kredits/contracts
kredits/contracts
9
1
Fork 0
Code Issues 21 Pull Requests Actions Projects 1 Releases 8 Activity

Fix contributor oracle permission auth #63

Merged
bumi merged 1 commits from fix/contriutor-permissions into master 2019-04-03 09:37:10 +00:00
Conversation 1 Commits 1 Files Changed 2 +33 -23
2 changed files with 33 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
apps/contributor/contracts/Contributor.sol
View File

@ -14,20 +14,20 @@ contract Contributor is AragonApp {
bool exists; bool exists;
} }
mapping (address => uint) public contributorIds; mapping (address => uint256) public contributorIds;
mapping (uint => Contributor) public contributors; mapping (uint256 => Contributor) public contributors;
uint256 public contributorsCount; uint256 public contributorsCount;
// ensure alphabetic order // ensure alphabetic order
enum Apps { Contribution, Contributor, Proposal, Token } enum Apps { Contribution, Contributor, Proposal, Token }
bytes32[4] public appIds; bytes32[4] public appIds;
event ContributorProfileUpdated(uint id, bytes32 oldIpfsHash, bytes32 newIpfsHash); event ContributorProfileUpdated(uint256 id, bytes32 oldIpfsHash, bytes32 newIpfsHash);
event ContributorAccountUpdated(uint id, address oldAccount, address newAccount); event ContributorAccountUpdated(uint256 id, address oldAccount, address newAccount);
event ContributorAdded(uint id, address account); event ContributorAdded(uint256 id, address account);
function initialize(address root,bytes32[4] _appIds) public onlyInit { function initialize(address root,bytes32[4] _appIds) public onlyInit {
uint _id = contributorsCount + 1; uint256 _id = contributorsCount + 1;
Contributor storage c = contributors[_id]; Contributor storage c = contributors[_id];
c.exists = true; c.exists = true;
c.isCore = true; c.isCore = true;
@ -40,8 +40,8 @@ contract Contributor is AragonApp {
initialized(); initialized();
} }
function coreContributorsCount() view public returns (uint) { function coreContributorsCount() view public returns (uint256) {
uint count = 0; uint256 count = 0;
for (uint256 i = 1; i <= contributorsCount; i++) { for (uint256 i = 1; i <= contributorsCount; i++) {
if (contributors[i].isCore) { if (contributors[i].isCore) {
count += 1; count += 1;
@ -50,14 +50,14 @@ contract Contributor is AragonApp {
return count; return count;
} }
function updateContributorAccount(uint id, address oldAccount, address newAccount) public auth(MANAGE_CONTRIBUTORS_ROLE) { function updateContributorAccount(uint256 id, address oldAccount, address newAccount) public auth(MANAGE_CONTRIBUTORS_ROLE) {
contributorIds[oldAccount] = 0; contributorIds[oldAccount] = 0;
contributorIds[newAccount] = id; contributorIds[newAccount] = id;
contributors[id].account = newAccount; contributors[id].account = newAccount;
ContributorAccountUpdated(id, oldAccount, newAccount); ContributorAccountUpdated(id, oldAccount, newAccount);
} }
function updateContributorIpfsHash(uint id, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) { function updateContributorIpfsHash(uint256 id, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {
Contributor storage c = contributors[id]; Contributor storage c = contributors[id];
bytes32 oldIpfsHash = c.ipfsHash; bytes32 oldIpfsHash = c.ipfsHash;
c.ipfsHash = ipfsHash; c.ipfsHash = ipfsHash;
@ -69,7 +69,7 @@ contract Contributor is AragonApp {
function addContributor(address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) { function addContributor(address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore) public isInitialized auth(MANAGE_CONTRIBUTORS_ROLE) {
require(!addressExists(account)); require(!addressExists(account));
uint _id = contributorsCount + 1; uint256 _id = contributorsCount + 1;
assert(!contributors[_id].exists); // this can not be acually assert(!contributors[_id].exists); // this can not be acually
Contributor storage c = contributors[_id]; Contributor storage c = contributors[_id];
c.exists = true; c.exists = true;
@ -84,11 +84,11 @@ contract Contributor is AragonApp {
emit ContributorAdded(_id, account); emit ContributorAdded(_id, account);
} }
function isCore(uint id) view public returns (bool) { function isCore(uint256 id) view public returns (bool) {
return contributors[id].isCore; return contributors[id].isCore;
} }
function exists(uint id) view public returns (bool) { function exists(uint256 id) view public returns (bool) {
return contributors[id].exists; return contributors[id].exists;
} }
@ -100,20 +100,20 @@ contract Contributor is AragonApp {
return getContributorByAddress(account).exists; return getContributorByAddress(account).exists;
} }
function getContributorIdByAddress(address account) view public returns (uint) { function getContributorIdByAddress(address account) view public returns (uint256) {
return contributorIds[account]; return contributorIds[account];
} }
function getContributorAddressById(uint id) view public returns (address) { function getContributorAddressById(uint256 id) view public returns (address) {
return contributors[id].account; return contributors[id].account;
} }
function getContributorByAddress(address account) internal view returns (Contributor) { function getContributorByAddress(address account) internal view returns (Contributor) {
uint id = contributorIds[account]; uint256 id = contributorIds[account];
return contributors[id]; return contributors[id];
} }
function getContributorById(uint _id) public view returns (uint id, address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore, bool exists ) { function getContributorById(uint256 _id) public view returns (uint256 id, address account, bytes32 ipfsHash, uint8 hashFunction, uint8 hashSize, bool isCore, bool exists ) {
id = _id; id = _id;
Contributor storage c = contributors[_id]; Contributor storage c = contributors[_id];
account = c.account; account = c.account;
@ -124,7 +124,16 @@ contract Contributor is AragonApp {
exists = c.exists; exists = c.exists;
} }
function canPerform(address _who, address _where, bytes32 _what, uint256[] _how) public view returns (bool) { function canPerform(address _who, address _where, bytes32 _what, uint256[] memory _how) public returns (bool) {
return addressExists(_who); address sender = _who;
if (sender == address(-1)) {
sender = tx.origin;
}
// _what == keccak256('VOTE_PROPOSAL_ROLE')
if (_what == 0xd61216798314d2fc33e42ff2021d66707b1e38517d3f7166798a9d3a196a9c96) {
return contributorIds[sender] != uint256(0);
}
return addressIsCore(sender);
} }
} }

9
contracts/KreditsKit.sol
View File

@ -50,15 +50,16 @@ contract KreditsKit is KitBase {
uint256[] memory params = new uint256[](1); uint256[] memory params = new uint256[](1);
params[0] = uint256(203) << 248 | uint256(1) << 240 | uint240(contributor); params[0] = uint256(203) << 248 | uint256(1) << 240 | uint240(contributor);
acl.grantPermissionP(root, contribution, contribution.ADD_CONTRIBUTION_ROLE(), params); acl.grantPermissionP(acl.ANY_ENTITY(), contribution, contribution.ADD_CONTRIBUTION_ROLE(), params);
acl.grantPermissionP(root, contribution, contribution.VETO_CONTRIBUTION_ROLE(), params); acl.grantPermissionP(acl.ANY_ENTITY(), contribution, contribution.VETO_CONTRIBUTION_ROLE(), params);
//acl.setPermissionManager(this, proposal, proposal.VOTE_PROPOSAL_ROLE(); //acl.setPermissionManager(this, proposal, proposal.VOTE_PROPOSAL_ROLE();
acl.createPermission(root, proposal, proposal.VOTE_PROPOSAL_ROLE(), this); acl.createPermission(root, proposal, proposal.VOTE_PROPOSAL_ROLE(), this);
acl.grantPermissionP(root, proposal, proposal.VOTE_PROPOSAL_ROLE(), params); acl.grantPermissionP(acl.ANY_ENTITY(), proposal, proposal.VOTE_PROPOSAL_ROLE(), params);
acl.createPermission(root, proposal, proposal.ADD_PROPOSAL_ROLE(), this); acl.createPermission(root, proposal, proposal.ADD_PROPOSAL_ROLE(), this);
acl.grantPermissionP(root, proposal, proposal.ADD_PROPOSAL_ROLE(), params); //acl.grantPermissionP(address(-1), proposal, proposal.ADD_PROPOSAL_ROLE(), params);
acl.grantPermission(acl.ANY_ENTITY(), proposal, proposal.ADD_PROPOSAL_ROLE());
acl.setPermissionManager(root, proposal, proposal.VOTE_PROPOSAL_ROLE()); acl.setPermissionManager(root, proposal, proposal.VOTE_PROPOSAL_ROLE());
acl.setPermissionManager(root, proposal, proposal.ADD_PROPOSAL_ROLE()); acl.setPermissionManager(root, proposal, proposal.ADD_PROPOSAL_ROLE());