Token, getTokenContract } = require("../../token/artifacts");
+
+// eslint-disable-next-line no-undef
+const getContract = name => artifacts.require(name);
+const { assertRevert } = require('@aragon/test-helpers/assertThrow');
+
+const ZERO_ADDR = '0x0000000000000000000000000000000000000000';
+
+contract('Contribution app', (accounts) => {
+    let kernelBase, aclBase, daoFactory, r, dao, acl, contribution, token;
+  
+    const root = accounts[0];
+    const member1 = accounts[1];
+
+    // eslint-disable-next-line no-undef
+    before(async () => {
+        kernelBase = await getContract('Kernel').new(true); // petrify immediately
+        aclBase = await getContract('ACL').new();
+        daoFactory = await getContract('DAOFactory').new(kernelBase.address, aclBase.address, ZERO_ADDR);
+        r = await daoFactory.newDAO(root);
+        dao = getContract('Kernel').at(r.logs.filter(l => l.event == 'DeployDAO')[0].args.dao);
+        acl = getContract('ACL').at(await dao.acl());
+    
+        //create dao mamnager permission for coin owner
+        await acl.createPermission(
+            root,
+            dao.address,
+            await dao.APP_MANAGER_ROLE(),
+            root,
+            { from: root }
+        );
+
+        //apps id
+        let appsId = [];
+        appsId[0] = namehash("kredits-contribution");
+        appsId[1] = namehash("kredits-contributor");
+        appsId[2] = namehash("kredits-proposal");
+        appsId[3] = namehash("kredits-token");
+        
+    
+        //get new app instance from DAO
+        let receipt = await dao.newAppInstance(
+            appsId[0],
+            (await Contribution.new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        contribution = Contribution.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+
+        receipt = await dao.newAppInstance(
+            appsId[3],
+            (await getTokenContract('Token').new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        token = Token.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+    
+        //init app
+        await contribution.initialize(appsId);
+    
+        await acl.createPermission(
+            root,
+            contribution.address,
+            await contribution.ADD_CONTRIBUTION_ROLE(),
+            root,
+            { from: root }
+        );
+
+        await acl.createPermission(
+            root,
+            contribution.address,
+            await contribution.VETO_CONTRIBUTION_ROLE(),
+            root,
+            { from: root }
+        );
+
+        //init token (app)
+        await token.initialize(appsId);
+    
+        //create token mint permission for coin owner
+        await acl.createPermission(
+            root,
+            token.address,
+            await token.MINT_TOKEN_ROLE(),
+            root,
+            { from: root }
+        );
+
+        //acl.grantPermission(contribution, token, await token.MINT_TOKEN_ROLE(), {from: root});            
+    });
+
+    describe("Owner default space permissions", async () => {
+        it('check owner can add contribution', async () => {
+          let addContributionPermission = await acl.hasPermission(root, contribution.address, await contribution.ADD_CONTRIBUTION_ROLE());
+          // eslint-disable-next-line no-undef
+          assert.equal(addContributionPermission, true);
+        });  
+
+        it('check owner can veto contribution', async () => {
+            let vetoContributionPermission = await acl.hasPermission(root, contribution.address, await contribution.VETO_CONTRIBUTION_ROLE());
+            // eslint-disable-next-line no-undef
+            assert.equal(vetoContributionPermission, true);
+        });  
+    });
+
+    describe("Add contribution", async () => {
+        let amount = 100;
+        let contributorId = 1;
+        let hashDigest = '0x0000000000000000000000000000000000000000000000000000000000000000';
+        let hashFunction = 1;
+        let hashSize = 1;
+
+        it("should revert when add contribution from address that does not have permission", async () => {
+            return assertRevert(async () => {
+                await contribution.add(amount, contributorId, hashDigest, hashFunction, hashSize, {from: member1});
+              'sender does not have permission';
+            });
+        });
+
+        it("should revert when add contribution with amount equal to zero", async () => {
+            return assertRevert(async () => {
+                await contribution.add(0, contributorId, hashDigest, hashFunction, hashSize, {from: root});
+              'amount equal to zero';
+            });
+        });
+
+        it("add contribution", async () => {
+            let contributionCountBefore = await contribution.contributionsCount();
+            await contribution.add(amount, contributorId, hashDigest, hashFunction, hashSize, {from: root});
+            let contributionCountAfter = await contribution.contributionsCount();
+            // eslint-disable-next-line no-undef
+            assert.equal(contributionCountAfter.toNumber()-contributionCountBefore.toNumber(), 1);
+            let contributionObject = await contribution.getContribution(contributionCountAfter.toNumber());
+            // eslint-disable-next-line no-undef
+            assert.equal(contributionObject[1], contributorId);
+            let isExist = await contribution.exists(contributionCountAfter.toNumber());
+            // eslint-disable-next-line no-undef
+            assert.equal(isExist, true);
+        });
+    });
+
+    describe("Veto/Claim contribution", async () => {
+
+        it("should revert when veto from address that does not have permission", async () => {
+            let contributionId = await contribution.contributionsCount();
+            return assertRevert(async () => {
+                await contribution.veto(contributionId.toNumber(), {from: member1});
+              'sender does not have permission to veto';
+            });
+        });
+
+        it("should revert when veto contribution that does not exist", async () => {
+            let contributionId = await contribution.contributionsCount();
+            return assertRevert(async () => {
+                await contribution.veto(contributionId.toNumber()+1, {from: root});
+              'contribution not found';
+            });
+        });
+
+        it("should revert when claim contribution that does not exist", async () => {
+            let contributionId = await contribution.contributionsCount();
+            return assertRevert(async () => {
+                await contribution.claim(contributionId.toNumber()+1, {from: root});
+              'contribution not found';
+            });
+        });
+
+        it("claim contribution", async () => {
+            let contributionId = await contribution.contributionsCount();
+            await contribution.claim(contributionId);
+            let contributionObject = await contribution.getContribution(contributionId.toNumber());
+            // eslint-disable-next-line no-undef
+            assert(contributionObject[3], true);
+        });
+
+        it("should revert when claim already claimed contribution", async () => {
+            let contributionId = await contribution.contributionsCount();
+            return assertRevert(async () => {
+                await contribution.claim(contributionId.toNumber(), {from: root});
+              'contribution already claimed';
+            });
+        });
+
+        it("should revert when veto already claimed contribution", async () => {
+            let contributionId = await contribution.contributionsCount();
+            return assertRevert(async () => {
+                await contribution.veto(contributionId.toNumber(), {from: root});
+              'contribution already claimed';
+            });
+        });
+
+
+    });
+  
+});

apps/contributor/artifacts.js

@@ -0,0 +1,5 @@
+module.exports = {
+    Contributor: artifacts.require('Contributor.sol'),
+    getContributorContract: name => artifacts.require(name)
+}
+  

apps/contributor/contracts/Contributor.sol

@@ -64,10 +64,14 @@ contract Contributor is AragonApp {
   }
 
   function updateContributorAccount(uint32 id, address oldAccount, address newAccount) public auth(MANAGE_CONTRIBUTORS_ROLE) {
+    require(newAccount != address(0), "invalid new account address");
+    require(getContributorAddressById(id) == oldAccount, "contributor does not exist");
+    
     contributorIds[oldAccount] = 0;
     contributorIds[newAccount] = id;
     contributors[id].account = newAccount;
-    ContributorAccountUpdated(id, oldAccount, newAccount);
+
+    emit ContributorAccountUpdated(id, oldAccount, newAccount);
   }
 
   function updateContributorProfileHash(uint32 id, bytes32 hashDigest, uint8 hashFunction, uint8 hashSize) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {

apps/contributor/contracts/test/Spoof.sol

@@ -0,0 +1,16 @@
+pragma solidity ^0.4.24;
+
+import "@aragon/os/contracts/acl/ACL.sol";
+import "@aragon/os/contracts/kernel/Kernel.sol";
+import "@aragon/os/contracts/factory/DAOFactory.sol";
+
+// You might think this file is a bit odd, but let me explain.
+// We only use for now those imported contracts in our tests, which
+// means Truffle will not compile them for us, because they are from
+// an external dependency.
+
+
+// solium-disable-next-line no-empty-blocks
+contract Spoof {
+  // ...
+}

apps/contributor/package.json

@@ -6,13 +6,14 @@
     "@aragon/os": "^4.1.0",
     "@aragon/cli": "^5.5.0"
   },
-  "devDependencies": {},
+  "devDependencies": {
+    "@aragon/test-helpers": "^1.0.0"
+  },
   "scripts": {
     "start": "npm run start:aragon:ipfs",
     "start:aragon:ipfs": "aragon run",
     "start:aragon:http": "aragon run --http localhost:8001 --http-served-from ./dist",
     "start:app": "",
-    "test": "aragon contracts test",
     "compile": "aragon contracts compile",
     "sync-assets": "",
     "build:app": "",
@@ -21,7 +22,10 @@
     "publish:patch": "aragon apm publish patch",
     "publish:minor": "aragon apm publish minor",
     "publish:major": "aragon apm publish major",
-    "versions": "aragon apm versions"
+    "versions": "aragon apm versions",
+    "ganache-cli:test": "./node_modules/@aragon/test-helpers/ganache-cli.sh",
+    "test": "aragon contracts test",
+    "coverage": "SOLIDITY_COVERAGE=true npm run ganache-cli:test"
   },
   "keywords": []
 }

apps/contributor/test/contributor.js

@@ -0,0 +1,170 @@
+const namehash = require('eth-ens-namehash').hash;
+
+// eslint-disable-next-line no-undef
+const Contributor = artifacts.require("Contributor.sol");
+
+// eslint-disable-next-line no-undef
+const getContract = name => artifacts.require(name);
+const { assertRevert } = require('@aragon/test-helpers/assertThrow');
+
+const ZERO_ADDR = '0x0000000000000000000000000000000000000000';
+
+contract('Contributor app', (accounts) => {
+    let kernelBase, aclBase, daoFactory, r, dao, acl, contributor;
+  
+    const root = accounts[0];
+    const member1 = accounts[1];
+  
+    // eslint-disable-next-line no-undef
+    before(async () => {
+        kernelBase = await getContract('Kernel').new(true); // petrify immediately
+        aclBase = await getContract('ACL').new();
+        daoFactory = await getContract('DAOFactory').new(kernelBase.address, aclBase.address, ZERO_ADDR);
+        r = await daoFactory.newDAO(root);
+        dao = getContract('Kernel').at(r.logs.filter(l => l.event == 'DeployDAO')[0].args.dao);
+        acl = getContract('ACL').at(await dao.acl());
+    
+        //create dao mamnager permission for coin owner
+        await acl.createPermission(
+            root,
+            dao.address,
+            await dao.APP_MANAGER_ROLE(),
+            root,
+            { from: root }
+        );
+    
+        //get new app instance from DAO
+        const receipt = await dao.newAppInstance(
+            '0x1234',
+            (await Contributor.new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        contributor = Contributor.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+
+        //apps id
+        let appsId = [];
+        appsId[0] = namehash("kredits-contribution");
+        appsId[1] = namehash("kredits-contributor");
+        appsId[2] = namehash("kredits-proposal");
+        appsId[3] = namehash("kredits-token");
+    
+        //init contributor (app)
+        await contributor.initialize(root, appsId);
+    
+        //create manage contributors role
+        await acl.createPermission(
+            root,
+            contributor.address,
+            await contributor.MANAGE_CONTRIBUTORS_ROLE(),
+            root,
+            { from: root }
+        );
+    
+    });
+
+    describe("Owner default space permissions", async () => {
+        it('check owner is token issuer', async () => {
+          let manageContributorPermission = await acl.hasPermission(root, contributor.address, await contributor.MANAGE_CONTRIBUTORS_ROLE());
+          // eslint-disable-next-line no-undef
+          assert.equal(manageContributorPermission, true);
+        });  
+    });
+
+    describe("Add contributor", async () => {
+        let account = root;
+        let hashDigest = '0x0';
+        let hashFunction = 0;
+        let hashSize = 0;
+
+        it("should revert when add contributor from an address that does not have permission", async () => {
+            return assertRevert(async () => {
+              await contributor.addContributor(account, hashDigest, hashFunction, hashSize, { from: member1});
+              'sender does not have permission';
+            });
+        });
+
+        it('add contributor', async () => {
+            let contributorCount = await contributor.coreContributorsCount();
+            await contributor.addContributor(account, hashDigest, hashFunction, hashSize);
+            // eslint-disable-next-line no-undef
+            assert.equal(await contributor.addressExists(account), true);
+            let contributorCountAfter = await contributor.coreContributorsCount();
+            // eslint-disable-next-line no-undef
+            assert.equal(await contributorCountAfter.toNumber(), parseInt(contributorCount)+1);
+        });
+
+        it("should revert when add contributor with an address that already exist", async () => {
+            return assertRevert(async () => {
+              await contributor.addContributor(account, hashDigest, hashFunction, hashSize, { from: member1});
+              'address already exist';
+            });
+        });
+    });
+
+    describe("Update contributor", async () => {
+        let id;
+        let oldAccount;
+        let newAccount;
+        let hashDigest;
+        let hashFunction;
+        let hashSize;
+
+        // eslint-disable-next-line no-undef
+        before(async () =>  {
+            id = await contributor.coreContributorsCount();
+            oldAccount = root;
+            newAccount = member1;
+            hashDigest = '0x1000000000000000000000000000000000000000000000000000000000000000';
+            hashFunction = 1;
+            hashSize = 1;
+        });
+
+        it('update contributor account', async () => {
+            await contributor.updateContributorAccount(id.toNumber(), oldAccount, newAccount);
+            let contributorId = await contributor.getContributorIdByAddress(oldAccount);
+            // eslint-disable-next-line no-undef
+            assert.equal(contributorId.toNumber(), 0);
+        });
+
+        it("should revert when update contributor account from address that does not have permission", async () => {
+            return assertRevert(async () => {
+                await contributor.updateContributorAccount(id.toNumber(), oldAccount, newAccount, {from: member1});
+              'sender does not have permission';
+            });
+        });
+
+        it("should revert when update contributor account that does not exist", async () => {
+            return assertRevert(async () => {
+              await contributor.updateContributorAccount(id.toNumber(), accounts[3], newAccount);
+              'contributor does not exist';
+            });
+        });
+
+        it("should revert when update contributor account with address(0)", async () => {
+            return assertRevert(async () => {
+              await contributor.updateContributorAccount(id.toNumber(), oldAccount, ZERO_ADDR);
+              'contributor does not exist';
+            });
+        });
+
+        it('update contributor profile hash', async () => {
+            await contributor.updateContributorProfileHash(id.toNumber(), hashDigest, hashFunction, hashSize);
+            let contributorProfile = await contributor.contributors(id.toNumber());
+            assert.equal(hashDigest, contributorProfile[1]);    // eslint-disable-line no-undef
+            assert.equal(hashFunction, contributorProfile[2].toNumber());   // eslint-disable-line no-undef
+            assert.equal(hashSize, contributorProfile[3].toNumber());   // eslint-disable-line no-undef
+        });
+
+        it("should revert when update contributor profile hash from address that does not have permission", async () => {
+            return assertRevert(async () => {
+                await contributor.updateContributorProfileHash(id.toNumber(), hashDigest, hashFunction, hashSize, {from: member1});
+                'sender does not have permission';
+            });
+        });
+
+    });
+});

apps/proposal/contracts/test/Spoof.sol

@@ -0,0 +1,16 @@
+pragma solidity ^0.4.24;
+
+import "@aragon/os/contracts/acl/ACL.sol";
+import "@aragon/os/contracts/kernel/Kernel.sol";
+import "@aragon/os/contracts/factory/DAOFactory.sol";
+
+// You might think this file is a bit odd, but let me explain.
+// We only use for now those imported contracts in our tests, which
+// means Truffle will not compile them for us, because they are from
+// an external dependency.
+
+
+// solium-disable-next-line no-empty-blocks
+contract Spoof {
+  // ...
+}

apps/proposal/package.json

@@ -6,13 +6,14 @@
     "@aragon/os": "^4.1.0",
     "@aragon/cli": "^5.5.0"
   },
-  "devDependencies": {},
+  "devDependencies": {
+    "@aragon/test-helpers": "^1.0.0"
+  },
   "scripts": {
     "start": "npm run start:aragon:ipfs",
     "start:aragon:ipfs": "aragon run",
     "start:aragon:http": "aragon run --http localhost:8001 --http-served-from ./dist",
     "start:app": "",
-    "test": "aragon contracts test",
     "compile": "aragon contracts compile",
     "sync-assets": "",
     "build:app": "",
@@ -21,7 +22,10 @@
     "publish:patch": "aragon apm publish patch",
     "publish:minor": "aragon apm publish minor",
     "publish:major": "aragon apm publish major",
-    "versions": "aragon apm versions"
+    "versions": "aragon apm versions",
+    "ganache-cli:test": "./node_modules/@aragon/test-helpers/ganache-cli.sh",
+    "test": "aragon contracts test",
+    "coverage": "SOLIDITY_COVERAGE=true npm run ganache-cli:test"
   },
   "keywords": []
 }

apps/proposal/test/proposal.js

@@ -0,0 +1,164 @@
+const namehash = require('eth-ens-namehash').hash;
+
+// eslint-disable-next-line no-undef
+const Proposal = artifacts.require("Proposal.sol");
+const { Contributor, getContributorContract } = require("../../contributor/artifacts");
+const { Contribution, getContributionContract } = require("../../contribution/artifacts");
+
+// eslint-disable-next-line no-undef
+const getContract = name => artifacts.require(name);
+// eslint-disable-next-line no-unused-vars
+const { assertRevert } = require('@aragon/test-helpers/assertThrow');
+
+const ZERO_ADDR = '0x0000000000000000000000000000000000000000';
+
+contract('Proposal app', (accounts) => {
+    let kernelBase, aclBase, daoFactory, dao, r, acl, proposal, contribution, contributor;
+  
+    const root = accounts[0];
+
+    // eslint-disable-next-line no-undef
+    before(async () => {
+        kernelBase = await getContract('Kernel').new(true); // petrify immediately
+        aclBase = await getContract('ACL').new();
+        daoFactory = await getContract('DAOFactory').new(kernelBase.address, aclBase.address, ZERO_ADDR);
+        r = await daoFactory.newDAO(root);
+        dao = getContract('Kernel').at(r.logs.filter(l => l.event == 'DeployDAO')[0].args.dao);
+        acl = getContract('ACL').at(await dao.acl());
+    
+        //create dao mamnager permission for coin owner
+        await acl.createPermission(
+            root,
+            dao.address,
+            await dao.APP_MANAGER_ROLE(),
+            root,
+            { from: root }
+        );
+
+        //apps id
+        let appsId = [];
+        appsId[0] = namehash("kredits-contribution");
+        appsId[1] = namehash("kredits-contributor");
+        appsId[2] = namehash("kredits-proposal");
+        appsId[3] = namehash("kredits-token");
+        
+    
+        //get new app instance from DAO
+        let receipt = await dao.newAppInstance(
+            appsId[2],
+            (await Proposal.new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        proposal = Proposal.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+
+        receipt = await dao.newAppInstance(
+            appsId[1],
+            (await getContributorContract('Contributor').new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        contributor = Contributor.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+
+        receipt = await dao.newAppInstance(
+            appsId[0],
+            (await getContributionContract('Contribution').new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        contribution = Contribution.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+
+        //init app
+        await proposal.initialize(appsId);
+    
+        await acl.createPermission(
+            root,
+            proposal.address,
+            await proposal.ADD_PROPOSAL_ROLE(),
+            root,
+            { from: root }
+        );
+
+        await acl.createPermission(
+            root,
+            proposal.address,
+            await proposal.VOTE_PROPOSAL_ROLE(),
+            root,
+            { from: root }
+        );
+
+        //init contribution (app)
+        await contribution.initialize(appsId);
+    
+        await acl.createPermission(
+            root,
+            contribution.address,
+            await contribution.ADD_CONTRIBUTION_ROLE(),
+            root,
+            { from: root }
+        );
+
+        await acl.createPermission(
+            root,
+            contribution.address,
+            await contribution.VETO_CONTRIBUTION_ROLE(),
+            root,
+            { from: root }
+        );
+
+        //acl.grantPermission(proposal, contribution, await contribution.ADD_CONTRIBUTION_ROLE(), {from: root});            
+    
+        //init contributor app
+        await contributor.initialize(appsId);
+
+        await acl.createPermission(
+            root,
+            contributor.address,
+            await contributor.MANAGE_CONTRIBUTORS_ROLE(),
+            root,
+            { from: root }
+        );
+    });
+
+    describe("Owner default permissions", async () => {
+        it('check owner can add proposal', async () => {
+          let addProposalPermission = await acl.hasPermission(root, proposal.address, await proposal.ADD_PROPOSAL_ROLE());
+          // eslint-disable-next-line no-undef
+          assert.equal(addProposalPermission, true);
+        });  
+
+        it('check owner can veto contribution', async () => {
+            let vetoProposalPermission = await acl.hasPermission(root, proposal.address, await proposal.VOTE_PROPOSAL_ROLE());
+            // eslint-disable-next-line no-undef
+            assert.equal(vetoProposalPermission, true);
+        });  
+
+        it('check owner can add contribution', async () => {
+            let addContributionPermission = await acl.hasPermission(root, contribution.address, await contribution.ADD_CONTRIBUTION_ROLE());
+            // eslint-disable-next-line no-undef
+            assert.equal(addContributionPermission, true);
+        });   
+
+        it('check owner can veto contribution', async () => {
+            let vetoContributionPermission = await acl.hasPermission(root, contribution.address, await contribution.VETO_CONTRIBUTION_ROLE());
+            // eslint-disable-next-line no-undef
+            assert.equal(vetoContributionPermission, true);
+        });  
+
+        it('check owner can manage contributors', async () => {
+            let manageContributorsPermission = await acl.hasPermission(root, contributor.address, await contribution.MANAGE_CONTRIBUTORS_ROLE());
+            // eslint-disable-next-line no-undef
+            assert.equal(manageContributorsPermission, true);
+        });  
+    });
+
+});

apps/token/.solcover.js

@@ -0,0 +1,10 @@
+module.exports = {
+    norpc: true,
+    copyPackages: ['@aragon/os'],
+    buildDirPath: '/build/contracts',
+    testCommand: '../node_modules/.bin/aragon contracts test --network coverage',
+    skipFiles: [
+        'misc/Migrations.sol',
+        'test/Spoof.sol',
+    ]
+}

apps/token/artifacts.js

@@ -0,0 +1,5 @@
+module.exports = {
+    Token: artifacts.require('Token.sol'),
+    getTokenContract: name => artifacts.require(name)
+}
+  

apps/token/contracts/Token.sol

@@ -21,6 +21,8 @@ contract Token is ERC20Token, AragonApp {
   }
 
   function mintFor(address contributorAccount, uint256 amount, uint32 contributionId) public isInitialized auth(MINT_TOKEN_ROLE) {
+    require(amount > 0, "amount should be greater than zero");
+
     uint256 amountInWei = amount.mul(1 ether);
     _mint(contributorAccount, amountInWei);
     emit LogMint(contributorAccount, amount, contributionId);

apps/token/contracts/test/Spoof.sol

@@ -0,0 +1,16 @@
+pragma solidity ^0.4.24;
+
+import "@aragon/os/contracts/acl/ACL.sol";
+import "@aragon/os/contracts/kernel/Kernel.sol";
+import "@aragon/os/contracts/factory/DAOFactory.sol";
+
+// You might think this file is a bit odd, but let me explain.
+// We only use for now those imported contracts in our tests, which
+// means Truffle will not compile them for us, because they are from
+// an external dependency.
+
+
+// solium-disable-next-line no-empty-blocks
+contract Spoof {
+  // ...
+}

apps/token/package.json

@@ -6,13 +6,14 @@
     "@aragon/os": "^4.1.0",
     "@aragon/cli": "^5.5.0"
   },
-  "devDependencies": {},
+  "devDependencies": {
+    "@aragon/test-helpers": "^1.0.0"
+  },
   "scripts": {
     "start": "npm run start:aragon:ipfs",
     "start:aragon:ipfs": "aragon run",
     "start:aragon:http": "aragon run --http localhost:8001 --http-served-from ./dist",
     "start:app": "",
-    "test": "aragon contracts test",
     "compile": "aragon contracts compile",
     "sync-assets": "",
     "build:app": "",
@@ -21,7 +22,10 @@
     "publish:patch": "aragon apm publish patch",
     "publish:minor": "aragon apm publish minor",
     "publish:major": "aragon apm publish major",
-    "versions": "aragon apm versions"
+    "versions": "aragon apm versions",
+    "ganache-cli:test": "./node_modules/@aragon/test-helpers/ganache-cli.sh",
+    "test": "aragon contracts test",
+    "coverage": "SOLIDITY_COVERAGE=true npm run ganache-cli:test"
   },
   "keywords": []
 }

apps/token/test/token.js

@@ -0,0 +1,123 @@
+const namehash = require('eth-ens-namehash').hash;
+
+// eslint-disable-next-line no-undef
+const Token = artifacts.require("Token.sol");
+
+// eslint-disable-next-line no-undef
+const getContract = name => artifacts.require(name);
+const { assertRevert } = require('@aragon/test-helpers/assertThrow');
+
+const ZERO_ADDR = '0x0000000000000000000000000000000000000000';
+
+contract('Token app', (accounts) => {
+    let kernelBase, aclBase, daoFactory, dao, r, acl, token;
+  
+    const root = accounts[0];
+    const member1 = accounts[1];
+  
+    // eslint-disable-next-line no-undef
+    before(async () => {
+        kernelBase = await getContract('Kernel').new(true); // petrify immediately
+        aclBase = await getContract('ACL').new();
+        daoFactory = await getContract('DAOFactory').new(kernelBase.address, aclBase.address, ZERO_ADDR);
+        r = await daoFactory.newDAO(root);
+        dao = getContract('Kernel').at(r.logs.filter(l => l.event == 'DeployDAO')[0].args.dao);
+        acl = getContract('ACL').at(await dao.acl());
+    
+        //create dao mamnager permission for coin owner
+        await acl.createPermission(
+            root,
+            dao.address,
+            await dao.APP_MANAGER_ROLE(),
+            root,
+            { from: root }
+        );
+    
+        //get new app instance from DAO
+        const receipt = await dao.newAppInstance(
+            '0x1234',
+            (await Token.new()).address,
+            0x0,
+            false,
+            { from: root }
+        );
+        token = Token.at(
+            receipt.logs.filter(l => l.event == 'NewAppProxy')[0].args.proxy
+        );
+
+        //apps id
+        let appsId = [];
+        appsId[0] = namehash("kredits-contribution");
+        appsId[1] = namehash("kredits-contributor");
+        appsId[2] = namehash("kredits-proposal");
+        appsId[3] = namehash("kredits-token");
+    
+        //init token (app)
+        await token.initialize(appsId);
+    
+        //create token mint permission for coin owner
+        await acl.createPermission(
+            root,
+            token.address,
+            await token.MINT_TOKEN_ROLE(),
+            root,
+            { from: root }
+        );
+    
+    });
+
+    describe("Owner default space permissions", async () => {
+        it('check owner is token issuer', async () => {
+          let tokenIssuerPermission = await acl.hasPermission(root, token.address, await token.MINT_TOKEN_ROLE());
+          // eslint-disable-next-line no-undef
+          assert.equal(tokenIssuerPermission, true);
+        });  
+    });
+
+    describe("Token issuing", async () => {
+        let name = "Kredits";
+        let symbol = "₭S";
+        let decimals = 18;
+  
+        it("check token properties", async () => {
+          assert.equal(await token.name(), name); // eslint-disable-line no-undef
+          assert.equal(await token.symbol(), symbol); // eslint-disable-line no-undef
+          assert.equal(await token.decimals(), decimals); // eslint-disable-line no-undef
+        });
+  
+    });
+
+    describe("Token minting", async () => {
+        let tokenToMint = 250;
+        let ether = 1000000000000000000;
+  
+        it("should revert when mint tokens from an address that does not have minting permission", async () => {
+          return assertRevert(async () => {
+            await token.mintFor(root, tokenToMint, 1, { from: member1});
+            'address does not have permission to mint tokens';
+          });
+        });
+  
+        it("should revert when mint tokens to address(0)", async () => {
+          return assertRevert(async () => {
+            await token.mintFor(ZERO_ADDR, tokenToMint, 1, { from: root});
+            'invalid contributor address';
+          });
+        });
+  
+        it("should revert when mint amount of tokens equal to 0", async () => {
+          return assertRevert(async () => {
+            await token.mintFor(root, 0, 1, { from: root});
+            'amount to mint should be greater than zero';
+          });
+        });
+  
+        it("mint tokens", async () => {
+          await token.mintFor(root, tokenToMint, 1, { from: root });
+          let ownerBalance = await token.balanceOf(root);
+          let totalSupply = await token.totalSupply();
+          assert.equal(ownerBalance.toNumber(), tokenToMint*ether); // eslint-disable-line no-undef
+          assert.equal(totalSupply.toNumber(), tokenToMint*ether);  // eslint-disable-line no-undef
+        });
+    });
+});

package.json

@@ -20,6 +20,11 @@
     "deploy:apps": "./scripts/every-app.sh \"aragon apm publish major\"",
     "devchain": "aragon devchain --port 7545",
     "dao:address": "truffle exec scripts/current-address.js",
+    "test:token": "cd apps/token && aragon contracts test --environment default",
+    "test:contributor": "cd apps/contributor && aragon contracts test --environment default",
+    "test:contribution": "cd apps/contribution && aragon contracts test --environment default",
+    "test:proposal": "cd apps/proposal && aragon contracts test --environment default",
+    "test:kit": "aragon contracts test --environment default",
     "lint:contracts": "solhint \"contracts/**/*.sol\" \"apps/*/contracts/**/*.sol\"",
     "lint:contract-tests": "eslint apps/*/test",
     "lint:wrapper": "eslint lib/",
@@ -48,6 +53,9 @@
     "eslint-plugin-promise": "^4.1.1",
     "eth-provider": "^0.2.2",
     "promptly": "^3.0.3",
+    "chai": "^4.2.0",
+    "solidity-coverage": "0.5.11",
+    "eth-ens-namehash": "^2.0.8",
     "solc": "^0.4.26",
     "solhint": "^2.1.0",
     "yargs": "^12.0.0"

truffle.js

@@ -54,6 +54,13 @@ module.exports = {
     goerli: {
       network_id: 5,
       provider: providerForNetwork('goerli')
+    },
+    coverage: {
+      host: "localhost",
+      network_id: "*",
+      port: 8555,
+      gas: 0xffffffffff,
+      gasPrice: 0x01
     }
   },
   compilers: {