diff --git a/Cargo.lock b/Cargo.lock index 6d476495..f1c90522 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2155,7 +2155,7 @@ checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24" [[package]] name = "neutron-chain-manager" -version = "0.3.0" +version = "0.4.0" dependencies = [ "anyhow", "cosmwasm-schema 2.0.4", diff --git a/contracts/dao/neutron-chain-manager/Cargo.toml b/contracts/dao/neutron-chain-manager/Cargo.toml index 9b19fdb1..c1a94de6 100644 --- a/contracts/dao/neutron-chain-manager/Cargo.toml +++ b/contracts/dao/neutron-chain-manager/Cargo.toml @@ -4,7 +4,7 @@ description = "A chain manager implementation that grants fine-grained admin per edition = "2021" name = "neutron-chain-manager" repository = "https://github.com/neutron-org/neutron-dao" -version = "0.3.0" +version = "0.4.0" [lib] crate-type = ["cdylib", "rlib"] diff --git a/contracts/dao/neutron-chain-manager/src/adminmodule_module_types.rs b/contracts/dao/neutron-chain-manager/src/adminmodule_module_types.rs new file mode 100644 index 00000000..b889aa32 --- /dev/null +++ b/contracts/dao/neutron-chain-manager/src/adminmodule_module_types.rs @@ -0,0 +1,2 @@ +pub const MSG_TYPE_SOFTWARE_UPGRADE: &str = "/cosmos.upgrade.v1beta1.MsgSoftwareUpgrade"; +pub const MSG_TYPE_CANCEL_SOFTWARE_UPGRADE: &str = "/cosmos.upgrade.v1beta1.MsgCancelUpgrade"; diff --git a/contracts/dao/neutron-chain-manager/src/contract.rs b/contracts/dao/neutron-chain-manager/src/contract.rs index 85192c20..496f6117 100644 --- a/contracts/dao/neutron-chain-manager/src/contract.rs +++ b/contracts/dao/neutron-chain-manager/src/contract.rs @@ -1,12 +1,15 @@ +use crate::adminmodule_module_types::{ + MSG_TYPE_CANCEL_SOFTWARE_UPGRADE, MSG_TYPE_SOFTWARE_UPGRADE, +}; use crate::cron_module_types::{ MsgUpdateParamsCron, ParamsRequestCron, ParamsResponseCron, MSG_TYPE_ADD_SCHEDULE, MSG_TYPE_REMOVE_SCHEDULE, MSG_TYPE_UPDATE_PARAMS_CRON, PARAMS_QUERY_PATH_CRON, }; -use crate::dex_module_param_types::{ +use crate::dex_module_types::{ MsgUpdateParamsDex, ParamsRequestDex, ParamsResponseDex, MSG_TYPE_UPDATE_PARAMS_DEX, PARAMS_QUERY_PATH_DEX, }; -use crate::tokenfactory_module_param_types::{ +use crate::tokenfactory_module_types::{ MsgUpdateParamsTokenfactory, ParamsRequestTokenfactory, ParamsResponseTokenfactory, MSG_TYPE_UPDATE_PARAMS_TOKENFACTORY, PARAMS_QUERY_PATH_TOKENFACTORY, }; @@ -236,29 +239,38 @@ fn check_proposal_execute_message( let typed_proposal: ProposalExecuteMessageJSON = serde_json_wasm::from_str(proposal.message.as_str())?; - if typed_proposal.type_field.as_str() == MSG_TYPE_UPDATE_PARAMS_CRON { - check_cron_update_msg_params(deps, strategy, proposal)?; - Ok(()) - } else if typed_proposal.type_field.as_str() == MSG_TYPE_UPDATE_PARAMS_TOKENFACTORY { - check_tokenfactory_update_msg_params(deps, strategy, proposal)?; - Ok(()) - } else if typed_proposal.type_field.as_str() == MSG_TYPE_UPDATE_PARAMS_DEX { - check_dex_update_msg_params(deps, strategy, proposal)?; - Ok(()) - } else if typed_proposal.type_field.as_str() == MSG_TYPE_ADD_SCHEDULE { - if strategy.has_cron_add_schedule_permission() { + match typed_proposal.type_field.as_str() { + MSG_TYPE_UPDATE_PARAMS_CRON => { + check_cron_update_msg_params(deps, strategy, proposal)?; Ok(()) - } else { - Err(ContractError::Unauthorized {}) } - } else if typed_proposal.type_field.as_str() == MSG_TYPE_REMOVE_SCHEDULE { - if strategy.has_cron_remove_schedule_permission() { + MSG_TYPE_UPDATE_PARAMS_TOKENFACTORY => { + check_tokenfactory_update_msg_params(deps, strategy, proposal)?; Ok(()) - } else { - Err(ContractError::Unauthorized {}) } - } else { - Err(ContractError::Unauthorized {}) + MSG_TYPE_UPDATE_PARAMS_DEX => { + check_dex_update_msg_params(deps, strategy, proposal)?; + Ok(()) + } + MSG_TYPE_ADD_SCHEDULE => match strategy.has_cron_add_schedule_permission() { + true => Ok(()), + false => Err(ContractError::Unauthorized {}), + }, + MSG_TYPE_REMOVE_SCHEDULE => match strategy.has_cron_remove_schedule_permission() { + true => Ok(()), + false => Err(ContractError::Unauthorized {}), + }, + MSG_TYPE_SOFTWARE_UPGRADE => match strategy.has_software_upgrade_permission() { + true => Ok(()), + false => Err(ContractError::Unauthorized {}), + }, + MSG_TYPE_CANCEL_SOFTWARE_UPGRADE => { + match strategy.has_cancel_software_upgrade_permission() { + true => Ok(()), + false => Err(ContractError::Unauthorized {}), + } + } + _ => Err(ContractError::Unauthorized {}), } } diff --git a/contracts/dao/neutron-chain-manager/src/dex_module_param_types.rs b/contracts/dao/neutron-chain-manager/src/dex_module_types.rs similarity index 100% rename from contracts/dao/neutron-chain-manager/src/dex_module_param_types.rs rename to contracts/dao/neutron-chain-manager/src/dex_module_types.rs diff --git a/contracts/dao/neutron-chain-manager/src/lib.rs b/contracts/dao/neutron-chain-manager/src/lib.rs index 892b571a..747c14ae 100644 --- a/contracts/dao/neutron-chain-manager/src/lib.rs +++ b/contracts/dao/neutron-chain-manager/src/lib.rs @@ -1,10 +1,11 @@ +pub mod adminmodule_module_types; pub mod contract; mod cron_module_types; -mod dex_module_param_types; +mod dex_module_types; mod error; pub mod msg; pub mod state; #[cfg(test)] mod testing; -mod tokenfactory_module_param_types; +mod tokenfactory_module_types; pub mod utils; diff --git a/contracts/dao/neutron-chain-manager/src/msg.rs b/contracts/dao/neutron-chain-manager/src/msg.rs index 478bf15f..9308fa55 100644 --- a/contracts/dao/neutron-chain-manager/src/msg.rs +++ b/contracts/dao/neutron-chain-manager/src/msg.rs @@ -171,6 +171,34 @@ impl Strategy { } } } + + pub fn has_software_upgrade_permission(&self) -> bool { + match self { + Strategy::AllowAll => true, + Strategy::AllowOnly(permissions) => { + match permissions.get(&PermissionType::SoftwareUpgradePermission) { + Some(Permission::SoftwareUpgradePermission(software_upgrade_params)) => { + software_upgrade_params.upgrade + } + _ => false, + } + } + } + } + + pub fn has_cancel_software_upgrade_permission(&self) -> bool { + match self { + Strategy::AllowAll => true, + Strategy::AllowOnly(permissions) => { + match permissions.get(&PermissionType::SoftwareUpgradePermission) { + Some(Permission::SoftwareUpgradePermission(software_upgrade_params)) => { + software_upgrade_params.cancel_upgrade + } + _ => false, + } + } + } + } } #[cw_serde] @@ -183,6 +211,7 @@ pub enum Permission { UpdateTokenfactoryParamsPermission(TokenfactoryUpdateParamsPermission), UpdateDexParamsPermission(DexUpdateParamsPermission), CronPermission(CronPermission), + SoftwareUpgradePermission(SoftwareUpgradePermission), } impl From for PermissionType { @@ -195,6 +224,7 @@ impl From for PermissionType { } Permission::UpdateDexParamsPermission(_) => PermissionType::UpdateDexParamsPermission, Permission::CronPermission(_) => PermissionType::CronPermission, + Permission::SoftwareUpgradePermission(_) => PermissionType::SoftwareUpgradePermission, } } } @@ -207,6 +237,7 @@ pub enum PermissionType { UpdateTokenfactoryParamsPermission, UpdateDexParamsPermission, CronPermission, + SoftwareUpgradePermission, } #[cw_serde] @@ -260,6 +291,13 @@ pub struct DexUpdateParamsPermission { pub good_til_purge_allowance: bool, } +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, Eq, JsonSchema)] +#[serde(rename_all = "snake_case")] +pub struct SoftwareUpgradePermission { + pub upgrade: bool, + pub cancel_upgrade: bool, +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq, Eq, JsonSchema)] #[serde(rename_all = "snake_case")] pub struct ProposalExecuteMessageJSON { diff --git a/contracts/dao/neutron-chain-manager/src/testing/mock_querier.rs b/contracts/dao/neutron-chain-manager/src/testing/mock_querier.rs index ce4d2209..1f3baaa7 100644 --- a/contracts/dao/neutron-chain-manager/src/testing/mock_querier.rs +++ b/contracts/dao/neutron-chain-manager/src/testing/mock_querier.rs @@ -1,6 +1,6 @@ use crate::cron_module_types::{ParamsCron, ParamsResponseCron}; -use crate::dex_module_param_types::{ParamsDex, ParamsResponseDex}; -use crate::tokenfactory_module_param_types::{ParamsResponseTokenfactory, ParamsTokenfactory}; +use crate::dex_module_types::{ParamsDex, ParamsResponseDex}; +use crate::tokenfactory_module_types::{ParamsResponseTokenfactory, ParamsTokenfactory}; use cosmwasm_std::testing::{MockApi, MockQuerier, MockStorage}; use cosmwasm_std::{ coin, from_json, to_json_binary, ContractResult, Empty, OwnedDeps, Querier, QuerierResult, diff --git a/contracts/dao/neutron-chain-manager/src/tokenfactory_module_param_types.rs b/contracts/dao/neutron-chain-manager/src/tokenfactory_module_types.rs similarity index 100% rename from contracts/dao/neutron-chain-manager/src/tokenfactory_module_param_types.rs rename to contracts/dao/neutron-chain-manager/src/tokenfactory_module_types.rs