Lowercase allow listing (#350)

* Lowercase the allow lister * Update tests
xmtp · Feb 1, 2024 · 8c7d894 · 8c7d894
1 parent 460e606
commit 8c7d894
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/pkg/authn/transport_authentication_test.go b/pkg/authn/transport_authentication_test.go
@@ -39,7 +39,7 @@ var (
 
 	sampleAuthReq002 = testCase{
 		peerID:     "QmfNjjEotVgJThmd8TKkKVMDHJ1BFvS99vaHdHsLk5Xhsy",
-		walletAddr: "0x9997a0890Dad1E14d1E4F278d8Fde501eD21b94F",
+		walletAddr: "0x9997a0890dad1E14d1E4f278d8Fde501ed21b94f",
 		reqBytes:   "0abf020a4c08bebb8f8096301a430a4104d04d4cc9588d98039db2ab046649edc4239832c6659040f1e15030c61b54e95887a64cae48a1fc47285ec07ac460444ededc38d41be98941829b57c8b84ea84312440a420a406bd28720cadc85f397d8a81459d8c5ef0d7d840127e15b3e8e9d7e030d71fedd130f4fe6d7fda9ddac3250ccae31a029ffe3c7b07fdd7f10bf6f6d2a02c8d5f21a630a2a307839393937613038393044616431453134643145344632373864384664653530316544323162393446122e516d664e6a6a456f7456674a54686d6438544b6b4b564d44484a314246765339397661486448734c6b355868737918c7bd8f80963022440a420a40d896755b06fdaad912ef1e58ad197e6ce68c00afd3c9fd8f0eaf3ea49b9027632c22c7d3aa168875eead1fbde1ca3810be18ee22b4fa19cf9fde643c74f30a49",
 	}
 )

diff --git a/pkg/authz/wallet_allow_lister.go b/pkg/authz/wallet_allow_lister.go
@@ -2,6 +2,7 @@ package authz
 
 import (
 	"context"
+	"strings"
 	"sync"
 	"time"
 
@@ -70,6 +71,7 @@ func NewDatabaseWalletAllowLister(db *bun.DB, log *zap.Logger) *DatabaseWalletAl
 
 // Get the permissions for a wallet address
 func (d *DatabaseWalletAllowLister) GetPermissions(walletAddress string) Permission {
+	walletAddress = strings.ToLower(walletAddress)
 	d.permissionsLock.RLock()
 	defer d.permissionsLock.RUnlock()
 
@@ -101,6 +103,7 @@ func (d *DatabaseWalletAllowLister) Allow(ctx context.Context, walletAddress str
 }
 
 func (d *DatabaseWalletAllowLister) Apply(ctx context.Context, walletAddress string, permission Permission) error {
+	walletAddress = strings.ToLower(walletAddress)
 	d.permissionsLock.Lock()
 	defer d.permissionsLock.Unlock()
 
@@ -149,7 +152,7 @@ func (d *DatabaseWalletAllowLister) loadPermissions() error {
 	}
 	newPermissionMap := make(map[string]Permission)
 	for _, wallet := range wallets {
-		newPermissionMap[wallet.WalletAddress] = mapPermission(wallet.Permission)
+		newPermissionMap[strings.ToLower(wallet.WalletAddress)] = mapPermission(wallet.Permission)
 	}
 	d.permissions = newPermissionMap
 

diff --git a/pkg/authz/wallet_allow_lister_test.go b/pkg/authz/wallet_allow_lister_test.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"database/sql"
 	"os"
+	"strings"
 	"testing"
 	"time"
 
@@ -67,15 +68,21 @@ func TestPermissionCheck(t *testing.T) {
 	for _, wallet := range wallets {
 		expectedValue := wallet.Permission
 		isAllowed := allowLister.IsAllowListed(wallet.WalletAddress)
+		isAllowedLower := allowLister.IsAllowListed(strings.ToLower(wallet.WalletAddress))
 		isDenied := allowLister.IsDenyListed(wallet.WalletAddress)
+		isDeniedLower := allowLister.IsDenyListed(strings.ToLower(wallet.WalletAddress))
 		permission := allowLister.GetPermissions(wallet.WalletAddress)
 		if expectedValue == "allow" {
 			require.Equal(t, isAllowed, true)
+			require.Equal(t, isAllowedLower, true)
 			require.Equal(t, isDenied, false)
+			require.Equal(t, isDeniedLower, false)
 			require.Equal(t, permission, Allowed)
 		} else {
 			require.Equal(t, isAllowed, false)
+			require.Equal(t, isAllowedLower, false)
 			require.Equal(t, isDenied, true)
+			require.Equal(t, isDeniedLower, true)
 			require.Equal(t, permission, Denied)
 		}
 	}