diff --git a/api/cosmos/authz/v1beta1/authz.pulsar.go b/api/cosmos/authz/v1beta1/authz.pulsar.go index cb25a8e245d3..42424dd25f4f 100644 --- a/api/cosmos/authz/v1beta1/authz.pulsar.go +++ b/api/cosmos/authz/v1beta1/authz.pulsar.go @@ -442,6 +442,7 @@ var ( md_Grant protoreflect.MessageDescriptor fd_Grant_authorization protoreflect.FieldDescriptor fd_Grant_expiration protoreflect.FieldDescriptor + fd_Grant_rules protoreflect.FieldDescriptor ) func init() { @@ -449,6 +450,7 @@ func init() { md_Grant = File_cosmos_authz_v1beta1_authz_proto.Messages().ByName("Grant") fd_Grant_authorization = md_Grant.Fields().ByName("authorization") fd_Grant_expiration = md_Grant.Fields().ByName("expiration") + fd_Grant_rules = md_Grant.Fields().ByName("rules") } var _ protoreflect.Message = (*fastReflection_Grant)(nil) @@ -528,6 +530,12 @@ func (x *fastReflection_Grant) Range(f func(protoreflect.FieldDescriptor, protor return } } + if len(x.Rules) != 0 { + value := protoreflect.ValueOfBytes(x.Rules) + if !f(fd_Grant_rules, value) { + return + } + } } // Has reports whether a field is populated. @@ -547,6 +555,8 @@ func (x *fastReflection_Grant) Has(fd protoreflect.FieldDescriptor) bool { return x.Authorization != nil case "cosmos.authz.v1beta1.Grant.expiration": return x.Expiration != nil + case "cosmos.authz.v1beta1.Grant.rules": + return len(x.Rules) != 0 default: if fd.IsExtension() { panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.Grant")) @@ -567,6 +577,8 @@ func (x *fastReflection_Grant) Clear(fd protoreflect.FieldDescriptor) { x.Authorization = nil case "cosmos.authz.v1beta1.Grant.expiration": x.Expiration = nil + case "cosmos.authz.v1beta1.Grant.rules": + x.Rules = nil default: if fd.IsExtension() { panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.Grant")) @@ -589,6 +601,9 @@ func (x *fastReflection_Grant) Get(descriptor protoreflect.FieldDescriptor) prot case "cosmos.authz.v1beta1.Grant.expiration": value := x.Expiration return protoreflect.ValueOfMessage(value.ProtoReflect()) + case "cosmos.authz.v1beta1.Grant.rules": + value := x.Rules + return protoreflect.ValueOfBytes(value) default: if descriptor.IsExtension() { panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.Grant")) @@ -613,6 +628,8 @@ func (x *fastReflection_Grant) Set(fd protoreflect.FieldDescriptor, value protor x.Authorization = value.Message().Interface().(*anypb.Any) case "cosmos.authz.v1beta1.Grant.expiration": x.Expiration = value.Message().Interface().(*timestamppb.Timestamp) + case "cosmos.authz.v1beta1.Grant.rules": + x.Rules = value.Bytes() default: if fd.IsExtension() { panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.Grant")) @@ -643,6 +660,8 @@ func (x *fastReflection_Grant) Mutable(fd protoreflect.FieldDescriptor) protoref x.Expiration = new(timestamppb.Timestamp) } return protoreflect.ValueOfMessage(x.Expiration.ProtoReflect()) + case "cosmos.authz.v1beta1.Grant.rules": + panic(fmt.Errorf("field rules of message cosmos.authz.v1beta1.Grant is not mutable")) default: if fd.IsExtension() { panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.Grant")) @@ -662,6 +681,8 @@ func (x *fastReflection_Grant) NewField(fd protoreflect.FieldDescriptor) protore case "cosmos.authz.v1beta1.Grant.expiration": m := new(timestamppb.Timestamp) return protoreflect.ValueOfMessage(m.ProtoReflect()) + case "cosmos.authz.v1beta1.Grant.rules": + return protoreflect.ValueOfBytes(nil) default: if fd.IsExtension() { panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.Grant")) @@ -739,6 +760,10 @@ func (x *fastReflection_Grant) ProtoMethods() *protoiface.Methods { l = options.Size(x.Expiration) n += 1 + l + runtime.Sov(uint64(l)) } + l = len(x.Rules) + if l > 0 { + n += 1 + l + runtime.Sov(uint64(l)) + } if x.unknownFields != nil { n += len(x.unknownFields) } @@ -768,6 +793,13 @@ func (x *fastReflection_Grant) ProtoMethods() *protoiface.Methods { i -= len(x.unknownFields) copy(dAtA[i:], x.unknownFields) } + if len(x.Rules) > 0 { + i -= len(x.Rules) + copy(dAtA[i:], x.Rules) + i = runtime.EncodeVarint(dAtA, i, uint64(len(x.Rules))) + i-- + dAtA[i] = 0x1a + } if x.Expiration != nil { encoded, err := options.Marshal(x.Expiration) if err != nil { @@ -917,6 +949,40 @@ func (x *fastReflection_Grant) ProtoMethods() *protoiface.Methods { return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, err } iNdEx = postIndex + case 3: + if wireType != 2 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: wrong wireType = %d for field Rules", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrIntOverflow + } + if iNdEx >= l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + if postIndex > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + x.Rules = append(x.Rules[:0], dAtA[iNdEx:postIndex]...) + if x.Rules == nil { + x.Rules = []byte{} + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := runtime.Skip(dAtA[iNdEx:]) @@ -2074,6 +2140,428 @@ func (x *fastReflection_GrantQueueItem) ProtoMethods() *protoiface.Methods { } } +var ( + md_AuthzRuleKeys protoreflect.MessageDescriptor + fd_AuthzRuleKeys_raw_json protoreflect.FieldDescriptor +) + +func init() { + file_cosmos_authz_v1beta1_authz_proto_init() + md_AuthzRuleKeys = File_cosmos_authz_v1beta1_authz_proto.Messages().ByName("AuthzRuleKeys") + fd_AuthzRuleKeys_raw_json = md_AuthzRuleKeys.Fields().ByName("raw_json") +} + +var _ protoreflect.Message = (*fastReflection_AuthzRuleKeys)(nil) + +type fastReflection_AuthzRuleKeys AuthzRuleKeys + +func (x *AuthzRuleKeys) ProtoReflect() protoreflect.Message { + return (*fastReflection_AuthzRuleKeys)(x) +} + +func (x *AuthzRuleKeys) slowProtoReflect() protoreflect.Message { + mi := &file_cosmos_authz_v1beta1_authz_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +var _fastReflection_AuthzRuleKeys_messageType fastReflection_AuthzRuleKeys_messageType +var _ protoreflect.MessageType = fastReflection_AuthzRuleKeys_messageType{} + +type fastReflection_AuthzRuleKeys_messageType struct{} + +func (x fastReflection_AuthzRuleKeys_messageType) Zero() protoreflect.Message { + return (*fastReflection_AuthzRuleKeys)(nil) +} +func (x fastReflection_AuthzRuleKeys_messageType) New() protoreflect.Message { + return new(fastReflection_AuthzRuleKeys) +} +func (x fastReflection_AuthzRuleKeys_messageType) Descriptor() protoreflect.MessageDescriptor { + return md_AuthzRuleKeys +} + +// Descriptor returns message descriptor, which contains only the protobuf +// type information for the message. +func (x *fastReflection_AuthzRuleKeys) Descriptor() protoreflect.MessageDescriptor { + return md_AuthzRuleKeys +} + +// Type returns the message type, which encapsulates both Go and protobuf +// type information. If the Go type information is not needed, +// it is recommended that the message descriptor be used instead. +func (x *fastReflection_AuthzRuleKeys) Type() protoreflect.MessageType { + return _fastReflection_AuthzRuleKeys_messageType +} + +// New returns a newly allocated and mutable empty message. +func (x *fastReflection_AuthzRuleKeys) New() protoreflect.Message { + return new(fastReflection_AuthzRuleKeys) +} + +// Interface unwraps the message reflection interface and +// returns the underlying ProtoMessage interface. +func (x *fastReflection_AuthzRuleKeys) Interface() protoreflect.ProtoMessage { + return (*AuthzRuleKeys)(x) +} + +// Range iterates over every populated field in an undefined order, +// calling f for each field descriptor and value encountered. +// Range returns immediately if f returns false. +// While iterating, mutating operations may only be performed +// on the current field descriptor. +func (x *fastReflection_AuthzRuleKeys) Range(f func(protoreflect.FieldDescriptor, protoreflect.Value) bool) { + if len(x.RawJson) != 0 { + value := protoreflect.ValueOfBytes(x.RawJson) + if !f(fd_AuthzRuleKeys_raw_json, value) { + return + } + } +} + +// Has reports whether a field is populated. +// +// Some fields have the property of nullability where it is possible to +// distinguish between the default value of a field and whether the field +// was explicitly populated with the default value. Singular message fields, +// member fields of a oneof, and proto2 scalar fields are nullable. Such +// fields are populated only if explicitly set. +// +// In other cases (aside from the nullable cases above), +// a proto3 scalar field is populated if it contains a non-zero value, and +// a repeated field is populated if it is non-empty. +func (x *fastReflection_AuthzRuleKeys) Has(fd protoreflect.FieldDescriptor) bool { + switch fd.FullName() { + case "cosmos.authz.v1beta1.AuthzRuleKeys.raw_json": + return len(x.RawJson) != 0 + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.AuthzRuleKeys")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.AuthzRuleKeys does not contain field %s", fd.FullName())) + } +} + +// Clear clears the field such that a subsequent Has call reports false. +// +// Clearing an extension field clears both the extension type and value +// associated with the given field number. +// +// Clear is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_AuthzRuleKeys) Clear(fd protoreflect.FieldDescriptor) { + switch fd.FullName() { + case "cosmos.authz.v1beta1.AuthzRuleKeys.raw_json": + x.RawJson = nil + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.AuthzRuleKeys")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.AuthzRuleKeys does not contain field %s", fd.FullName())) + } +} + +// Get retrieves the value for a field. +// +// For unpopulated scalars, it returns the default value, where +// the default value of a bytes scalar is guaranteed to be a copy. +// For unpopulated composite types, it returns an empty, read-only view +// of the value; to obtain a mutable reference, use Mutable. +func (x *fastReflection_AuthzRuleKeys) Get(descriptor protoreflect.FieldDescriptor) protoreflect.Value { + switch descriptor.FullName() { + case "cosmos.authz.v1beta1.AuthzRuleKeys.raw_json": + value := x.RawJson + return protoreflect.ValueOfBytes(value) + default: + if descriptor.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.AuthzRuleKeys")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.AuthzRuleKeys does not contain field %s", descriptor.FullName())) + } +} + +// Set stores the value for a field. +// +// For a field belonging to a oneof, it implicitly clears any other field +// that may be currently set within the same oneof. +// For extension fields, it implicitly stores the provided ExtensionType. +// When setting a composite type, it is unspecified whether the stored value +// aliases the source's memory in any way. If the composite value is an +// empty, read-only value, then it panics. +// +// Set is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_AuthzRuleKeys) Set(fd protoreflect.FieldDescriptor, value protoreflect.Value) { + switch fd.FullName() { + case "cosmos.authz.v1beta1.AuthzRuleKeys.raw_json": + x.RawJson = value.Bytes() + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.AuthzRuleKeys")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.AuthzRuleKeys does not contain field %s", fd.FullName())) + } +} + +// Mutable returns a mutable reference to a composite type. +// +// If the field is unpopulated, it may allocate a composite value. +// For a field belonging to a oneof, it implicitly clears any other field +// that may be currently set within the same oneof. +// For extension fields, it implicitly stores the provided ExtensionType +// if not already stored. +// It panics if the field does not contain a composite type. +// +// Mutable is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_AuthzRuleKeys) Mutable(fd protoreflect.FieldDescriptor) protoreflect.Value { + switch fd.FullName() { + case "cosmos.authz.v1beta1.AuthzRuleKeys.raw_json": + panic(fmt.Errorf("field raw_json of message cosmos.authz.v1beta1.AuthzRuleKeys is not mutable")) + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.AuthzRuleKeys")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.AuthzRuleKeys does not contain field %s", fd.FullName())) + } +} + +// NewField returns a new value that is assignable to the field +// for the given descriptor. For scalars, this returns the default value. +// For lists, maps, and messages, this returns a new, empty, mutable value. +func (x *fastReflection_AuthzRuleKeys) NewField(fd protoreflect.FieldDescriptor) protoreflect.Value { + switch fd.FullName() { + case "cosmos.authz.v1beta1.AuthzRuleKeys.raw_json": + return protoreflect.ValueOfBytes(nil) + default: + if fd.IsExtension() { + panic(fmt.Errorf("proto3 declared messages do not support extensions: cosmos.authz.v1beta1.AuthzRuleKeys")) + } + panic(fmt.Errorf("message cosmos.authz.v1beta1.AuthzRuleKeys does not contain field %s", fd.FullName())) + } +} + +// WhichOneof reports which field within the oneof is populated, +// returning nil if none are populated. +// It panics if the oneof descriptor does not belong to this message. +func (x *fastReflection_AuthzRuleKeys) WhichOneof(d protoreflect.OneofDescriptor) protoreflect.FieldDescriptor { + switch d.FullName() { + default: + panic(fmt.Errorf("%s is not a oneof field in cosmos.authz.v1beta1.AuthzRuleKeys", d.FullName())) + } + panic("unreachable") +} + +// GetUnknown retrieves the entire list of unknown fields. +// The caller may only mutate the contents of the RawFields +// if the mutated bytes are stored back into the message with SetUnknown. +func (x *fastReflection_AuthzRuleKeys) GetUnknown() protoreflect.RawFields { + return x.unknownFields +} + +// SetUnknown stores an entire list of unknown fields. +// The raw fields must be syntactically valid according to the wire format. +// An implementation may panic if this is not the case. +// Once stored, the caller must not mutate the content of the RawFields. +// An empty RawFields may be passed to clear the fields. +// +// SetUnknown is a mutating operation and unsafe for concurrent use. +func (x *fastReflection_AuthzRuleKeys) SetUnknown(fields protoreflect.RawFields) { + x.unknownFields = fields +} + +// IsValid reports whether the message is valid. +// +// An invalid message is an empty, read-only value. +// +// An invalid message often corresponds to a nil pointer of the concrete +// message type, but the details are implementation dependent. +// Validity is not part of the protobuf data model, and may not +// be preserved in marshaling or other operations. +func (x *fastReflection_AuthzRuleKeys) IsValid() bool { + return x != nil +} + +// ProtoMethods returns optional fastReflectionFeature-path implementations of various operations. +// This method may return nil. +// +// The returned methods type is identical to +// "google.golang.org/protobuf/runtime/protoiface".Methods. +// Consult the protoiface package documentation for details. +func (x *fastReflection_AuthzRuleKeys) ProtoMethods() *protoiface.Methods { + size := func(input protoiface.SizeInput) protoiface.SizeOutput { + x := input.Message.Interface().(*AuthzRuleKeys) + if x == nil { + return protoiface.SizeOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Size: 0, + } + } + options := runtime.SizeInputToOptions(input) + _ = options + var n int + var l int + _ = l + l = len(x.RawJson) + if l > 0 { + n += 1 + l + runtime.Sov(uint64(l)) + } + if x.unknownFields != nil { + n += len(x.unknownFields) + } + return protoiface.SizeOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Size: n, + } + } + + marshal := func(input protoiface.MarshalInput) (protoiface.MarshalOutput, error) { + x := input.Message.Interface().(*AuthzRuleKeys) + if x == nil { + return protoiface.MarshalOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Buf: input.Buf, + }, nil + } + options := runtime.MarshalInputToOptions(input) + _ = options + size := options.Size(x) + dAtA := make([]byte, size) + i := len(dAtA) + _ = i + var l int + _ = l + if x.unknownFields != nil { + i -= len(x.unknownFields) + copy(dAtA[i:], x.unknownFields) + } + if len(x.RawJson) > 0 { + i -= len(x.RawJson) + copy(dAtA[i:], x.RawJson) + i = runtime.EncodeVarint(dAtA, i, uint64(len(x.RawJson))) + i-- + dAtA[i] = 0xa + } + if input.Buf != nil { + input.Buf = append(input.Buf, dAtA...) + } else { + input.Buf = dAtA + } + return protoiface.MarshalOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Buf: input.Buf, + }, nil + } + unmarshal := func(input protoiface.UnmarshalInput) (protoiface.UnmarshalOutput, error) { + x := input.Message.Interface().(*AuthzRuleKeys) + if x == nil { + return protoiface.UnmarshalOutput{ + NoUnkeyedLiterals: input.NoUnkeyedLiterals, + Flags: input.Flags, + }, nil + } + options := runtime.UnmarshalInputToOptions(input) + _ = options + dAtA := input.Buf + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrIntOverflow + } + if iNdEx >= l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: AuthzRuleKeys: wiretype end group for non-group") + } + if fieldNum <= 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: AuthzRuleKeys: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, fmt.Errorf("proto: wrong wireType = %d for field RawJson", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrIntOverflow + } + if iNdEx >= l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + if postIndex > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + x.RawJson = append(x.RawJson[:0], dAtA[iNdEx:postIndex]...) + if x.RawJson == nil { + x.RawJson = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := runtime.Skip(dAtA[iNdEx:]) + if err != nil { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, runtime.ErrInvalidLength + } + if (iNdEx + skippy) > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + if !options.DiscardUnknown { + x.unknownFields = append(x.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) + } + iNdEx += skippy + } + } + + if iNdEx > l { + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, io.ErrUnexpectedEOF + } + return protoiface.UnmarshalOutput{NoUnkeyedLiterals: input.NoUnkeyedLiterals, Flags: input.Flags}, nil + } + return &protoiface.Methods{ + NoUnkeyedLiterals: struct{}{}, + Flags: protoiface.SupportMarshalDeterministic | protoiface.SupportUnmarshalDiscardUnknown, + Size: size, + Marshal: marshal, + Unmarshal: unmarshal, + Merge: nil, + CheckInitialized: nil, + } +} + // Since: cosmos-sdk 0.43 // Code generated by protoc-gen-go. DO NOT EDIT. @@ -2139,6 +2627,8 @@ type Grant struct { // doesn't have a time expiration (other conditions in `authorization` // may apply to invalidate the grant) Expiration *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=expiration,proto3" json:"expiration,omitempty"` + // rules are conditions to execute the grant. + Rules []byte `protobuf:"bytes,3,opt,name=rules,proto3" json:"rules,omitempty"` } func (x *Grant) Reset() { @@ -2175,6 +2665,13 @@ func (x *Grant) GetExpiration() *timestamppb.Timestamp { return nil } +func (x *Grant) GetRules() []byte { + if x != nil { + return x.Rules + } + return nil +} + // GrantAuthorization extends a grant with both the addresses of the grantee and granter. // It is used in genesis.proto and query.proto type GrantAuthorization struct { @@ -2273,6 +2770,42 @@ func (x *GrantQueueItem) GetMsgTypeUrls() []string { return nil } +// AuthzRuleKeys is app specific options to the keys +type AuthzRuleKeys struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + RawJson []byte `protobuf:"bytes,1,opt,name=raw_json,json=rawJson,proto3" json:"raw_json,omitempty"` +} + +func (x *AuthzRuleKeys) Reset() { + *x = AuthzRuleKeys{} + if protoimpl.UnsafeEnabled { + mi := &file_cosmos_authz_v1beta1_authz_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *AuthzRuleKeys) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthzRuleKeys) ProtoMessage() {} + +// Deprecated: Use AuthzRuleKeys.ProtoReflect.Descriptor instead. +func (*AuthzRuleKeys) Descriptor() ([]byte, []int) { + return file_cosmos_authz_v1beta1_authz_proto_rawDescGZIP(), []int{4} +} + +func (x *AuthzRuleKeys) GetRawJson() []byte { + if x != nil { + return x.RawJson + } + return nil +} + var File_cosmos_authz_v1beta1_authz_proto protoreflect.FileDescriptor var file_cosmos_authz_v1beta1_authz_proto_rawDesc = []byte{ @@ -2296,7 +2829,7 @@ var file_cosmos_authz_v1beta1_authz_proto_rawDesc = []byte{ 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x8a, 0xe7, 0xb0, 0x2a, 0x1f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, - 0x63, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xb1, + 0x63, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xc7, 0x01, 0x0a, 0x05, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x12, 0x62, 0x0a, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, @@ -2308,42 +2841,46 @@ var file_cosmos_authz_v1beta1_authz_proto_rawDesc = []byte{ 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x08, 0xc8, 0xde, 0x1f, 0x01, 0x90, 0xdf, 0x1f, 0x01, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x22, 0xa2, 0x02, 0x0a, 0x12, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x41, 0x75, 0x74, 0x68, - 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x32, 0x0a, 0x07, 0x67, 0x72, 0x61, - 0x6e, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x18, 0xd2, 0xb4, 0x2d, 0x14, - 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x53, 0x74, - 0x72, 0x69, 0x6e, 0x67, 0x52, 0x07, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x32, 0x0a, - 0x07, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x65, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x18, - 0xd2, 0xb4, 0x2d, 0x14, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, - 0x73, 0x73, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x52, 0x07, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x65, - 0x65, 0x12, 0x62, 0x0a, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x42, 0x26, - 0xca, 0xb4, 0x2d, 0x22, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, - 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x40, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, - 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x04, 0x90, 0xdf, 0x1f, 0x01, 0x52, 0x0a, 0x65, 0x78, 0x70, - 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x34, 0x0a, 0x0e, 0x47, 0x72, 0x61, 0x6e, 0x74, - 0x51, 0x75, 0x65, 0x75, 0x65, 0x49, 0x74, 0x65, 0x6d, 0x12, 0x22, 0x0a, 0x0d, 0x6d, 0x73, 0x67, - 0x5f, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, - 0x52, 0x0b, 0x6d, 0x73, 0x67, 0x54, 0x79, 0x70, 0x65, 0x55, 0x72, 0x6c, 0x73, 0x42, 0xd0, 0x01, - 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x61, 0x75, 0x74, - 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x42, 0x0a, 0x41, 0x75, 0x74, 0x68, - 0x7a, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x32, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, - 0x73, 0x64, 0x6b, 0x2e, 0x69, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x63, 0x6f, 0x73, 0x6d, 0x6f, - 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x3b, - 0x61, 0x75, 0x74, 0x68, 0x7a, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xa2, 0x02, 0x03, 0x43, - 0x41, 0x58, 0xaa, 0x02, 0x14, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x75, 0x74, 0x68, - 0x7a, 0x2e, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xca, 0x02, 0x14, 0x43, 0x6f, 0x73, 0x6d, - 0x6f, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, - 0xe2, 0x02, 0x20, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, - 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, - 0x61, 0x74, 0x61, 0xea, 0x02, 0x16, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x3a, 0x3a, 0x41, 0x75, - 0x74, 0x68, 0x7a, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xc8, 0xe1, 0x1e, 0x00, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x0c, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x22, 0xa2, 0x02, 0x0a, 0x12, 0x47, 0x72, 0x61, + 0x6e, 0x74, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x32, 0x0a, 0x07, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x42, 0x18, 0xd2, 0xb4, 0x2d, 0x14, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x64, 0x64, + 0x72, 0x65, 0x73, 0x73, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x52, 0x07, 0x67, 0x72, 0x61, 0x6e, + 0x74, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x07, 0x67, 0x72, 0x61, 0x6e, 0x74, 0x65, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x42, 0x18, 0xd2, 0xb4, 0x2d, 0x14, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, + 0x2e, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x52, 0x07, + 0x67, 0x72, 0x61, 0x6e, 0x74, 0x65, 0x65, 0x12, 0x62, 0x0a, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x41, 0x6e, 0x79, 0x42, 0x26, 0xca, 0xb4, 0x2d, 0x22, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x2e, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x40, 0x0a, 0x0a, 0x65, + 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x42, 0x04, 0x90, 0xdf, 0x1f, + 0x01, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x34, 0x0a, + 0x0e, 0x47, 0x72, 0x61, 0x6e, 0x74, 0x51, 0x75, 0x65, 0x75, 0x65, 0x49, 0x74, 0x65, 0x6d, 0x12, + 0x22, 0x0a, 0x0d, 0x6d, 0x73, 0x67, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x75, 0x72, 0x6c, 0x73, + 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0b, 0x6d, 0x73, 0x67, 0x54, 0x79, 0x70, 0x65, 0x55, + 0x72, 0x6c, 0x73, 0x22, 0x2a, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x52, 0x75, 0x6c, 0x65, + 0x4b, 0x65, 0x79, 0x73, 0x12, 0x19, 0x0a, 0x08, 0x72, 0x61, 0x77, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x72, 0x61, 0x77, 0x4a, 0x73, 0x6f, 0x6e, 0x42, + 0xd0, 0x01, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x63, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x7a, 0x2e, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x42, 0x0a, 0x41, 0x75, + 0x74, 0x68, 0x7a, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x32, 0x63, 0x6f, 0x73, 0x6d, + 0x6f, 0x73, 0x73, 0x64, 0x6b, 0x2e, 0x69, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x63, 0x6f, 0x73, + 0x6d, 0x6f, 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x2f, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, + 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x76, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xa2, 0x02, + 0x03, 0x43, 0x41, 0x58, 0xaa, 0x02, 0x14, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x2e, 0x41, 0x75, + 0x74, 0x68, 0x7a, 0x2e, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xca, 0x02, 0x14, 0x43, 0x6f, + 0x73, 0x6d, 0x6f, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x5c, 0x56, 0x31, 0x62, 0x65, 0x74, + 0x61, 0x31, 0xe2, 0x02, 0x20, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x5c, 0x41, 0x75, 0x74, 0x68, + 0x7a, 0x5c, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, + 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x16, 0x43, 0x6f, 0x73, 0x6d, 0x6f, 0x73, 0x3a, 0x3a, + 0x41, 0x75, 0x74, 0x68, 0x7a, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x65, 0x74, 0x61, 0x31, 0xc8, 0xe1, + 0x1e, 0x00, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -2358,20 +2895,21 @@ func file_cosmos_authz_v1beta1_authz_proto_rawDescGZIP() []byte { return file_cosmos_authz_v1beta1_authz_proto_rawDescData } -var file_cosmos_authz_v1beta1_authz_proto_msgTypes = make([]protoimpl.MessageInfo, 4) +var file_cosmos_authz_v1beta1_authz_proto_msgTypes = make([]protoimpl.MessageInfo, 5) var file_cosmos_authz_v1beta1_authz_proto_goTypes = []interface{}{ (*GenericAuthorization)(nil), // 0: cosmos.authz.v1beta1.GenericAuthorization (*Grant)(nil), // 1: cosmos.authz.v1beta1.Grant (*GrantAuthorization)(nil), // 2: cosmos.authz.v1beta1.GrantAuthorization (*GrantQueueItem)(nil), // 3: cosmos.authz.v1beta1.GrantQueueItem - (*anypb.Any)(nil), // 4: google.protobuf.Any - (*timestamppb.Timestamp)(nil), // 5: google.protobuf.Timestamp + (*AuthzRuleKeys)(nil), // 4: cosmos.authz.v1beta1.AuthzRuleKeys + (*anypb.Any)(nil), // 5: google.protobuf.Any + (*timestamppb.Timestamp)(nil), // 6: google.protobuf.Timestamp } var file_cosmos_authz_v1beta1_authz_proto_depIdxs = []int32{ - 4, // 0: cosmos.authz.v1beta1.Grant.authorization:type_name -> google.protobuf.Any - 5, // 1: cosmos.authz.v1beta1.Grant.expiration:type_name -> google.protobuf.Timestamp - 4, // 2: cosmos.authz.v1beta1.GrantAuthorization.authorization:type_name -> google.protobuf.Any - 5, // 3: cosmos.authz.v1beta1.GrantAuthorization.expiration:type_name -> google.protobuf.Timestamp + 5, // 0: cosmos.authz.v1beta1.Grant.authorization:type_name -> google.protobuf.Any + 6, // 1: cosmos.authz.v1beta1.Grant.expiration:type_name -> google.protobuf.Timestamp + 5, // 2: cosmos.authz.v1beta1.GrantAuthorization.authorization:type_name -> google.protobuf.Any + 6, // 3: cosmos.authz.v1beta1.GrantAuthorization.expiration:type_name -> google.protobuf.Timestamp 4, // [4:4] is the sub-list for method output_type 4, // [4:4] is the sub-list for method input_type 4, // [4:4] is the sub-list for extension type_name @@ -2433,6 +2971,18 @@ func file_cosmos_authz_v1beta1_authz_proto_init() { return nil } } + file_cosmos_authz_v1beta1_authz_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*AuthzRuleKeys); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } } type x struct{} out := protoimpl.TypeBuilder{ @@ -2440,7 +2990,7 @@ func file_cosmos_authz_v1beta1_authz_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_cosmos_authz_v1beta1_authz_proto_rawDesc, NumEnums: 0, - NumMessages: 4, + NumMessages: 5, NumExtensions: 0, NumServices: 0, }, diff --git a/proto/cosmos/authz/v1beta1/authz.proto b/proto/cosmos/authz/v1beta1/authz.proto index defa3ab92c53..0e80a8082d7b 100644 --- a/proto/cosmos/authz/v1beta1/authz.proto +++ b/proto/cosmos/authz/v1beta1/authz.proto @@ -30,6 +30,9 @@ message Grant { // doesn't have a time expiration (other conditions in `authorization` // may apply to invalidate the grant) google.protobuf.Timestamp expiration = 2 [(gogoproto.stdtime) = true, (gogoproto.nullable) = true]; + + // rules are conditions to execute the grant. + bytes rules = 3; } // GrantAuthorization extends a grant with both the addresses of the grantee and granter. @@ -79,4 +82,9 @@ message GrantQueueItem { // // Generic authz rules // message GenericAuthzRules { // repeated string blocked_messages = 1; -// } \ No newline at end of file +// } + +// AuthzRuleKeys is app specific options to the keys +message AuthzRuleKeys { + bytes raw_json = 1; +} \ No newline at end of file diff --git a/scripts/dep-assert.sh b/scripts/dep-assert.sh old mode 100755 new mode 100644 diff --git a/scripts/go-lint-all.bash b/scripts/go-lint-all.bash old mode 100755 new mode 100644 diff --git a/scripts/go-mod-tidy-all.sh b/scripts/go-mod-tidy-all.sh old mode 100755 new mode 100644 diff --git a/scripts/go-update-dep-all.sh b/scripts/go-update-dep-all.sh old mode 100755 new mode 100644 diff --git a/scripts/init-simapp.sh b/scripts/init-simapp.sh old mode 100755 new mode 100644 diff --git a/scripts/mockgen.sh b/scripts/mockgen.sh old mode 100755 new mode 100644 diff --git a/scripts/protoc-swagger-gen.sh b/scripts/protoc-swagger-gen.sh old mode 100755 new mode 100644 diff --git a/scripts/protocgen-pulsar.sh b/scripts/protocgen-pulsar.sh old mode 100755 new mode 100644 diff --git a/scripts/protocgen.sh b/scripts/protocgen.sh old mode 100755 new mode 100644 diff --git a/scripts/validate-gentxs.sh b/scripts/validate-gentxs.sh old mode 100755 new mode 100644 diff --git a/simapp/app.go b/simapp/app.go index 145616eb3a19..241f7b54a26a 100644 --- a/simapp/app.go +++ b/simapp/app.go @@ -335,17 +335,7 @@ func NewSimApp( app.CircuitKeeper = circuitkeeper.NewKeeper(appCodec, runtime.NewKVStoreService(keys[circuittypes.StoreKey]), authtypes.NewModuleAddress(govtypes.ModuleName).String(), app.AccountKeeper.AddressCodec()) app.BaseApp.SetCircuitBreaker(&app.CircuitKeeper) - options := map[string]map[string]string{ - "Send": { - "BlockedAddresses": "cosmos1rnr5jrt4exl0samwj0yegv99jeskl0hsge5zwt,cosmos1rnr5jrt4exl0samwj0yegv99jeskl0hsge5zwt", - "SpendLimit": "1000stake", - }, - "Generic": { - "BlockedMessages": "cosmos.bank.v1beta1.MsgDelegate,cosmos.bank.v1beta1.MsgRedelegate", - }, - } - - app.AuthzKeeper = authzkeeper.NewKeeper(runtime.NewKVStoreService(keys[authzkeeper.StoreKey]), appCodec, app.MsgServiceRouter(), app.AccountKeeper, options) + app.AuthzKeeper = authzkeeper.NewKeeper(runtime.NewKVStoreService(keys[authzkeeper.StoreKey]), appCodec, app.MsgServiceRouter(), app.AccountKeeper) groupConfig := group.DefaultConfig() /* diff --git a/x/auth/ante/authz_rules_ante.go b/x/auth/ante/authz_rules_ante.go index 0cd0c4e1067e..74c813899593 100644 --- a/x/auth/ante/authz_rules_ante.go +++ b/x/auth/ante/authz_rules_ante.go @@ -4,7 +4,10 @@ import ( "fmt" "strings" + errorsmod "cosmossdk.io/errors" sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + authsigning "github.com/cosmos/cosmos-sdk/x/auth/signing" authztypes "github.com/cosmos/cosmos-sdk/x/authz" banktypes "github.com/cosmos/cosmos-sdk/x/bank/types" ) @@ -21,44 +24,55 @@ func NewAuthzDecorator(azk AuthzKeeper) AuthzDecorator { // AuthzDecorator checks the authorization message grants for some rules. func (azd AuthzDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (sdk.Context, error) { + sigTx, ok := tx.(authsigning.SigVerifiableTx) + if !ok { + return ctx, errorsmod.Wrap(sdkerrors.ErrTxDecode, "invalid tx type") + } + + signers, err := sigTx.GetSigners() + if err != nil { + return ctx, err + } + + grantee := signers[0] + msgs := tx.GetMsgs() for _, msg := range msgs { // Check if the message is an authorization message - if authzMsg, ok := msg.(*authztypes.MsgGrant); ok { - fmt.Println("coming here", ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>") + if authzMsg, ok := msg.(*authztypes.MsgExec); ok { + + rulesKeys, err := azd.azk.GetAuthzRulesKeys(ctx) + if err != nil { + return ctx, err + } - authz, err := authzMsg.GetAuthorization() + msgs, err := authzMsg.GetMessages() if err != nil { return ctx, err } - options := azd.azk.GetAuthzOptions() - fmt.Println("rules", options, err, ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>") - - switch authzConverted := authz.(type) { - case *banktypes.SendAuthorization: - // if err != nil && errors.Is(authztypes.ErrEmptyAuthzRules, err) { - // continue - // } - - if sendRules, ok := options["send"]; !ok { - if checkSendAuthzRulesViolated(authzMsg, authzConverted, sendRules) { - return ctx, fmt.Errorf("authz rules are not meeting") + + for _, innerMsg := range msgs { + switch innerMsgConverted := innerMsg.(type) { + case *banktypes.MsgSend: + sendRuleKeysInterface, ok := rulesKeys["Send"] + if !ok { + fmt.Println("no rule keys") + continue } - } - case *authztypes.GenericAuthorization: - // if err != nil && errors.Is(authztypes.ErrEmptyAuthzRules, err) { - // continue - // } + granter, err := azd.azk.AddressCodec().StringToBytes(innerMsgConverted.FromAddress) + if err != nil { + return ctx, err + } - if genericRules, ok := options["generic"]; !ok { - if checkGenericAuthzRules(authzMsg, authzConverted, genericRules) { - return ctx, fmt.Errorf("authz rules are not meeting") + _, rules := azd.azk.GetAuthzWithRules(ctx, grantee, granter, sdk.MsgTypeURL(&banktypes.MsgSend{})) + if rules != nil { + sendRulesKeys := sendRuleKeysInterface.([]string) + if checkSendAuthzRulesViolated(innerMsgConverted, rules, sendRulesKeys) { + return ctx, fmt.Errorf("authz rules are not meeting") + } } } - - default: - fmt.Println("default case reached here") } } } @@ -68,29 +82,34 @@ func (azd AuthzDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, } // checkSendAuthzRulesViolated returns true if the rules are voilated -func checkSendAuthzRulesViolated(msgGrant *authztypes.MsgGrant, authz *banktypes.SendAuthorization, sendAuthzRules map[string]string) bool { - fmt.Printf("\">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\": %v\n", ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>") - fmt.Printf("sendAuthzRules: %v\n", sendAuthzRules) - if blockedAddrsStr, ok := sendAuthzRules["blockedAddresses"]; ok { - blockedAddrs := strings.Split(blockedAddrsStr, ",") - for _, blockedRecipient := range blockedAddrs { - if msgGrant.Grantee == blockedRecipient { - return true +func checkSendAuthzRulesViolated(msg *banktypes.MsgSend, sendAuthzRules map[string]interface{}, sendRulesKeys []string) bool { + for _, key := range sendRulesKeys { + + fmt.Printf("\">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\": %v\n", ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>") + fmt.Printf("sendAuthzRules: %v\n", sendAuthzRules) + if blockedAddrsStrInt, ok := sendAuthzRules["AllowRecipients"]; key == "AllowRecipients" && ok { + blockedAddrsStr := blockedAddrsStrInt.(string) + blockedAddrs := strings.Split(blockedAddrsStr, ",") + for _, blockedRecipient := range blockedAddrs { + if msg.ToAddress == blockedRecipient { + return true + } } } - } - if spendLimit, ok := sendAuthzRules["spendLimit"]; ok { - if len(spendLimit) > 1 { + if spendLimitInt, ok := sendAuthzRules["SpendLImit"]; key == "SpendLImit" && ok { + spendLimit := spendLimitInt.(string) limit, err := sdk.ParseCoinsNormalized(spendLimit) if err != nil { return true } - if !limit.IsAllGTE(authz.SpendLimit) { + if !limit.IsAllGTE(msg.Amount) { return true } + + return true } - return true + } return false diff --git a/x/auth/ante/expected_keepers.go b/x/auth/ante/expected_keepers.go index 12b354627045..5632a915dafb 100644 --- a/x/auth/ante/expected_keepers.go +++ b/x/auth/ante/expected_keepers.go @@ -7,6 +7,7 @@ import ( sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/cosmos-sdk/x/auth/types" + "github.com/cosmos/cosmos-sdk/x/authz" ) // AccountKeeper defines the contract needed for AccountKeeper related APIs. @@ -26,4 +27,7 @@ type FeegrantKeeper interface { type AuthzKeeper interface { GetAuthzOptions() map[string]map[string]string + GetAuthzRulesKeys(ctx context.Context) (map[string]interface{}, error) + GetAuthzWithRules(ctx context.Context, grantee, granter sdk.AccAddress, msgType string) (authz.Authorization, map[string]interface{}) + AddressCodec() address.Codec } diff --git a/x/authz/authorizations.go b/x/authz/authorizations.go index 75b2e0659097..70cb6f8d60c4 100644 --- a/x/authz/authorizations.go +++ b/x/authz/authorizations.go @@ -2,6 +2,7 @@ package authz import ( context "context" + "encoding/json" "github.com/cosmos/gogoproto/proto" @@ -24,6 +25,9 @@ type Authorization interface { // ValidateBasic does a simple validation check that // doesn't require access to any other information. ValidateBasic() error + + // GetOptions are, rules defined if any. + GetOptions() json.RawMessage } // AcceptResponse instruments the controller of an authz message if the request is accepted diff --git a/x/authz/authz.pb.go b/x/authz/authz.pb.go index 094c063662d3..b84eefa30b7c 100644 --- a/x/authz/authz.pb.go +++ b/x/authz/authz.pb.go @@ -79,6 +79,8 @@ type Grant struct { // doesn't have a time expiration (other conditions in `authorization` // may apply to invalidate the grant) Expiration *time.Time `protobuf:"bytes,2,opt,name=expiration,proto3,stdtime" json:"expiration,omitempty"` + // rules are conditions to execute the grant. + Rules []byte `protobuf:"bytes,3,opt,name=rules,proto3" json:"rules,omitempty"` } func (m *Grant) Reset() { *m = Grant{} } @@ -195,46 +197,88 @@ func (m *GrantQueueItem) XXX_DiscardUnknown() { var xxx_messageInfo_GrantQueueItem proto.InternalMessageInfo +// AuthzRuleKeys is app specific options to the keys +type AuthzRuleKeys struct { + RawJson []byte `protobuf:"bytes,1,opt,name=raw_json,json=rawJson,proto3" json:"raw_json,omitempty"` +} + +func (m *AuthzRuleKeys) Reset() { *m = AuthzRuleKeys{} } +func (m *AuthzRuleKeys) String() string { return proto.CompactTextString(m) } +func (*AuthzRuleKeys) ProtoMessage() {} +func (*AuthzRuleKeys) Descriptor() ([]byte, []int) { + return fileDescriptor_544dc2e84b61c637, []int{4} +} +func (m *AuthzRuleKeys) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *AuthzRuleKeys) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_AuthzRuleKeys.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *AuthzRuleKeys) XXX_Merge(src proto.Message) { + xxx_messageInfo_AuthzRuleKeys.Merge(m, src) +} +func (m *AuthzRuleKeys) XXX_Size() int { + return m.Size() +} +func (m *AuthzRuleKeys) XXX_DiscardUnknown() { + xxx_messageInfo_AuthzRuleKeys.DiscardUnknown(m) +} + +var xxx_messageInfo_AuthzRuleKeys proto.InternalMessageInfo + func init() { proto.RegisterType((*GenericAuthorization)(nil), "cosmos.authz.v1beta1.GenericAuthorization") proto.RegisterType((*Grant)(nil), "cosmos.authz.v1beta1.Grant") proto.RegisterType((*GrantAuthorization)(nil), "cosmos.authz.v1beta1.GrantAuthorization") proto.RegisterType((*GrantQueueItem)(nil), "cosmos.authz.v1beta1.GrantQueueItem") + proto.RegisterType((*AuthzRuleKeys)(nil), "cosmos.authz.v1beta1.AuthzRuleKeys") } func init() { proto.RegisterFile("cosmos/authz/v1beta1/authz.proto", fileDescriptor_544dc2e84b61c637) } var fileDescriptor_544dc2e84b61c637 = []byte{ - // 458 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x53, 0xcd, 0x6e, 0x13, 0x31, - 0x10, 0x8e, 0x9b, 0xf2, 0x53, 0x57, 0x45, 0xb0, 0xca, 0x21, 0xe4, 0xb0, 0x89, 0x56, 0x08, 0x55, - 0x48, 0x59, 0xab, 0x85, 0x13, 0x27, 0xb2, 0x42, 0xaa, 0xe0, 0xc6, 0x52, 0x2e, 0x5c, 0x22, 0x6f, - 0x32, 0x38, 0x16, 0xb1, 0xbd, 0xb2, 0xbd, 0xa8, 0xe9, 0x23, 0x70, 0xea, 0x33, 0xf0, 0x04, 0x20, - 0xf5, 0x21, 0x22, 0x4e, 0x15, 0x27, 0x4e, 0xfc, 0x24, 0x07, 0x5e, 0x03, 0xc5, 0xde, 0x85, 0x84, - 0x54, 0x22, 0x87, 0x5e, 0x2c, 0x8f, 0xe7, 0xfb, 0x66, 0xbe, 0xf9, 0xe4, 0xc1, 0x9d, 0x81, 0x32, - 0x42, 0x19, 0x42, 0x0b, 0x3b, 0x3a, 0x25, 0xef, 0x0e, 0x32, 0xb0, 0xf4, 0xc0, 0x47, 0x71, 0xae, - 0x95, 0x55, 0x41, 0xc3, 0x23, 0x62, 0xff, 0x56, 0x22, 0x5a, 0x77, 0xa8, 0xe0, 0x52, 0x11, 0x77, - 0x7a, 0x60, 0xeb, 0xae, 0x07, 0xf6, 0x5d, 0x44, 0x4a, 0x96, 0x4f, 0xb5, 0x99, 0x52, 0x6c, 0x0c, - 0xc4, 0x45, 0x59, 0xf1, 0x86, 0x58, 0x2e, 0xc0, 0x58, 0x2a, 0xf2, 0x12, 0xd0, 0x60, 0x8a, 0x29, - 0x4f, 0x5c, 0xdc, 0xaa, 0x8a, 0xff, 0xd2, 0xa8, 0x9c, 0x94, 0xa9, 0xb0, 0xd4, 0x9d, 0x51, 0x03, - 0x7f, 0x64, 0x0f, 0x14, 0x97, 0x3e, 0x1f, 0x59, 0xdc, 0x38, 0x02, 0x09, 0x9a, 0x0f, 0x7a, 0x85, - 0x1d, 0x29, 0xcd, 0x4f, 0xa9, 0xe5, 0x4a, 0x06, 0xb7, 0x71, 0x5d, 0x18, 0xd6, 0x44, 0x1d, 0xb4, - 0xbf, 0x93, 0x2e, 0xae, 0x8f, 0x9f, 0x7f, 0x3e, 0xef, 0x46, 0x97, 0xcd, 0x18, 0xaf, 0x30, 0xdf, - 0xff, 0xfa, 0xf8, 0xa0, 0xed, 0x61, 0x5d, 0x33, 0x7c, 0x4b, 0x2e, 0xab, 0x1e, 0x7d, 0x42, 0xf8, - 0xda, 0x91, 0xa6, 0xd2, 0x06, 0x19, 0xde, 0xa3, 0xcb, 0x29, 0xd7, 0x71, 0xf7, 0xb0, 0x11, 0xfb, - 0x91, 0xe2, 0x6a, 0xa4, 0xb8, 0x27, 0x27, 0xc9, 0xfd, 0xcd, 0x24, 0xa4, 0xab, 0x25, 0x83, 0xa7, - 0x18, 0xc3, 0x49, 0xce, 0xb5, 0x6f, 0xb0, 0xe5, 0x1a, 0xb4, 0xd6, 0x1a, 0x1c, 0x57, 0x56, 0x27, - 0x37, 0xa7, 0xdf, 0xda, 0xe8, 0xec, 0x7b, 0x1b, 0xa5, 0x4b, 0xbc, 0xe8, 0xc3, 0x16, 0x0e, 0x9c, - 0xe6, 0x55, 0xa3, 0x0e, 0xf1, 0x0d, 0xb6, 0x78, 0x05, 0xed, 0xcd, 0x4a, 0x9a, 0x5f, 0xce, 0xbb, - 0xd5, 0x5f, 0xe8, 0x0d, 0x87, 0x1a, 0x8c, 0x79, 0x69, 0x35, 0x97, 0x2c, 0xad, 0x80, 0x7f, 0x39, - 0xe0, 0xd4, 0x6c, 0xc0, 0x81, 0x75, 0xa3, 0xea, 0x57, 0x6f, 0xd4, 0x93, 0x15, 0xa3, 0xb6, 0xff, - 0x6b, 0xd4, 0xf6, 0x9a, 0x49, 0x8f, 0xf0, 0x2d, 0xe7, 0xd1, 0x8b, 0x02, 0x0a, 0x78, 0x66, 0x41, - 0x04, 0x11, 0xde, 0x13, 0x86, 0xf5, 0xed, 0x24, 0x87, 0x7e, 0xa1, 0xc7, 0xa6, 0x89, 0x3a, 0xf5, - 0xfd, 0x9d, 0x74, 0x57, 0x18, 0x76, 0x3c, 0xc9, 0xe1, 0x95, 0x1e, 0x9b, 0x24, 0x99, 0xfe, 0x0c, - 0x6b, 0xd3, 0x59, 0x88, 0x2e, 0x66, 0x21, 0xfa, 0x31, 0x0b, 0xd1, 0xd9, 0x3c, 0xac, 0x5d, 0xcc, - 0xc3, 0xda, 0xd7, 0x79, 0x58, 0x7b, 0x7d, 0x8f, 0x71, 0x3b, 0x2a, 0xb2, 0x78, 0xa0, 0x44, 0xb9, - 0x2d, 0x64, 0xe9, 0x7f, 0x9d, 0xf8, 0x25, 0xcc, 0xae, 0x3b, 0x7d, 0x0f, 0x7f, 0x07, 0x00, 0x00, - 0xff, 0xff, 0xca, 0xa0, 0x5a, 0x47, 0xa9, 0x03, 0x00, 0x00, + // 505 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x53, 0xcd, 0x6e, 0xd3, 0x40, + 0x10, 0xce, 0x36, 0x2d, 0x6d, 0xb7, 0x2d, 0x02, 0xcb, 0x87, 0x34, 0x07, 0x27, 0xb2, 0x10, 0x8a, + 0x2a, 0xc5, 0x56, 0x0b, 0x27, 0x4e, 0xc4, 0x42, 0xaa, 0x28, 0x27, 0x4c, 0xb9, 0x70, 0x89, 0xd6, + 0xc9, 0xb0, 0x31, 0xd8, 0x5e, 0x6b, 0x7f, 0x68, 0x9d, 0x47, 0xe0, 0xd4, 0x67, 0xe0, 0x09, 0x38, + 0xf4, 0x1d, 0x88, 0x38, 0x55, 0x9c, 0x38, 0xf1, 0x93, 0x1c, 0x78, 0x0d, 0x94, 0x5d, 0x1b, 0x92, + 0xb6, 0x12, 0x3d, 0x70, 0x59, 0xed, 0xec, 0x7c, 0xdf, 0xcc, 0x7c, 0x9f, 0x66, 0x71, 0x7b, 0xc0, + 0x44, 0xca, 0x84, 0x4f, 0x94, 0x1c, 0x8d, 0xfd, 0x77, 0xfb, 0x11, 0x48, 0xb2, 0x6f, 0x22, 0x2f, + 0xe7, 0x4c, 0x32, 0xcb, 0x36, 0x08, 0xcf, 0xbc, 0x95, 0x88, 0xe6, 0x5d, 0x92, 0xc6, 0x19, 0xf3, + 0xf5, 0x69, 0x80, 0xcd, 0x5d, 0x03, 0xec, 0xeb, 0xc8, 0x2f, 0x59, 0x26, 0xd5, 0xa2, 0x8c, 0xd1, + 0x04, 0x7c, 0x1d, 0x45, 0xea, 0xb5, 0x2f, 0xe3, 0x14, 0x84, 0x24, 0x69, 0x5e, 0x02, 0x6c, 0xca, + 0x28, 0x33, 0xc4, 0xf9, 0xad, 0xaa, 0x78, 0x99, 0x46, 0xb2, 0xa2, 0x4c, 0x39, 0xe5, 0xdc, 0x11, + 0x11, 0xf0, 0x67, 0xec, 0x01, 0x8b, 0x33, 0x93, 0x77, 0x25, 0xb6, 0x0f, 0x21, 0x03, 0x1e, 0x0f, + 0x7a, 0x4a, 0x8e, 0x18, 0x8f, 0xc7, 0x44, 0xc6, 0x2c, 0xb3, 0xee, 0xe0, 0x7a, 0x2a, 0x68, 0x03, + 0xb5, 0x51, 0x67, 0x33, 0x9c, 0x5f, 0x1f, 0x1d, 0x7d, 0x3e, 0xef, 0xba, 0xd7, 0x69, 0xf4, 0x96, + 0x98, 0xef, 0x7f, 0x7d, 0xdc, 0x6b, 0x19, 0x58, 0x57, 0x0c, 0xdf, 0xfa, 0xd7, 0x55, 0x77, 0x3f, + 0x21, 0xbc, 0x76, 0xc8, 0x49, 0x26, 0xad, 0x08, 0xef, 0x90, 0xc5, 0x94, 0xee, 0xb8, 0x75, 0x60, + 0x7b, 0x46, 0x92, 0x57, 0x49, 0xf2, 0x7a, 0x59, 0x11, 0xdc, 0xbf, 0xd9, 0x08, 0xe1, 0x72, 0x49, + 0xeb, 0x09, 0xc6, 0x70, 0x9a, 0xc7, 0xdc, 0x34, 0x58, 0xd1, 0x0d, 0x9a, 0x57, 0x1a, 0x1c, 0x57, + 0x56, 0x07, 0x1b, 0x93, 0x6f, 0x2d, 0x74, 0xf6, 0xbd, 0x85, 0xc2, 0x05, 0x9e, 0x65, 0xe3, 0x35, + 0xae, 0x12, 0x10, 0x8d, 0x7a, 0x1b, 0x75, 0xb6, 0x43, 0x13, 0xb8, 0x1f, 0x56, 0xb0, 0xa5, 0x95, + 0x2c, 0xdb, 0x77, 0x80, 0xd7, 0xe9, 0xfc, 0x15, 0xb8, 0xb1, 0x30, 0x68, 0x7c, 0x39, 0xef, 0x56, + 0x1b, 0xd2, 0x1b, 0x0e, 0x39, 0x08, 0xf1, 0x42, 0xf2, 0x38, 0xa3, 0x61, 0x05, 0xfc, 0xcb, 0x01, + 0x3d, 0xe3, 0x0d, 0x38, 0x70, 0xd5, 0xbe, 0xfa, 0xff, 0xb7, 0xef, 0xf1, 0x92, 0x7d, 0xab, 0xff, + 0xb4, 0x6f, 0xf5, 0xb2, 0x75, 0xee, 0x43, 0x7c, 0x5b, 0x7b, 0xf4, 0x5c, 0x81, 0x82, 0xa7, 0x12, + 0x52, 0xcb, 0xc5, 0x3b, 0xa9, 0xa0, 0x7d, 0x59, 0xe4, 0xd0, 0x57, 0x3c, 0x11, 0x0d, 0xd4, 0xae, + 0x77, 0x36, 0xc3, 0xad, 0x54, 0xd0, 0xe3, 0x22, 0x87, 0x97, 0x3c, 0x11, 0xee, 0x1e, 0xde, 0x99, + 0xcf, 0x35, 0x0e, 0x55, 0x02, 0xcf, 0xa0, 0x10, 0xd6, 0x2e, 0xde, 0xe0, 0xe4, 0xa4, 0xff, 0x46, + 0x94, 0x6b, 0xb2, 0x1d, 0xae, 0x73, 0x72, 0x72, 0x24, 0x58, 0x16, 0x04, 0x93, 0x9f, 0x4e, 0x6d, + 0x32, 0x75, 0xd0, 0xc5, 0xd4, 0x41, 0x3f, 0xa6, 0x0e, 0x3a, 0x9b, 0x39, 0xb5, 0x8b, 0x99, 0x53, + 0xfb, 0x3a, 0x73, 0x6a, 0xaf, 0xee, 0xd1, 0x58, 0x8e, 0x54, 0xe4, 0x0d, 0x58, 0x5a, 0xfe, 0x37, + 0x7f, 0x61, 0x43, 0x4f, 0xcd, 0x37, 0x8e, 0x6e, 0x69, 0x2d, 0x0f, 0x7e, 0x07, 0x00, 0x00, 0xff, + 0xff, 0x5e, 0x66, 0xb7, 0xda, 0xeb, 0x03, 0x00, 0x00, } func (m *GenericAuthorization) Marshal() (dAtA []byte, err error) { @@ -287,6 +331,13 @@ func (m *Grant) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l + if len(m.Rules) > 0 { + i -= len(m.Rules) + copy(dAtA[i:], m.Rules) + i = encodeVarintAuthz(dAtA, i, uint64(len(m.Rules))) + i-- + dAtA[i] = 0x1a + } if m.Expiration != nil { n1, err1 := github_com_cosmos_gogoproto_types.StdTimeMarshalTo(*m.Expiration, dAtA[i-github_com_cosmos_gogoproto_types.SizeOfStdTime(*m.Expiration):]) if err1 != nil { @@ -403,6 +454,36 @@ func (m *GrantQueueItem) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } +func (m *AuthzRuleKeys) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *AuthzRuleKeys) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *AuthzRuleKeys) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.RawJson) > 0 { + i -= len(m.RawJson) + copy(dAtA[i:], m.RawJson) + i = encodeVarintAuthz(dAtA, i, uint64(len(m.RawJson))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + func encodeVarintAuthz(dAtA []byte, offset int, v uint64) int { offset -= sovAuthz(v) base := offset @@ -441,6 +522,10 @@ func (m *Grant) Size() (n int) { l = github_com_cosmos_gogoproto_types.SizeOfStdTime(*m.Expiration) n += 1 + l + sovAuthz(uint64(l)) } + l = len(m.Rules) + if l > 0 { + n += 1 + l + sovAuthz(uint64(l)) + } return n } @@ -484,6 +569,19 @@ func (m *GrantQueueItem) Size() (n int) { return n } +func (m *AuthzRuleKeys) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.RawJson) + if l > 0 { + n += 1 + l + sovAuthz(uint64(l)) + } + return n +} + func sovAuthz(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -673,6 +771,40 @@ func (m *Grant) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Rules", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAuthz + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAuthz + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAuthz + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Rules = append(m.Rules[:0], dAtA[iNdEx:postIndex]...) + if m.Rules == nil { + m.Rules = []byte{} + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipAuthz(dAtA[iNdEx:]) @@ -962,6 +1094,90 @@ func (m *GrantQueueItem) Unmarshal(dAtA []byte) error { } return nil } +func (m *AuthzRuleKeys) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAuthz + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: AuthzRuleKeys: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: AuthzRuleKeys: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RawJson", wireType) + } + var byteLen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowAuthz + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + byteLen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if byteLen < 0 { + return ErrInvalidLengthAuthz + } + postIndex := iNdEx + byteLen + if postIndex < 0 { + return ErrInvalidLengthAuthz + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RawJson = append(m.RawJson[:0], dAtA[iNdEx:postIndex]...) + if m.RawJson == nil { + m.RawJson = []byte{} + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipAuthz(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthAuthz + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipAuthz(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/x/authz/generic_authorization.go b/x/authz/generic_authorization.go index a7c790e02bf1..535ff2a93383 100644 --- a/x/authz/generic_authorization.go +++ b/x/authz/generic_authorization.go @@ -2,6 +2,7 @@ package authz import ( "context" + "encoding/json" "errors" sdk "github.com/cosmos/cosmos-sdk/types" @@ -33,3 +34,7 @@ func (a GenericAuthorization) ValidateBasic() error { } return nil } + +func (a GenericAuthorization) GetOptions() json.RawMessage { + return nil +} diff --git a/x/authz/keeper/genesis_test.go b/x/authz/keeper/genesis_test.go index 015e24d34168..94320f0ff654 100644 --- a/x/authz/keeper/genesis_test.go +++ b/x/authz/keeper/genesis_test.go @@ -67,7 +67,7 @@ func (suite *GenesisTestSuite) SetupTest() { msr := suite.baseApp.MsgServiceRouter() msr.SetInterfaceRegistry(suite.encCfg.InterfaceRegistry) - suite.keeper = keeper.NewKeeper(storeService, suite.encCfg.Codec, msr, suite.accountKeeper, nil) + suite.keeper = keeper.NewKeeper(storeService, suite.encCfg.Codec, msr, suite.accountKeeper) } func (suite *GenesisTestSuite) TestImportExportGenesis() { diff --git a/x/authz/keeper/keeper.go b/x/authz/keeper/keeper.go index ea66cd73017d..d1567f6bebf1 100644 --- a/x/authz/keeper/keeper.go +++ b/x/authz/keeper/keeper.go @@ -3,6 +3,7 @@ package keeper import ( "bytes" "context" + "encoding/json" "fmt" "strconv" "time" @@ -34,17 +35,15 @@ type Keeper struct { cdc codec.Codec router baseapp.MessageRouter authKeeper authz.AccountKeeper - authzOptions map[string]map[string]string } // NewKeeper constructs a message authorization Keeper -func NewKeeper(storeService corestoretypes.KVStoreService, cdc codec.Codec, router baseapp.MessageRouter, ak authz.AccountKeeper, options map[string]map[string]string) Keeper { +func NewKeeper(storeService corestoretypes.KVStoreService, cdc codec.Codec, router baseapp.MessageRouter, ak authz.AccountKeeper) Keeper { return Keeper{ storeService: storeService, cdc: cdc, router: router, authKeeper: ak, - authzOptions: options, } } @@ -70,8 +69,59 @@ func (k Keeper) getGrant(ctx context.Context, skey []byte) (grant authz.Grant, f return grant, true } +func (k Keeper) SetAuthzRulesKeys(ctx context.Context, options json.RawMessage) error { + store := k.storeService.OpenKVStore(ctx) + + optionsBytes, err := json.Marshal(options) + if err != nil { + return err + } + + authzRuleKeys := authz.AuthzRuleKeys{ + RawJson: optionsBytes, + } + + bz, err := k.cdc.Marshal(&authzRuleKeys) + if err != nil { + return err + } + + err = store.Set(AuthzOptionsKeys, bz) + return err +} + +func (k Keeper) GetAuthzRulesKeys(ctx context.Context) (map[string]interface{}, error) { + store := k.storeService.OpenKVStore(ctx) + bz, err := store.Get(AuthzOptionsKeys) + + if err != nil { + return nil, err + } + + var keys json.RawMessage + var authzRuleKeys authz.AuthzRuleKeys + err = k.cdc.Unmarshal(bz, &authzRuleKeys) + if err != nil { + return nil, err + } + + err = json.Unmarshal(authzRuleKeys.RawJson, &keys) + if err != nil { + return nil, err + } + + rules := map[string]interface{}{ + "Send": []string{"AllowRecipients", "SpendLImit"}, + "Stake": []string{"DelegateLimit"}, + } + + return rules, nil + + // return keys, nil +} + func (k Keeper) GetAuthzOptions() map[string]map[string]string { - return k.authzOptions + return nil } func (k Keeper) update(ctx context.Context, grantee, granter sdk.AccAddress, updated authz.Authorization) error { @@ -308,6 +358,27 @@ func (k Keeper) GetAuthorization(ctx context.Context, grantee, granter sdk.AccAd return auth, grant.Expiration } +func (k Keeper) GetAuthzWithRules(ctx context.Context, grantee, granter sdk.AccAddress, msgType string) (authz.Authorization, map[string]interface{}) { + sdkCtx := sdk.UnwrapSDKContext(ctx) + grant, found := k.getGrant(ctx, grantStoreKey(grantee, granter, msgType)) + if !found || (grant.Expiration != nil && grant.Expiration.Before(sdkCtx.BlockHeader().Time)) { + return nil, nil + } + + auth, err := grant.GetAuthorization() + if err != nil { + return nil, nil + } + + var rules map[string]interface{} + err = json.Unmarshal(grant.Rules, &rules) + if err != nil { + return nil, nil + } + + return auth, rules +} + // IterateGrants iterates over all authorization grants // This function should be used with caution because it can involve significant IO operations. // It should not be used in query or msg services without charging additional gas. diff --git a/x/authz/keeper/keeper_test.go b/x/authz/keeper/keeper_test.go index dc54d698cfcc..066e7d70750a 100644 --- a/x/authz/keeper/keeper_test.go +++ b/x/authz/keeper/keeper_test.go @@ -75,7 +75,7 @@ func (s *TestSuite) SetupTest() { banktypes.RegisterInterfaces(s.encCfg.InterfaceRegistry) banktypes.RegisterMsgServer(s.baseApp.MsgServiceRouter(), s.bankKeeper) - s.authzKeeper = authzkeeper.NewKeeper(storeService, s.encCfg.Codec, s.baseApp.MsgServiceRouter(), s.accountKeeper, nil) + s.authzKeeper = authzkeeper.NewKeeper(storeService, s.encCfg.Codec, s.baseApp.MsgServiceRouter(), s.accountKeeper) queryHelper := baseapp.NewQueryServerTestHelper(s.ctx, s.encCfg.InterfaceRegistry) authz.RegisterQueryServer(queryHelper, s.authzKeeper) diff --git a/x/authz/keeper/keys.go b/x/authz/keeper/keys.go index a1e3d15ad684..120af14b652e 100644 --- a/x/authz/keeper/keys.go +++ b/x/authz/keeper/keys.go @@ -18,7 +18,7 @@ import ( var ( GrantKey = []byte{0x01} // prefix for each key GrantQueuePrefix = []byte{0x02} - AuthzRulesPrefix = []byte{0x03} + AuthzOptionsKeys = []byte{0x04} ) var lenTime = len(sdk.FormatTimeBytes(time.Now())) @@ -98,8 +98,3 @@ func firstAddressFromGrantStoreKey(key []byte) sdk.AccAddress { addrLen := key[0] return sdk.AccAddress(key[1 : 1+addrLen]) } - -// func BuildAuthzRulesKey(grantName string) []byte { -// g := conv.UnsafeStrToBytes(grantName) -// return append(AuthzRulesPrefix, g...) -// } diff --git a/x/authz/module/abci_test.go b/x/authz/module/abci_test.go index fef295766f6c..12055e0cfa12 100644 --- a/x/authz/module/abci_test.go +++ b/x/authz/module/abci_test.go @@ -65,7 +65,7 @@ func TestExpiredGrantsQueue(t *testing.T) { accountKeeper.EXPECT().AddressCodec().Return(address.NewBech32Codec("cosmos")).AnyTimes() - authzKeeper := keeper.NewKeeper(storeService, encCfg.Codec, baseApp.MsgServiceRouter(), accountKeeper, nil) + authzKeeper := keeper.NewKeeper(storeService, encCfg.Codec, baseApp.MsgServiceRouter(), accountKeeper) save := func(grantee sdk.AccAddress, exp *time.Time) { err := authzKeeper.SaveGrant(ctx, grantee, granter, sendAuthz, exp) diff --git a/x/authz/module/module.go b/x/authz/module/module.go index c749a14b95c8..248a75b8584b 100644 --- a/x/authz/module/module.go +++ b/x/authz/module/module.go @@ -176,7 +176,7 @@ type ModuleOutputs struct { } func ProvideModule(in ModuleInputs) ModuleOutputs { - k := keeper.NewKeeper(in.StoreService, in.Cdc, in.MsgServiceRouter, in.AccountKeeper, nil) + k := keeper.NewKeeper(in.StoreService, in.Cdc, in.MsgServiceRouter, in.AccountKeeper) m := NewAppModule(in.Cdc, k, in.AccountKeeper, in.BankKeeper, in.Registry) return ModuleOutputs{AuthzKeeper: k, Module: m} } diff --git a/x/bank/types/send_authorization.go b/x/bank/types/send_authorization.go index 22449301700b..9c174058ea50 100644 --- a/x/bank/types/send_authorization.go +++ b/x/bank/types/send_authorization.go @@ -2,6 +2,7 @@ package types import ( context "context" + "encoding/json" sdk "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" @@ -96,3 +97,7 @@ func toBech32Addresses(allowed []sdk.AccAddress) []string { return allowedAddrs } + +func (a SendAuthorization) GetOptions() json.RawMessage { + return nil +} diff --git a/x/staking/types/authz.go b/x/staking/types/authz.go index 284be1fa5af8..223e1fe7641e 100644 --- a/x/staking/types/authz.go +++ b/x/staking/types/authz.go @@ -2,6 +2,7 @@ package types import ( context "context" + "encoding/json" errorsmod "cosmossdk.io/errors" @@ -153,6 +154,10 @@ func (a StakeAuthorization) Accept(ctx context.Context, msg sdk.Msg) (authz.Acce }, nil } +func (a StakeAuthorization) GetOptions() json.RawMessage { + return nil +} + func validateAllowAndDenyValidators(allowed, denied []sdk.ValAddress) ([]string, []string, error) { if len(allowed) == 0 && len(denied) == 0 { return nil, nil, sdkerrors.ErrInvalidRequest.Wrap("both allowed & deny list cannot be empty")