UNPKG

secretstore-contracts

Version:

Secret Store permissioning and service contracts collection and toolkit.

github.com/energywebfoundation/secretstore-contracts

energywebfoundation/secretstore-contracts

277 lines (229 loc) 14.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
"use strict"; const path = require('path'); const chai = require("chai"); const chaiAsPromised = require("chai-as-promised"); chai.use(chaiAsPromised); const assert = chai.assert; const expect = chai.expect; const web3 = new (require('web3'))("http://127.0.0.1:8545"); const alice = "0x3144de21da6de18061f818836fa3db8f3d6b6989"; const bob = "0x6c4b8b199a41b721e0a95df9860cf0a18732e76d"; const charlie = "0x8b2c16e09bfb011c5e4883cedb105124ccf01af7"; const tutils = require(path.join(__dirname, "../testutils.js")); const ContractQueryJSON = require(path.join(__dirname, "../../build/contracts/ERC165Query.json")); const ContractRegistryJSON = require(path.join(__dirname, "../../build/contracts/PermissioningRegistry.json")); const nullAddress = "0x0000000000000000000000000000000000000000"; const testDoc = "0xfefefefe"; async function checkPermissionsTrue(contract) { let allowed = await contract.methods.checkPermissions(alice, testDoc).call(); assert.isTrue(allowed); allowed = await contract.methods.checkPermissions(bob, testDoc).call(); assert.isTrue(allowed); allowed = await contract.methods.checkPermissions(charlie, testDoc).call(); assert.isFalse(allowed); } describe("Permissioning registry contract", async function() { this.timeout(25000); let from; let accounts; before(async function() { accounts = await web3.eth.getAccounts(); from = accounts[0]; }); it('should deploy successfully', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); assert.exists(instance.options.address); assert.isNotEmpty(instance.options.address); }); it('should add permission successfully', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); let rec = await instance.methods.permission(testDoc, [alice, bob]).send({from: from}); checkPermissionsTrue(instance); }); it('should emit event on permisson add', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); let rec = await instance.methods.permission(testDoc, [alice, bob]).send({from: from}); assert.isTrue(rec.events.hasOwnProperty("Permission")); }); it('should allow only admin to modify', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); let rec = await instance.methods.permission(testDoc, [alice, bob]).send({from: accounts[1]}); assert.isTrue(rec.status); await expect(instance.methods.permission(testDoc, [charlie, bob]).send({from: accounts[2]})) .to.be.rejectedWith(Error); }); it('should allow owner to modify anything', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.permission(testDoc, [alice, bob]).send({from: from}); checkPermissionsTrue(instance); }); it('should change admin successfully', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setAdmin(testDoc, accounts[2]).send({from: accounts[1]}); assert.equal(await instance.methods.getAdmin(testDoc).call(), web3.utils.toChecksumAddress(accounts[2])); }); it('should emit event on admin change', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); let rec = await instance.methods.setAdmin(testDoc, accounts[2]).send({from: accounts[1]}); assert.isTrue(rec.events.hasOwnProperty("NewAdmin")); }); it('should not allow new admin to be 0x0', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: from}); await expect(instance.methods.setAdmin(testDoc, nullAddress).send({from: from})) .to.be.rejectedWith(Error); }); it('should not allow unathorized person to change admin', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await expect(instance.methods.setAdmin(testDoc, accounts[2]).send({from: accounts[2]})) .to.be.rejectedWith(Error); }); it('should allow owner to change admin', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setAdmin(testDoc, accounts[2]).send({from: from}); assert.equal(await instance.methods.getAdmin(testDoc).call(), web3.utils.toChecksumAddress(accounts[2])); }); it('should not be exposed uninitialized', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); let exposed = await instance.methods.isExposed(testDoc).call(); assert.isFalse(exposed); }); it('should not be exposed by default', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); let exposed = await instance.methods.isExposed(testDoc).call(); assert.isFalse(exposed); }); it('should not allow uninitialized permission to return true', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); let allowed = await instance.methods.checkPermissions(charlie, testDoc).call(); assert.isFalse(allowed); }); it('should not allow default permission to return true on unexposed entry', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); let allowed = await instance.methods.checkPermissions(bob, testDoc).call(); assert.isFalse(allowed); }); it('should allow owner to change exposed', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setExposed(testDoc, true).send({from: accounts[1]}); let exposed = await instance.methods.isExposed(testDoc).call(); assert.isTrue(exposed); }); it('should not allow not-owner to change exposed', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await expect(instance.methods.setExposed(testDoc, true).send({from: accounts[2]})) .to.be.rejectedWith(Error); }); it('should always return true on an initialized exposed entry', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setExposed(testDoc, true).send({from: accounts[1]}); let exposed = await instance.methods.isExposed(testDoc).call(); assert.isTrue(exposed); let allowed = await instance.methods.checkPermissions(alice, testDoc).call(); assert.isTrue(allowed); allowed = await instance.methods.checkPermissions(bob, testDoc).call(); assert.isTrue(allowed); allowed = await instance.methods.checkPermissions(charlie, testDoc).call(); assert.isTrue(allowed); }); it('should change users successfully', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setUsers(testDoc, [alice, bob]).send({from: accounts[1]}); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), [web3.utils.toChecksumAddress(alice), web3.utils.toChecksumAddress(bob)]); }); it('should change users successfully to empty', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setUsers(testDoc, []).send({from: accounts[1]}); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), []); }); it('should emit event on users change', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); let rec = await instance.methods.setUsers(testDoc, [alice, bob]).send({from: accounts[1]}); assert.isTrue(rec.events.hasOwnProperty("Permission")); }); it('should not allow unathorized person to change users', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await expect(instance.methods.setUsers(testDoc, [alice, bob]).send({from: accounts[2]})) .to.be.rejectedWith(Error); }); it('should allow owner to change users', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [charlie]).send({from: accounts[1]}); await instance.methods.setUsers(testDoc, [alice, bob]).send({from: from}); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), [web3.utils.toChecksumAddress(alice), web3.utils.toChecksumAddress(bob)]); }); it('should allow admin to add users', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice]).send({from: accounts[1]}); await instance.methods.addUser(testDoc, bob).send({from: accounts[1]}); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), [web3.utils.toChecksumAddress(alice), web3.utils.toChecksumAddress(bob)]); }); it('should allow owner to add users', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice]).send({from: accounts[1]}); await instance.methods.addUser(testDoc, bob).send({from: from}); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), [web3.utils.toChecksumAddress(alice), web3.utils.toChecksumAddress(bob)]); }); it('should emit event on user add', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice]).send({from: accounts[1]}); let rec = await instance.methods.addUser(testDoc, bob).send({from: accounts[1]}); assert.isTrue(rec.events.hasOwnProperty("Permission")); }); it('should allow admin to delete permission', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice, bob]).send({from: accounts[1]}); await instance.methods.removePermission(testDoc).send({from: accounts[1]}); assert.equal(await instance.methods.getAdmin(testDoc).call(), nullAddress); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), []); }); it('should emit event on permission delete', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice, bob]).send({from: accounts[1]}); let rec = await instance.methods.removePermission(testDoc).send({from: accounts[1]}); assert.isTrue(rec.events.hasOwnProperty("Permission")); }); it('should allow owner to delete permission', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice, bob]).send({from: accounts[1]}); await instance.methods.removePermission(testDoc).send({from: from}); assert.equal(await instance.methods.getAdmin(testDoc).call(), nullAddress); assert.deepEqual(await instance.methods.getUsers(testDoc).call(), []); }); it('should not allow unauthorized user to delete permission', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); await instance.methods.permission(testDoc, [alice, bob]).send({from: accounts[1]}); await expect(instance.methods.removePermission(testDoc).send({from: accounts[2]})) .to.be.rejectedWith(Error); }); it('should support the erc165 interface', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); assert.isTrue(await instance.methods.supportsInterface("0x01ffc9a7").call()); }); it('should not support the 0xffffffff interface', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); assert.isFalse(await instance.methods.supportsInterface("0xffffffff").call()); }); it('should support the secret store permissioning interface', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); assert.isTrue(await instance.methods.supportsInterface("0xb36a9a7c").call()); }); it('should support the ownable interface', async function() { let instance = await tutils.deployRegistry(web3, [], {from: from}); assert.isTrue(await instance.methods.supportsInterface("0x813ae5ed").call()); }); });