Ref #123: Testing, fixing, 1 behavior change

The behavior change is that I am forbidding changing a permission_object's parent until we come up with a safe way to support it. The issue is that it's possible to create loops by creating an object A with an existing parent B, then setting B's parent to A. The obvious solution is to ensure with every parent change that there is a path back to the owner authority by following parents, but to do this we need a tree depth limit. I haven't explored the implications of that, so I'm just disabling parent changes for the time being. The user can simply delete the old subtree and create a new one if he wants to move a subtree from one parent to another.

Ref #123: Testing, fixing, 1 behavior change
The behavior change is that I am forbidding changing a permission_object's parent until we come up with a safe way to support it. The issue is that it's possible to create loops by creating an object A with an existing parent B, then setting B's parent to A. The obvious solution is to ensure with every parent change that there is a path back to the owner authority by following parents, but to do this we need a tree depth limit. I haven't explored the implications of that, so I'm just disabling parent changes for the time being. The user can simply delete the old subtree and create a new one if he wants to move a subtree from one parent to another.
6218ccbd · Nathan Hourt · d4989d49 · 6218ccbd · 6218ccbd · 6218ccbd
4 changed file
--- a/libraries/chain/chain_controller.cpp
+++ b/libraries/chain/chain_controller.cpp
@@ -555,7 +555,7 @@ void chain_controller::validate_uniqueness( const SignedTransaction& trx )const
   if( !should_check_for_duplicate_transactions() ) return;

   auto transaction = _db.find<transaction_object, by_trx_id>(trx.id());
-   EOS_ASSERT(transaction == nullptr, transaction_exception, "Transaction is not unique");
+   EOS_ASSERT(transaction == nullptr, tx_duplicate, "Transaction is not unique");
 }

 void chain_controller::validate_tapos(const SignedTransaction& trx)const {

--- a/libraries/chain/include/eos/chain/exceptions.hpp
+++ b/libraries/chain/include/eos/chain/exceptions.hpp
@@ -52,6 +52,7 @@ namespace eos { namespace chain {
   FC_DECLARE_DERIVED_EXCEPTION( tx_missing_scope,                  eos::chain::transaction_exception, 3030008, "missing required scope" )
   FC_DECLARE_DERIVED_EXCEPTION( tx_missing_recipient,              eos::chain::transaction_exception, 3030009, "missing required recipient" )
   FC_DECLARE_DERIVED_EXCEPTION( checktime_exceeded,                eos::chain::transaction_exception, 3030010, "allotted processing time was exceeded" )
+   FC_DECLARE_DERIVED_EXCEPTION( tx_duplicate,                      eos::chain::transaction_exception, 3030011, "duplicate transaction" )

   FC_DECLARE_DERIVED_EXCEPTION( invalid_pts_address,               eos::chain::utility_exception, 3060001, "invalid pts address" )
   FC_DECLARE_DERIVED_EXCEPTION( insufficient_feeds,                eos::chain::chain_exception, 37006, "insufficient feeds" )

--- a/libraries/native_contract/eos_contract.cpp
+++ b/libraries/native_contract/eos_contract.cpp
@@ -377,15 +377,17 @@ void apply_eos_updateauth(apply_context& context) {
   context.require_authorization(update.account);

   db.get<account_object, by_name>(update.account);
-   auto& parent = db.get<permission_object, by_owner>(boost::make_tuple(update.account, update.parent));
   for (auto accountPermission : update.authority.accounts) {
      db.get<account_object, by_name>(accountPermission.permission.account);
      db.get<permission_object, by_owner>(boost::make_tuple(accountPermission.permission.account,
                                                            accountPermission.permission.permission));
   }

-   const auto& permission = db.find<permission_object, by_owner>(boost::make_tuple(update.account, update.permission));
+   auto permission = db.find<permission_object, by_owner>(boost::make_tuple(update.account, update.permission));
+   auto& parent = db.get<permission_object, by_owner>(boost::make_tuple(update.account, update.parent));
   if (permission) {
+      EOS_ASSERT(parent.id == permission->parent, message_precondition_exception,
+                 "Changing parent authority is not currently supported");
      db.modify(*permission, [&update, parent = parent.id](permission_object& po) {
         po.auth = update.authority;
         po.parent = parent;

--- a/tests/tests/native_contract_tests.cpp
+++ b/tests/tests/native_contract_tests.cpp
@@ -390,12 +390,26 @@ BOOST_FIXTURE_TEST_CASE(auth_tests, testing_fixture) {
   Make_Account(chain, alice);
   chain.produce_blocks();

+   BOOST_CHECK_THROW(Delete_Authority(chain, alice, "active"), message_validate_exception);
+   BOOST_CHECK_THROW(Delete_Authority(chain, alice, "owner"), message_validate_exception);
+
   Make_Key(k1);
   Set_Authority(chain, alice, "spending", "active", Key_Authority(k1_public_key));
   BOOST_CHECK_THROW(Set_Authority(chain, alice, "spending", "spending", Key_Authority(k1_public_key)),
                     message_validate_exception);
-   Set_Authority(chain, alice, "spending", "owner", Key_Authority(k1_public_key));
+   BOOST_CHECK_THROW(Set_Authority(chain, alice, "spending", "owner", Key_Authority(k1_public_key)),
+                     message_precondition_exception);
+   Delete_Authority(chain, alice, "spending");
+
+   chain.produce_blocks();
+
+   Set_Authority(chain, alice, "trading", "active", Key_Authority(k1_public_key));
+   Set_Authority(chain, alice, "spending", "trading", Key_Authority(k1_public_key));
+   BOOST_CHECK_THROW(Delete_Authority(chain, alice, "trading"), message_precondition_exception);
+   BOOST_CHECK_THROW(Set_Authority(chain, alice, "trading", "spending", Key_Authority(k1_public_key)),
+                     message_precondition_exception);
   Delete_Authority(chain, alice, "spending");
+   Delete_Authority(chain, alice, "trading");
 } FC_LOG_AND_RETHROW() }

 BOOST_AUTO_TEST_SUITE_END()