2021-03-29 17:26:05 +03:00
|
|
|
# Copyright (c) Microsoft Corporation. All rights reserved.
|
|
|
|
# Licensed under the Apache 2.0 License.
|
|
|
|
import infra.network
|
|
|
|
import infra.path
|
|
|
|
import infra.proc
|
|
|
|
import infra.net
|
|
|
|
import infra.e2e_args
|
2023-10-04 17:43:32 +03:00
|
|
|
import infra.proposal
|
|
|
|
import infra.member
|
2021-03-29 17:26:05 +03:00
|
|
|
import suite.test_requirements as reqs
|
2021-03-30 20:33:14 +03:00
|
|
|
import os
|
|
|
|
from loguru import logger as LOG
|
2022-12-05 12:48:37 +03:00
|
|
|
from contextlib import contextmanager
|
|
|
|
import dataclasses
|
|
|
|
import tempfile
|
2023-01-24 14:37:22 +03:00
|
|
|
import uuid
|
2023-04-19 13:47:44 +03:00
|
|
|
import infra.clients
|
2024-04-17 09:41:58 +03:00
|
|
|
import json
|
|
|
|
import ccf.ledger
|
2021-03-30 20:33:14 +03:00
|
|
|
|
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
def action(name, **args):
|
|
|
|
return {"name": name, "args": args}
|
|
|
|
|
|
|
|
|
|
|
|
def proposal(*actions):
|
|
|
|
return {"actions": list(actions)}
|
|
|
|
|
|
|
|
|
|
|
|
def merge(*proposals):
|
|
|
|
return {"actions": sum((prop["actions"] for prop in proposals), [])}
|
|
|
|
|
|
|
|
|
2021-04-16 21:20:37 +03:00
|
|
|
def vote(body):
|
|
|
|
return {"ballot": f"export function vote (proposal, proposer_id) {{ {body} }}"}
|
|
|
|
|
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
valid_set_recovery_threshold = proposal(
|
|
|
|
action("set_recovery_threshold", recovery_threshold=5)
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
valid_set_recovery_threshold_twice = merge(
|
|
|
|
valid_set_recovery_threshold, valid_set_recovery_threshold
|
|
|
|
)
|
|
|
|
always_accept_noop = proposal(action("always_accept_noop"))
|
|
|
|
always_reject_noop = proposal(action("always_reject_noop"))
|
|
|
|
always_accept_with_one_vote = proposal(action("always_accept_with_one_vote"))
|
|
|
|
always_reject_with_one_vote = proposal(action("always_reject_with_one_vote"))
|
|
|
|
always_accept_if_voted_by_operator = proposal(
|
|
|
|
action("always_accept_if_voted_by_operator")
|
|
|
|
)
|
|
|
|
always_accept_if_proposed_by_operator = proposal(
|
|
|
|
action("always_accept_if_proposed_by_operator")
|
|
|
|
)
|
|
|
|
always_accept_with_two_votes = proposal(action("always_accept_with_two_votes"))
|
|
|
|
always_reject_with_two_votes = proposal(action("always_reject_with_two_votes"))
|
2024-04-11 14:02:00 +03:00
|
|
|
check_proposal_id_is_set_correctly = proposal(
|
|
|
|
action("check_proposal_id_is_set_correctly")
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-16 21:20:37 +03:00
|
|
|
ballot_yes = vote("return true")
|
|
|
|
ballot_no = vote("return false")
|
2021-04-12 17:49:04 +03:00
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-01-24 14:37:22 +03:00
|
|
|
def unique_always_accept_noop():
|
|
|
|
return proposal(action("always_accept_noop", uuid=str(uuid.uuid4())))
|
|
|
|
|
|
|
|
|
|
|
|
def set_service_recent_cose_proposals_window_size(proposal_count):
|
|
|
|
return proposal(
|
|
|
|
action(
|
|
|
|
"set_service_recent_cose_proposals_window_size",
|
|
|
|
proposal_count=proposal_count,
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2024-03-25 17:47:03 +03:00
|
|
|
def choose_node(network):
|
|
|
|
# Ideally, this would use find_random_node - you should be able to use any
|
|
|
|
# node for governance.
|
|
|
|
# However, many of these tests include a pattern of
|
|
|
|
# POST /proposal
|
|
|
|
# GET /proposal
|
|
|
|
# If the former request is redirected, then the latter may fail (essentially
|
|
|
|
# reading stale state, assuming session consistency that doesn't exist).
|
|
|
|
# return network.find_random_node()
|
|
|
|
|
|
|
|
# Instead we ensure that all requests go to the primary
|
|
|
|
primary, _ = network.find_primary()
|
|
|
|
return primary
|
|
|
|
|
|
|
|
|
2023-02-17 12:59:22 +03:00
|
|
|
@reqs.description("Test COSE msg type validation")
|
|
|
|
def test_cose_msg_type_validation(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-02-17 12:59:22 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2023-02-17 12:59:22 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
def check_msg_type(verb, path, name, auth_policy):
|
2023-02-17 12:59:22 +03:00
|
|
|
r = c.call(
|
|
|
|
path,
|
|
|
|
b"{ not valid json",
|
|
|
|
http_verb=verb,
|
|
|
|
cose_header_parameters_override={"ccf.gov.msg.type": "incorrect"},
|
|
|
|
)
|
|
|
|
assert r.status_code == 401
|
|
|
|
expected_error = {
|
2023-10-04 17:43:32 +03:00
|
|
|
"auth_policy": auth_policy,
|
2023-02-17 12:59:22 +03:00
|
|
|
"code": "InvalidAuthenticationInfo",
|
|
|
|
"message": f"Found ccf.gov.msg.type set to incorrect, expected ccf.gov.msg.type to be {name}",
|
|
|
|
}
|
|
|
|
assert expected_error in r.body.json()["error"]["details"], r.body.json()[
|
|
|
|
"error"
|
|
|
|
]["details"]
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
proposal = os.urandom(32).hex()
|
|
|
|
member = os.urandom(32).hex()
|
|
|
|
member_auth = "member_cose_sign1"
|
|
|
|
active_member_auth = "active_member_cose_sign1"
|
2023-02-17 12:59:22 +03:00
|
|
|
to_be_checked = [
|
2023-10-04 17:43:32 +03:00
|
|
|
("POST", "/gov/members/proposals:create", "proposal", active_member_auth),
|
|
|
|
(
|
|
|
|
"POST",
|
|
|
|
f"/gov/members/proposals/{proposal}:withdraw",
|
|
|
|
"withdrawal",
|
|
|
|
active_member_auth,
|
|
|
|
),
|
|
|
|
(
|
|
|
|
"POST",
|
|
|
|
f"/gov/members/proposals/{proposal}/ballots/{member}:submit",
|
|
|
|
"ballot",
|
|
|
|
active_member_auth,
|
|
|
|
),
|
|
|
|
("POST", f"/gov/members/state-digests/{member}:ack", "ack", member_auth),
|
|
|
|
(
|
|
|
|
"POST",
|
|
|
|
f"/gov/members/state-digests/{member}:update",
|
|
|
|
"state_digest",
|
|
|
|
member_auth,
|
|
|
|
),
|
2023-02-17 12:59:22 +03:00
|
|
|
]
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
for verb, path, name, auth_policy in to_be_checked:
|
|
|
|
check_msg_type(verb, path, name, auth_policy)
|
2023-02-17 12:59:22 +03:00
|
|
|
|
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
@reqs.description("Test proposal validation")
|
|
|
|
def test_proposal_validation(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
def assert_invalid_proposal(proposal_body):
|
|
|
|
try:
|
|
|
|
member.propose(node, proposal_body)
|
|
|
|
except infra.proposal.ProposalNotCreated as e:
|
|
|
|
r = e.response
|
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "ProposalFailedToValidate"
|
|
|
|
), r.body.text()
|
|
|
|
|
|
|
|
def assert_malformed_proposal(proposal_body):
|
|
|
|
try:
|
|
|
|
member.propose(node, proposal_body)
|
|
|
|
except infra.proposal.ProposalNotCreated as e:
|
|
|
|
r = e.response
|
|
|
|
assert (
|
|
|
|
r.status_code == 500
|
|
|
|
and r.body.json()["error"]["code"] == "InternalError"
|
|
|
|
and r.body.json()["error"]["message"].startswith(
|
|
|
|
"Failed to execute validation: SyntaxError:"
|
|
|
|
)
|
|
|
|
), r.body.text()
|
2022-10-03 12:52:35 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
member = network.consortium.get_any_active_member()
|
2022-10-03 12:52:35 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Non-JSON body
|
|
|
|
assert_malformed_proposal(b"{ not valid json")
|
2021-03-31 00:13:27 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Incorrect arg type
|
|
|
|
assert_invalid_proposal(proposal(action("valid_pem", pem="That's not a PEM")))
|
2021-03-31 00:13:27 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Successfully validated
|
|
|
|
with open(
|
|
|
|
os.path.join(network.common_dir, "service_cert.pem"), "r", encoding="utf-8"
|
|
|
|
) as cert:
|
|
|
|
valid_pem = cert.read()
|
|
|
|
member.propose(node, proposal(action("valid_pem", pem=valid_pem)))
|
2021-03-31 00:13:27 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Arg missing
|
|
|
|
assert_invalid_proposal(proposal(action("remove_user")))
|
2021-04-20 19:02:11 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Not a string
|
|
|
|
assert_invalid_proposal(proposal(action("remove_user", user_id=42)))
|
2021-04-20 19:02:11 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Too short
|
|
|
|
assert_invalid_proposal(proposal(action("remove_user", user_id="deadbeef")))
|
2021-04-20 19:02:11 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Too long
|
|
|
|
assert_invalid_proposal(
|
|
|
|
proposal(
|
|
|
|
action(
|
|
|
|
"remove_user",
|
|
|
|
user_id="0deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef",
|
|
|
|
)
|
2021-04-20 19:02:11 +03:00
|
|
|
)
|
2023-10-04 17:43:32 +03:00
|
|
|
)
|
2021-04-20 19:02:11 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Not hex
|
|
|
|
assert_invalid_proposal(
|
|
|
|
proposal(
|
|
|
|
action(
|
|
|
|
"remove_user",
|
|
|
|
user_id="totboeuftotboeuftotboeuftotboeuftotboeuftotboeuftotboeuftotboeuf",
|
|
|
|
)
|
2021-04-20 19:02:11 +03:00
|
|
|
)
|
2023-10-04 17:43:32 +03:00
|
|
|
)
|
2021-04-20 19:02:11 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Just right
|
|
|
|
# NB: It validates (structurally correct type), but does nothing because this user doesn't exist
|
|
|
|
member.propose(
|
|
|
|
node,
|
|
|
|
proposal(
|
|
|
|
action(
|
|
|
|
"remove_user",
|
|
|
|
user_id="deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef",
|
|
|
|
)
|
|
|
|
),
|
|
|
|
)
|
2021-04-20 19:02:11 +03:00
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
return network
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test proposal storage")
|
|
|
|
def test_proposal_storage(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
plausible = os.urandom(32).hex()
|
|
|
|
|
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
r = c.get(f"/gov/members/proposals/{plausible}")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 404, r.body.text()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get(f"/gov/members/proposals/{plausible}/actions")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 404, r.body.text()
|
|
|
|
|
|
|
|
for prop in (valid_set_recovery_threshold, valid_set_recovery_threshold_twice):
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", prop)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get(f"/gov/members/proposals/{proposal_id}")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
proposer_id = network.consortium.get_member_by_local_id(
|
|
|
|
"member0"
|
|
|
|
).service_id
|
2021-03-29 17:26:05 +03:00
|
|
|
expected = {
|
2023-10-04 17:43:32 +03:00
|
|
|
"proposerId": proposer_id,
|
|
|
|
"proposalState": "Open",
|
|
|
|
"proposalId": proposal_id,
|
|
|
|
"ballotCount": 0,
|
2021-03-29 17:26:05 +03:00
|
|
|
}
|
|
|
|
assert r.body.json() == expected, r.body.json()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get(f"/gov/members/proposals/{proposal_id}/actions")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
assert r.body.json() == prop, r.body.json()
|
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test proposal withdrawal")
|
|
|
|
def test_proposal_withdrawal(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-09-26 00:03:58 +03:00
|
|
|
infra.clients.get_clock().advance()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
plausible = os.urandom(32).hex()
|
|
|
|
|
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2021-03-29 17:26:05 +03:00
|
|
|
for prop in (valid_set_recovery_threshold, valid_set_recovery_threshold_twice):
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(f"/gov/members/proposals/{plausible}:withdraw")
|
|
|
|
# Idempotent - we don't know if this used to exist
|
|
|
|
assert r.status_code == 204, r.body.text()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", prop)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member1", api_version=args.gov_api_version
|
|
|
|
) as oc:
|
|
|
|
r = oc.post(f"/gov/members/proposals/{proposal_id}:withdraw")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 403, r.body.text()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get(f"/gov/members/proposals/{proposal_id}")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
proposer_id = network.consortium.get_member_by_local_id(
|
|
|
|
"member0"
|
|
|
|
).service_id
|
2021-03-29 17:26:05 +03:00
|
|
|
expected = {
|
2023-10-04 17:43:32 +03:00
|
|
|
"proposerId": proposer_id,
|
|
|
|
"proposalState": "Open",
|
|
|
|
"proposalId": proposal_id,
|
|
|
|
"ballotCount": 0,
|
2021-03-29 17:26:05 +03:00
|
|
|
}
|
|
|
|
assert r.body.json() == expected, r.body.json()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(f"/gov/members/proposals/{proposal_id}:withdraw")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
expected = {
|
2023-10-04 17:43:32 +03:00
|
|
|
"proposerId": proposer_id,
|
|
|
|
"proposalState": "Withdrawn",
|
|
|
|
"proposalId": proposal_id,
|
|
|
|
"ballotCount": 0,
|
2021-03-29 17:26:05 +03:00
|
|
|
}
|
|
|
|
assert r.body.json() == expected, r.body.json()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(f"/gov/members/proposals/{proposal_id}:withdraw")
|
|
|
|
# Idempotent - sure we'll try to withdraw this again
|
|
|
|
assert r.status_code == 200, r.body.text()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test ballot storage and validation")
|
|
|
|
def test_ballot_storage(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-09-26 00:03:58 +03:00
|
|
|
infra.clients.get_clock().advance()
|
2023-04-19 13:47:44 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
|
|
|
r = c.post("/gov/members/proposals:create", valid_set_recovery_threshold)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", {}
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 400, r.body.text()
|
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
ballot = ballot_yes
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", ballot
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", ballot
|
|
|
|
)
|
|
|
|
# Idempotence - resubmission is fine
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
|
|
|
|
# Changing ballot is not allowed
|
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot_no,
|
|
|
|
)
|
2021-04-16 21:20:37 +03:00
|
|
|
assert r.status_code == 400, r.body.text()
|
|
|
|
assert r.body.json()["error"]["code"] == "VoteAlreadyExists", r.body.json()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get(f"/gov/members/proposals/{proposal_id}/ballots/{member_id}")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.headers["content-type"] == "text/javascript"
|
|
|
|
assert r.body.text() == ballot["ballot"], r.body.text()
|
|
|
|
|
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member1", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
member_id = network.consortium.get_member_by_local_id("member1").service_id
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
ballot = ballot_no
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", ballot
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
|
|
|
|
r = c.get(f"/gov/members/proposals/{proposal_id}/ballots/{member_id}")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.headers["content-type"] == "text/javascript"
|
|
|
|
assert r.body.text() == ballot["ballot"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test pure proposals")
|
|
|
|
def test_pure_proposals(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2021-03-29 17:26:05 +03:00
|
|
|
for prop, state in [
|
|
|
|
(always_accept_noop, "Accepted"),
|
|
|
|
(always_reject_noop, "Rejected"),
|
|
|
|
]:
|
2023-10-04 17:43:32 +03:00
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
|
|
|
|
|
|
|
r = c.post("/gov/members/proposals:create", prop)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == state, r.body.json()
|
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
ballot = ballot_yes
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot,
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 400, r.body.text()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(f"/gov/members/proposals/{proposal_id}:withdraw")
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 400, r.body.text()
|
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2023-01-24 14:37:22 +03:00
|
|
|
@reqs.description("Test proposal replay protection")
|
|
|
|
def test_proposal_replay_protection(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-01-24 14:37:22 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2023-01-24 14:37:22 +03:00
|
|
|
# Creating a proposal with too large a created_at always fails
|
|
|
|
c.set_created_at_override(int("1" + "0" * 10))
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_noop)
|
2023-01-24 14:37:22 +03:00
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "InvalidCreatedAt"
|
|
|
|
), r.body.text()
|
|
|
|
|
2023-09-26 00:03:58 +03:00
|
|
|
infra.clients.get_clock().advance()
|
2023-01-24 14:37:22 +03:00
|
|
|
# Fill window size with proposals
|
|
|
|
window_size = 100
|
2023-09-26 00:03:58 +03:00
|
|
|
now = infra.clients.get_clock()
|
2023-01-24 14:37:22 +03:00
|
|
|
submitted = []
|
|
|
|
for i in range(window_size):
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now + i).moment())
|
2023-01-24 14:37:22 +03:00
|
|
|
proposal = unique_always_accept_noop()
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", proposal)
|
2023-01-24 14:37:22 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
submitted.append(proposal)
|
|
|
|
|
|
|
|
# Re-submitting the last proposal is detected as a replay
|
|
|
|
last_index = window_size - 1
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now + last_index).moment())
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", submitted[last_index])
|
2023-01-24 14:37:22 +03:00
|
|
|
assert (
|
|
|
|
r.status_code == 400 and r.body.json()["error"]["code"] == "ProposalReplay"
|
|
|
|
), r.body.text()
|
|
|
|
|
|
|
|
# Submitting proposals earlier than, or in the first half of the window is rejected
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now - 1).moment())
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_noop)
|
2023-01-24 14:37:22 +03:00
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "ProposalCreatedTooLongAgo"
|
|
|
|
), r.body.text()
|
|
|
|
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now + (window_size // 2 - 1)).moment())
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_noop)
|
2023-01-24 14:37:22 +03:00
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "ProposalCreatedTooLongAgo"
|
|
|
|
), r.body.text()
|
|
|
|
|
|
|
|
# Submitting a unique proposal just past the median of the window does work
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now + (window_size // 2)).moment())
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", unique_always_accept_noop())
|
2023-01-24 14:37:22 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
"/gov/members/proposals:create",
|
|
|
|
set_service_recent_cose_proposals_window_size(1),
|
|
|
|
)
|
2023-01-24 14:37:22 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
|
|
|
|
# Submitting a new unique proposal works
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now + window_size).moment())
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", unique_always_accept_noop())
|
2023-01-24 14:37:22 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
|
|
|
|
# Submitting a unique proposal just prior to that no longer does
|
2023-09-26 00:03:58 +03:00
|
|
|
c.set_created_at_override((now + window_size - 2).moment())
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", unique_always_accept_noop())
|
2023-01-24 14:37:22 +03:00
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "ProposalCreatedTooLongAgo"
|
|
|
|
), r.body.text()
|
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2022-10-12 15:22:51 +03:00
|
|
|
@reqs.description("Test open proposals")
|
|
|
|
def test_all_open_proposals(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_noop)
|
2022-10-12 15:22:51 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
first = r.body.json()
|
|
|
|
assert first["proposalState"] == "Accepted", r.body.json()
|
2022-10-12 15:22:51 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get("/gov/members/proposals")
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
proposals = r.body.json()["value"]
|
|
|
|
assert len(proposals) == 1, proposals
|
|
|
|
# Response at passing time might contain more detail. This later summary is a subset of the earlier object
|
|
|
|
assert proposals[0].items() <= first.items(), proposals
|
2022-10-12 15:22:51 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_with_one_vote)
|
2022-10-12 15:22:51 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
second = r.body.json()
|
|
|
|
assert second["proposalState"] == "Open", second
|
2022-10-12 15:22:51 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get("/gov/members/proposals")
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
proposals = r.body.json()["value"]
|
|
|
|
assert len(proposals) == 2, proposals
|
|
|
|
for proposal in proposals:
|
|
|
|
if proposal["proposalId"] == first["proposalId"]:
|
|
|
|
assert proposal.items() <= first.items(), proposal
|
|
|
|
elif proposal["proposalId"] == second["proposalId"]:
|
|
|
|
assert proposal.items() <= second.items(), proposal
|
|
|
|
else:
|
|
|
|
assert False, proposal
|
2022-10-12 15:22:51 +03:00
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
def opposite(js_bool):
|
|
|
|
if js_bool == "true":
|
|
|
|
return "false"
|
|
|
|
elif js_bool == "false":
|
|
|
|
return "true"
|
|
|
|
else:
|
|
|
|
raise ValueError(f"{js_bool} is not a JavaScript boolean")
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test vote proposals")
|
|
|
|
def test_proposals_with_votes(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
for prop, state, direction in [
|
|
|
|
(always_accept_with_one_vote, "Accepted", "true"),
|
|
|
|
(always_reject_with_one_vote, "Rejected", "false"),
|
|
|
|
]:
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", prop)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-16 21:20:37 +03:00
|
|
|
ballot = vote(f"return {direction}")
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot,
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == state, r.body.json()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-09-26 00:03:58 +03:00
|
|
|
infra.clients.get_clock().advance()
|
2023-04-19 13:47:44 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", prop)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-16 21:20:37 +03:00
|
|
|
ballot = vote(
|
|
|
|
f'if (proposer_id == "{member_id}") {{ return {direction} }} else {{ return {opposite(direction) } }}'
|
|
|
|
)
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot,
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == state, r.body.json()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
for prop, state, ballot in [
|
|
|
|
(always_accept_with_two_votes, "Accepted", ballot_yes),
|
|
|
|
(always_reject_with_two_votes, "Rejected", ballot_no),
|
2021-03-29 17:26:05 +03:00
|
|
|
]:
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post("/gov/members/proposals:create", prop)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot,
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
|
|
|
|
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member1", api_version=args.gov_api_version
|
|
|
|
) as oc:
|
|
|
|
other_member_id = network.consortium.get_member_by_local_id(
|
|
|
|
"member1"
|
|
|
|
).service_id
|
|
|
|
r = oc.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{other_member_id}:submit",
|
|
|
|
ballot,
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == state, r.body.json()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2024-04-11 14:02:00 +03:00
|
|
|
@reqs.description("Test proposal id is set correctly in resolve()")
|
|
|
|
def test_check_proposal_id_is_set_correctly(network, args):
|
|
|
|
node = choose_node(network)
|
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
r = c.post("/gov/members/proposals:create", check_proposal_id_is_set_correctly)
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
assert r.body.json()["proposalState"] == "Accepted", r.body.json()
|
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2021-04-16 21:20:37 +03:00
|
|
|
@reqs.description("Test vote failure reporting")
|
|
|
|
def test_vote_failure_reporting(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-10-04 17:43:32 +03:00
|
|
|
|
|
|
|
error_body = f"Sample error ({uuid.uuid4()})"
|
|
|
|
|
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_with_one_vote)
|
2021-04-16 21:20:37 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-04-16 21:20:37 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
ballot = vote(f'throw new Error("{error_body}")')
|
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", ballot
|
|
|
|
)
|
2021-04-16 21:20:37 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
2021-04-16 21:20:37 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member1", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2021-04-16 21:20:37 +03:00
|
|
|
ballot = ballot_yes
|
2023-10-04 17:43:32 +03:00
|
|
|
member_id = network.consortium.get_member_by_local_id("member1").service_id
|
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", ballot
|
|
|
|
)
|
2021-04-16 21:20:37 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
rj = r.body.json()
|
2023-10-04 17:43:32 +03:00
|
|
|
LOG.warning(rj)
|
|
|
|
assert rj["proposalState"] == "Accepted", r.body.json()
|
|
|
|
assert len(rj["voteFailures"]) == 1, rj["voteFailures"]
|
2021-04-16 21:20:37 +03:00
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
2023-10-04 17:43:32 +03:00
|
|
|
assert rj["voteFailures"][member_id]["reason"] == f"Error: {error_body}", rj[
|
|
|
|
"voteFailures"
|
2021-04-16 21:20:37 +03:00
|
|
|
]
|
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2021-03-29 17:26:05 +03:00
|
|
|
@reqs.description("Test operator proposals and votes")
|
|
|
|
def test_operator_proposals_and_votes(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
r = c.post("/gov/members/proposals:create", always_accept_if_voted_by_operator)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
|
|
|
proposal_id = r.body.json()["proposalId"]
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
ballot = ballot_yes
|
2023-10-04 17:43:32 +03:00
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit", ballot
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Accepted", r.body.json()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.post(
|
|
|
|
"/gov/members/proposals:create", always_accept_if_proposed_by_operator
|
|
|
|
)
|
2021-03-29 17:26:05 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Accepted", r.body.json()
|
2021-03-29 17:26:05 +03:00
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
2022-10-20 12:16:38 +03:00
|
|
|
@reqs.description("Test operator provisioner proposals")
|
|
|
|
def test_operator_provisioner_proposals_and_votes(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2022-10-20 12:16:38 +03:00
|
|
|
|
|
|
|
def propose_and_assert_accepted(signer_id, proposal):
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, signer_id, api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
r = c.post("/gov/members/proposals:create", proposal)
|
2022-10-20 12:16:38 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Accepted", r.body.json()
|
2022-10-20 12:16:38 +03:00
|
|
|
|
|
|
|
# Create an operator provisioner
|
|
|
|
operator_provisioner = network.consortium.generate_and_add_new_member(
|
|
|
|
remote_node=node,
|
|
|
|
curve=args.participants_curve,
|
|
|
|
member_data={"is_operator_provisioner": True},
|
|
|
|
)
|
|
|
|
operator_provisioner.ack(node)
|
|
|
|
|
|
|
|
# Propose the creation of an operator signed by the operator provisioner
|
|
|
|
operator = infra.member.Member(
|
|
|
|
"operator",
|
|
|
|
args.participants_curve,
|
|
|
|
network.consortium.common_dir,
|
|
|
|
network.consortium.share_script,
|
|
|
|
is_recovery_member=False,
|
|
|
|
key_generator=network.consortium.key_generator,
|
|
|
|
authenticate_session=network.consortium.authenticate_session,
|
2023-09-27 15:58:04 +03:00
|
|
|
gov_api_impl=network.consortium.gov_api_impl,
|
2022-10-20 12:16:38 +03:00
|
|
|
)
|
|
|
|
|
2022-11-14 19:01:16 +03:00
|
|
|
cert_file = os.path.join(node.common_dir, operator.member_info["certificate_file"])
|
2022-10-20 12:16:38 +03:00
|
|
|
set_operator, _ = network.consortium.make_proposal(
|
|
|
|
"set_member",
|
|
|
|
cert=open(
|
2022-11-14 19:01:16 +03:00
|
|
|
cert_file,
|
2022-10-20 12:16:38 +03:00
|
|
|
encoding="utf-8",
|
|
|
|
).read(),
|
|
|
|
member_data={"is_operator": True},
|
|
|
|
)
|
|
|
|
|
|
|
|
propose_and_assert_accepted(
|
|
|
|
signer_id=operator_provisioner.local_id,
|
|
|
|
proposal=set_operator,
|
|
|
|
)
|
|
|
|
network.consortium.members.append(operator)
|
|
|
|
operator.ack(node)
|
|
|
|
|
|
|
|
# Propose the removal of the operator signed by the operator provisioner
|
|
|
|
remove_operator, _ = network.consortium.make_proposal(
|
|
|
|
"remove_member",
|
|
|
|
member_id=operator.service_id,
|
|
|
|
)
|
|
|
|
|
|
|
|
propose_and_assert_accepted(
|
|
|
|
signer_id=operator_provisioner.local_id,
|
|
|
|
proposal=remove_operator,
|
|
|
|
)
|
|
|
|
network.consortium.members.remove(operator)
|
|
|
|
operator.set_retired()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
# Create a proposal that the operator provisioner isn't allowed to approve.
|
2022-10-20 12:16:38 +03:00
|
|
|
illegal_proposal, _ = network.consortium.make_proposal(
|
|
|
|
"set_member_data",
|
|
|
|
member_id=network.consortium.get_member_by_local_id("member0").service_id,
|
|
|
|
member_data={},
|
|
|
|
)
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
r = c.post("/gov/members/proposals:create", illegal_proposal)
|
2022-10-20 12:16:38 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
# Unlike earlier proposals, this is _not_ immediately approved
|
|
|
|
assert r.body.json()["proposalState"] == "Open", r.body.json()
|
2022-10-20 12:16:38 +03:00
|
|
|
|
|
|
|
network.consortium.members.remove(operator_provisioner)
|
|
|
|
operator_provisioner.set_retired()
|
|
|
|
|
|
|
|
|
2021-03-30 20:33:14 +03:00
|
|
|
@reqs.description("Test actions")
|
|
|
|
def test_actions(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-03-30 20:33:14 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
# Rekey ledger
|
|
|
|
network.consortium.trigger_ledger_rekey(node)
|
2021-03-30 20:33:14 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
# Add new user twice (with and without user data)
|
|
|
|
new_user_local_id = "js_user"
|
|
|
|
new_user = network.create_user(new_user_local_id, args.participants_curve)
|
|
|
|
LOG.info(f"Adding new user {new_user.service_id}")
|
2021-03-30 20:33:14 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
user_data = None
|
|
|
|
network.consortium.add_user(node, new_user.local_id, user_data)
|
2021-03-30 20:33:14 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
user_data = {"foo": "bar"}
|
|
|
|
network.consortium.add_user(node, new_user.local_id, user_data)
|
2021-03-30 20:33:14 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
with node.client(new_user.local_id) as c:
|
|
|
|
r = c.post("/app/log/private", {"id": 0, "msg": "JS"})
|
2021-03-30 20:33:14 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
# Set user data
|
|
|
|
network.consortium.set_user_data(
|
|
|
|
node, new_user.service_id, user_data={"user": "data"}
|
|
|
|
)
|
|
|
|
network.consortium.set_user_data(node, new_user.service_id, user_data=None)
|
2021-03-30 20:33:14 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
# Remove user
|
|
|
|
network.consortium.remove_user(node, new_user.service_id)
|
2021-03-30 16:01:17 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
with node.client(new_user.local_id) as c:
|
|
|
|
r = c.get("/app/log/private")
|
|
|
|
assert r.status_code == 401, r.body.text()
|
|
|
|
|
|
|
|
# Set member data
|
|
|
|
network.consortium.set_member_data(
|
|
|
|
node,
|
|
|
|
network.consortium.get_member_by_local_id("member0").service_id,
|
2021-04-12 17:49:04 +03:00
|
|
|
member_data={"is_operator": True, "is_admin": True},
|
2021-04-01 22:19:31 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
# Set recovery threshold
|
|
|
|
try:
|
|
|
|
network.consortium.set_recovery_threshold(node, recovery_threshold=0)
|
|
|
|
assert False, "Recovery threshold cannot be set to zero"
|
|
|
|
except infra.proposal.ProposalNotCreated as e:
|
|
|
|
assert (
|
|
|
|
e.response.status_code == 400
|
|
|
|
and e.response.body.json()["error"]["code"] == "ProposalFailedToValidate"
|
|
|
|
), e.response.body.text()
|
|
|
|
|
|
|
|
try:
|
|
|
|
network.consortium.set_recovery_threshold(node, recovery_threshold=256)
|
|
|
|
assert False, "Recovery threshold cannot be set to > 255"
|
|
|
|
except infra.proposal.ProposalNotCreated as e:
|
|
|
|
assert (
|
|
|
|
e.response.status_code == 400
|
|
|
|
and e.response.body.json()["error"]["code"] == "ProposalFailedToValidate"
|
|
|
|
), e.response.body.text()
|
|
|
|
|
|
|
|
try:
|
|
|
|
network.consortium.set_recovery_threshold(node, recovery_threshold=None)
|
|
|
|
assert False, "Recovery threshold value must be passed as proposal argument"
|
|
|
|
except infra.proposal.ProposalNotCreated as e:
|
|
|
|
assert (
|
|
|
|
e.response.status_code == 400
|
|
|
|
and e.response.body.json()["error"]["code"] == "ProposalFailedToValidate"
|
|
|
|
), e.response.body.text()
|
|
|
|
|
|
|
|
try:
|
|
|
|
network.consortium.set_recovery_threshold(
|
|
|
|
node,
|
|
|
|
recovery_threshold=len(network.consortium.get_active_recovery_members())
|
|
|
|
+ 1,
|
2021-03-30 16:01:17 +03:00
|
|
|
)
|
2021-04-01 22:19:31 +03:00
|
|
|
assert (
|
|
|
|
False
|
|
|
|
), "Recovery threshold cannot be greater than the number of active recovery members"
|
|
|
|
except infra.proposal.ProposalNotAccepted:
|
|
|
|
pass
|
2021-03-30 16:01:17 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
network.consortium.set_recovery_threshold(
|
|
|
|
node, recovery_threshold=network.consortium.recovery_threshold - 1
|
|
|
|
)
|
2021-03-30 16:01:17 +03:00
|
|
|
|
2021-04-01 22:19:31 +03:00
|
|
|
# Refresh recovery shares
|
|
|
|
network.consortium.trigger_recovery_shares_refresh(node)
|
|
|
|
|
|
|
|
# Set member
|
|
|
|
new_member = network.consortium.generate_and_add_new_member(
|
|
|
|
node, args.participants_curve
|
|
|
|
)
|
|
|
|
|
|
|
|
member_data = {"foo": "bar"}
|
|
|
|
new_member = network.consortium.generate_and_add_new_member(
|
|
|
|
node, args.participants_curve, member_data=member_data
|
|
|
|
)
|
|
|
|
|
|
|
|
# Remove member
|
|
|
|
network.consortium.remove_member(node, new_member)
|
|
|
|
network.consortium.remove_member(node, new_member)
|
2021-03-30 16:01:17 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
return network
|
|
|
|
|
2021-03-30 16:01:17 +03:00
|
|
|
|
2021-11-17 21:28:19 +03:00
|
|
|
@reqs.description("Test resolve and apply failures")
|
2021-03-30 11:31:32 +03:00
|
|
|
def test_apply(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-03-30 11:31:32 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
|
|
|
member_id = network.consortium.get_member_by_local_id("member0").service_id
|
|
|
|
|
2021-03-31 22:47:51 +03:00
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create", proposal(action("always_throw_in_apply"))
|
2021-03-31 22:47:51 +03:00
|
|
|
)
|
2021-11-17 21:28:19 +03:00
|
|
|
assert r.status_code == 500, r.body.text()
|
|
|
|
assert r.body.json()["error"]["code"] == "InternalError", r.body.json()
|
2021-03-31 22:47:51 +03:00
|
|
|
assert (
|
2021-11-17 21:28:19 +03:00
|
|
|
r.body.json()["error"]["message"].split("\n")[0]
|
2021-04-16 21:20:37 +03:00
|
|
|
== "Failed to apply(): Error: Error message"
|
2021-03-31 22:47:51 +03:00
|
|
|
), r.body.json()
|
|
|
|
|
2021-11-17 21:28:19 +03:00
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-11-17 21:28:19 +03:00
|
|
|
proposal(action("always_accept_noop"), action("always_throw_in_apply")),
|
|
|
|
)
|
|
|
|
assert r.status_code == 200, r.body().text()
|
2023-10-04 17:43:32 +03:00
|
|
|
proposal_id = r.body.json()["proposalId"]
|
|
|
|
r = c.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot_yes,
|
|
|
|
)
|
2021-11-17 21:28:19 +03:00
|
|
|
assert r.status_code == 200, r.body().text()
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member1", api_version=args.gov_api_version
|
|
|
|
) as oc:
|
|
|
|
member_id = network.consortium.get_member_by_local_id("member1").service_id
|
|
|
|
|
|
|
|
r = oc.post(
|
|
|
|
f"/gov/members/proposals/{proposal_id}/ballots/{member_id}:submit",
|
|
|
|
ballot_yes,
|
|
|
|
)
|
2021-11-17 21:28:19 +03:00
|
|
|
assert r.body.json()["error"]["code"] == "InternalError", r.body.json()
|
|
|
|
assert (
|
|
|
|
"Failed to apply():" in r.body.json()["error"]["message"]
|
|
|
|
), r.body.json()
|
|
|
|
assert (
|
|
|
|
"Error: Error message" in r.body.json()["error"]["message"]
|
|
|
|
), r.body.json()
|
|
|
|
|
2021-03-31 22:47:51 +03:00
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-03-31 22:47:51 +03:00
|
|
|
proposal(action("always_throw_in_resolve")),
|
|
|
|
)
|
2021-11-17 21:28:19 +03:00
|
|
|
assert r.status_code == 500, r.body.text()
|
|
|
|
assert r.body.json()["error"]["code"] == "InternalError", r.body.json()
|
|
|
|
assert (
|
|
|
|
"Failed to resolve():" in r.body.json()["error"]["message"]
|
|
|
|
), r.body.json()
|
2021-03-31 22:47:51 +03:00
|
|
|
assert (
|
2021-11-17 21:28:19 +03:00
|
|
|
"Error: Resolve message" in r.body.json()["error"]["message"]
|
2021-03-31 22:47:51 +03:00
|
|
|
), r.body.json()
|
|
|
|
|
2021-03-30 20:33:14 +03:00
|
|
|
return network
|
|
|
|
|
2021-03-30 11:31:32 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
@reqs.description("Test set_constitution")
|
|
|
|
def test_set_constitution(network, args):
|
2024-03-25 17:47:03 +03:00
|
|
|
node = choose_node(network)
|
2021-04-12 17:49:04 +03:00
|
|
|
|
2023-09-26 00:03:58 +03:00
|
|
|
infra.clients.get_clock().advance()
|
2021-04-12 17:49:04 +03:00
|
|
|
# Create some open proposals
|
|
|
|
pending_proposals = []
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2021-04-12 17:49:04 +03:00
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-04-12 17:49:04 +03:00
|
|
|
valid_set_recovery_threshold,
|
|
|
|
)
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
body = r.body.json()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert body["proposalState"] == "Open", body
|
|
|
|
pending_proposals.append(body["proposalId"])
|
2021-04-12 17:49:04 +03:00
|
|
|
|
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-04-12 17:49:04 +03:00
|
|
|
always_accept_with_one_vote,
|
|
|
|
)
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
body = r.body.json()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert body["proposalState"] == "Open", body
|
|
|
|
pending_proposals.append(body["proposalId"])
|
2021-04-12 17:49:04 +03:00
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get("/gov/service/constitution")
|
2022-11-30 21:46:09 +03:00
|
|
|
assert r.status_code == 200, r
|
2023-10-04 17:43:32 +03:00
|
|
|
constitution_before = r.body.text()
|
2022-11-30 21:46:09 +03:00
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
# Create a set_constitution proposal, with test proposals removed, and pass it
|
|
|
|
original_constitution = args.constitution
|
|
|
|
modified_constitution = [
|
|
|
|
path for path in original_constitution if "test_actions.js" not in path
|
|
|
|
]
|
|
|
|
network.consortium.set_constitution(node, modified_constitution)
|
|
|
|
|
2023-10-04 17:43:32 +03:00
|
|
|
with node.api_versioned_client(
|
|
|
|
None, None, "member0", api_version=args.gov_api_version
|
|
|
|
) as c:
|
2021-04-12 17:49:04 +03:00
|
|
|
# Check all other proposals were dropped
|
|
|
|
for proposal_id in pending_proposals:
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get(f"/gov/members/proposals/{proposal_id}")
|
2021-04-12 17:49:04 +03:00
|
|
|
assert r.status_code == 200, r.body.text()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert r.body.json()["proposalState"] == "Dropped", r.body.json()
|
2021-04-12 17:49:04 +03:00
|
|
|
|
|
|
|
# Confirm constitution has changed by proposing test actions which are no longer present
|
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-04-12 17:49:04 +03:00
|
|
|
always_accept_noop,
|
|
|
|
)
|
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "ProposalFailedToValidate"
|
|
|
|
), r.body.text()
|
|
|
|
|
2022-11-30 21:46:09 +03:00
|
|
|
# Confirm constitution has changed by comparing against previous kv value
|
2023-10-04 17:43:32 +03:00
|
|
|
r = c.get("/gov/service/constitution")
|
2022-11-30 21:46:09 +03:00
|
|
|
assert r.status_code == 200, r
|
2023-10-04 17:43:32 +03:00
|
|
|
constitution_after = r.body.text()
|
2022-11-30 21:46:09 +03:00
|
|
|
assert constitution_before != constitution_after
|
|
|
|
|
2021-04-12 17:49:04 +03:00
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-04-12 17:49:04 +03:00
|
|
|
always_reject_noop,
|
|
|
|
)
|
|
|
|
assert (
|
|
|
|
r.status_code == 400
|
|
|
|
and r.body.json()["error"]["code"] == "ProposalFailedToValidate"
|
|
|
|
), r.body.text()
|
|
|
|
|
2023-09-26 00:03:58 +03:00
|
|
|
infra.clients.get_clock().advance()
|
2021-04-12 17:49:04 +03:00
|
|
|
# Confirm modified constitution can still accept valid proposals
|
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-04-12 17:49:04 +03:00
|
|
|
valid_set_recovery_threshold,
|
|
|
|
)
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
body = r.body.json()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert body["proposalState"] == "Open", body
|
2021-04-12 17:49:04 +03:00
|
|
|
|
2021-09-01 22:09:12 +03:00
|
|
|
# Restore original constitution
|
|
|
|
network.consortium.set_constitution(node, original_constitution)
|
2021-04-12 17:49:04 +03:00
|
|
|
|
2021-09-01 22:09:12 +03:00
|
|
|
# Confirm original constitution was restored
|
|
|
|
r = c.post(
|
2023-10-04 17:43:32 +03:00
|
|
|
"/gov/members/proposals:create",
|
2021-09-01 22:09:12 +03:00
|
|
|
always_accept_noop,
|
|
|
|
)
|
|
|
|
assert r.status_code == 200, r.body.text()
|
|
|
|
body = r.body.json()
|
2023-10-04 17:43:32 +03:00
|
|
|
assert body["proposalState"] == "Accepted", body
|
2021-04-12 17:49:04 +03:00
|
|
|
|
|
|
|
return network
|
2022-12-05 12:48:37 +03:00
|
|
|
|
|
|
|
|
2023-04-13 13:20:18 +03:00
|
|
|
@contextmanager
|
|
|
|
def temporary_constitution(network, args, js_constitution_suffix):
|
2022-12-05 12:48:37 +03:00
|
|
|
primary, _ = network.find_primary()
|
2023-04-13 13:20:18 +03:00
|
|
|
original_constitution = args.constitution
|
|
|
|
with tempfile.NamedTemporaryFile("w") as f:
|
|
|
|
f.write(js_constitution_suffix)
|
|
|
|
f.flush()
|
2022-12-05 12:48:37 +03:00
|
|
|
|
2023-04-13 13:20:18 +03:00
|
|
|
modified_constitution = [path for path in original_constitution] + [f.name]
|
|
|
|
network.consortium.set_constitution(primary, modified_constitution)
|
2022-12-05 12:48:37 +03:00
|
|
|
|
2023-04-13 13:20:18 +03:00
|
|
|
yield
|
2022-12-05 12:48:37 +03:00
|
|
|
|
2023-04-13 13:20:18 +03:00
|
|
|
network.consortium.set_constitution(primary, original_constitution)
|
2022-12-05 12:48:37 +03:00
|
|
|
|
|
|
|
|
2023-04-13 13:20:18 +03:00
|
|
|
def make_action_snippet(action_name, validate="", apply=""):
|
|
|
|
return f"""
|
2022-12-05 12:48:37 +03:00
|
|
|
actions.set(
|
|
|
|
"{action_name}",
|
|
|
|
new Action(
|
2024-04-17 09:41:58 +03:00
|
|
|
function validate(args) {{ {validate} }},
|
|
|
|
function apply(args, proposalId) {{ {apply} }}
|
2022-12-05 12:48:37 +03:00
|
|
|
)
|
|
|
|
)
|
2023-04-13 13:20:18 +03:00
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test read-write restrictions")
|
|
|
|
def test_read_write_restrictions(network, args):
|
|
|
|
primary, _ = network.find_primary()
|
2022-12-05 12:48:37 +03:00
|
|
|
|
|
|
|
consortium = network.consortium
|
|
|
|
|
|
|
|
LOG.info("Test basic constitution replacement")
|
|
|
|
with temporary_constitution(
|
2023-04-13 13:20:18 +03:00
|
|
|
network,
|
|
|
|
args,
|
2022-12-05 12:48:37 +03:00
|
|
|
make_action_snippet(
|
|
|
|
"hello_world",
|
|
|
|
validate="console.log('Validating a hello_world action')",
|
|
|
|
apply="console.log('Applying a hello_world action')",
|
2023-04-13 13:20:18 +03:00
|
|
|
),
|
2022-12-05 12:48:37 +03:00
|
|
|
):
|
|
|
|
proposal_body, vote = consortium.make_proposal("hello_world")
|
|
|
|
proposal = consortium.get_any_active_member().propose(primary, proposal_body)
|
|
|
|
consortium.vote_using_majority(primary, proposal, vote)
|
|
|
|
|
|
|
|
@dataclasses.dataclass
|
|
|
|
class TestSpec:
|
|
|
|
description: str
|
|
|
|
table_name: str
|
|
|
|
|
|
|
|
readable_in_validate: bool = True
|
|
|
|
writable_in_validate: bool = True
|
|
|
|
|
|
|
|
readable_in_apply: bool = True
|
|
|
|
writable_in_apply: bool = True
|
|
|
|
|
|
|
|
error_contents: list = dataclasses.field(default_factory=list)
|
|
|
|
|
|
|
|
tests = [
|
|
|
|
# Governance tables
|
|
|
|
TestSpec(
|
|
|
|
description="Public governance tables cannot be modified during validation",
|
|
|
|
table_name="public:ccf.gov.my_custom_table",
|
|
|
|
writable_in_validate=False,
|
|
|
|
),
|
|
|
|
TestSpec(
|
|
|
|
description="Private governance tables cannot even be read",
|
|
|
|
table_name="ccf.gov.my_custom_table",
|
|
|
|
readable_in_validate=False,
|
|
|
|
writable_in_validate=False,
|
|
|
|
readable_in_apply=False,
|
|
|
|
writable_in_apply=False,
|
|
|
|
),
|
|
|
|
# Internal tables
|
|
|
|
TestSpec(
|
|
|
|
description="Public internal tables are read-only",
|
|
|
|
table_name="public:ccf.internal.my_custom_table",
|
|
|
|
writable_in_validate=False,
|
|
|
|
writable_in_apply=False,
|
|
|
|
),
|
|
|
|
TestSpec(
|
|
|
|
description="Private internal tables cannot even be read",
|
|
|
|
table_name="ccf.internal.my_custom_table",
|
|
|
|
readable_in_validate=False,
|
|
|
|
writable_in_validate=False,
|
|
|
|
readable_in_apply=False,
|
|
|
|
writable_in_apply=False,
|
|
|
|
),
|
|
|
|
# Application tables
|
|
|
|
TestSpec(
|
|
|
|
description="Public application tables are read-only",
|
|
|
|
table_name="public:my.app.my_custom_table",
|
|
|
|
readable_in_validate=False,
|
|
|
|
writable_in_validate=False,
|
|
|
|
readable_in_apply=False,
|
|
|
|
writable_in_apply=False,
|
|
|
|
),
|
|
|
|
TestSpec(
|
|
|
|
description="Private application tables cannot even be read",
|
|
|
|
table_name="my.app.my_custom_table",
|
|
|
|
readable_in_validate=False,
|
|
|
|
writable_in_validate=False,
|
|
|
|
readable_in_apply=False,
|
|
|
|
writable_in_apply=False,
|
|
|
|
),
|
|
|
|
]
|
|
|
|
|
|
|
|
def make_script(table_name, kind):
|
|
|
|
return f"""
|
|
|
|
const table_name = "{table_name}";
|
|
|
|
var table = ccf.kv[table_name];
|
|
|
|
if (args.try.includes("read_during_{kind}")) {{ table.get(getSingletonKvKey()); }}
|
|
|
|
if (args.try.includes("write_during_{kind}")) {{ table.delete(getSingletonKvKey()); }}
|
|
|
|
"""
|
|
|
|
|
|
|
|
action_name = "temp_action"
|
|
|
|
|
|
|
|
for test in tests:
|
|
|
|
LOG.info(test.description)
|
|
|
|
with temporary_constitution(
|
2023-04-13 13:20:18 +03:00
|
|
|
network,
|
|
|
|
args,
|
2022-12-05 12:48:37 +03:00
|
|
|
make_action_snippet(
|
|
|
|
action_name,
|
|
|
|
validate=make_script(test.table_name, "validate"),
|
|
|
|
apply=make_script(test.table_name, "apply"),
|
2023-04-13 13:20:18 +03:00
|
|
|
),
|
2022-12-05 12:48:37 +03:00
|
|
|
):
|
|
|
|
for should_succeed, proposal_args in (
|
|
|
|
(test.readable_in_validate, {"try": ["read_during_validate"]}),
|
|
|
|
(test.writable_in_validate, {"try": ["write_during_validate"]}),
|
|
|
|
(test.readable_in_apply, {"try": ["read_during_apply"]}),
|
|
|
|
(test.writable_in_apply, {"try": ["write_during_apply"]}),
|
|
|
|
):
|
|
|
|
proposal_body, vote = consortium.make_proposal(
|
|
|
|
action_name, **proposal_args
|
|
|
|
)
|
|
|
|
desc = f"during '{test.description}', doing {proposal_args}, expecting {should_succeed}"
|
|
|
|
try:
|
|
|
|
proposal = consortium.get_any_active_member().propose(
|
|
|
|
primary, proposal_body
|
|
|
|
)
|
|
|
|
consortium.vote_using_majority(primary, proposal, vote)
|
|
|
|
assert should_succeed, f"Proposal was applied unexpectedly ({desc})"
|
|
|
|
except (
|
|
|
|
infra.proposal.ProposalNotCreated,
|
|
|
|
infra.proposal.ProposalNotAccepted,
|
|
|
|
) as e:
|
|
|
|
msg = e.response.body.json()["error"]["message"]
|
|
|
|
assert (
|
|
|
|
not should_succeed
|
|
|
|
), f"Proposal failed unexpectedly ({desc}): {msg}"
|
|
|
|
|
|
|
|
return network
|
2024-04-17 09:41:58 +03:00
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test access to accepted proposal state")
|
|
|
|
def test_final_proposal_visibility(network, args):
|
|
|
|
primary, _ = network.find_primary()
|
|
|
|
consortium = network.consortium
|
|
|
|
|
|
|
|
with temporary_constitution(
|
|
|
|
network,
|
|
|
|
args,
|
|
|
|
# An proposal that counts who voted for it.
|
|
|
|
# Proving that such a thing is _possible_, but in practice we mostly expect that this visibility will only be used for reporting.
|
|
|
|
make_action_snippet(
|
|
|
|
"vote_provenance",
|
|
|
|
apply="""
|
|
|
|
let proposals = ccf.kv["public:ccf.gov.proposals_info"];
|
|
|
|
let proposalInfoBuffer = proposals.get(ccf.strToBuf(proposalId));
|
|
|
|
if (proposalInfoBuffer === undefined) { throw new Error(`Can't find proposal info for ${proposalId}`); }
|
|
|
|
const proposalInfo = ccf.bufToJsonCompatible(proposalInfoBuffer);
|
|
|
|
const state = proposalInfo.state;
|
|
|
|
if (state != "Accepted") { throw new Error(`apply() received proposal in unexpected state ${state}`); }
|
|
|
|
const finalVotes = proposalInfo.final_votes;
|
|
|
|
if (finalVotes === undefined) { throw new Error("Don't have finalVotes"); }
|
|
|
|
|
|
|
|
let supporters = ccf.kv["public:ccf.gov.testonly.supporter_points"];
|
|
|
|
for (const [memberId, vote] of Object.entries(finalVotes)) {
|
|
|
|
const memberIdBuf = ccf.strToBuf(memberId);
|
|
|
|
if (vote === true) {
|
|
|
|
if (supporters.has(memberIdBuf)) {
|
|
|
|
const prev = ccf.bufToJsonCompatible(supporters.get(memberIdBuf));
|
|
|
|
supporters.set(memberIdBuf, ccf.jsonCompatibleToBuf(prev + 1));
|
|
|
|
} else {
|
|
|
|
supporters.set(memberIdBuf, ccf.jsonCompatibleToBuf(1));
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// Null points for anyone who voted against this
|
|
|
|
supporters.set(memberIdBuf, ccf.jsonCompatibleToBuf(0));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
console.log("Current supporter scoreboard is:");
|
|
|
|
supporters.forEach((v, k) => {
|
|
|
|
console.log(` Member ${ccf.bufToStr(k)} has ${ccf.bufToJsonCompatible(v)} points`);
|
|
|
|
});
|
|
|
|
""",
|
|
|
|
),
|
|
|
|
):
|
|
|
|
members = consortium.get_active_members()
|
|
|
|
assert len(members) >= 3
|
|
|
|
booster = members[0]
|
|
|
|
fairweather = members[1]
|
|
|
|
turncoat = members[2]
|
|
|
|
|
|
|
|
proposal_body, ballot = consortium.make_proposal("vote_provenance")
|
|
|
|
|
|
|
|
first = consortium.get_any_active_member().propose(primary, proposal_body)
|
|
|
|
response = booster.vote(primary, first, ballot)
|
|
|
|
assert response.status_code == 200
|
|
|
|
response = turncoat.vote(primary, first, ballot)
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
|
|
second = consortium.get_any_active_member().propose(primary, proposal_body)
|
|
|
|
response = booster.vote(primary, second, ballot)
|
|
|
|
assert response.status_code == 200
|
|
|
|
response = fairweather.vote(primary, second, ballot)
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
|
|
third = consortium.get_any_active_member().propose(primary, proposal_body)
|
|
|
|
response = booster.vote(primary, third, ballot)
|
|
|
|
assert response.status_code == 200
|
|
|
|
# Votes against! Loses supporter points!
|
|
|
|
response = turncoat.vote(
|
|
|
|
primary,
|
|
|
|
third,
|
|
|
|
json.dumps(
|
|
|
|
{
|
|
|
|
"ballot": "export function vote (rawProposal, proposerId) { return false }"
|
|
|
|
}
|
|
|
|
),
|
|
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
|
|
response = fairweather.vote(primary, third, ballot)
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
|
|
LOG.info("Confirm that finalVotes is present in submit-ballot response")
|
|
|
|
body = response.body.json()
|
|
|
|
assert "finalVotes" in body, body
|
|
|
|
|
|
|
|
LOG.info("Confirm that finalVotes is present in get-proposal response")
|
|
|
|
body = consortium.get_proposal_raw(primary, third.proposal_id)
|
|
|
|
assert "finalVotes" in body, body
|
|
|
|
|
|
|
|
LOG.info("Confirm that expected values were actually written to the KV")
|
|
|
|
# To avoid creating an extra endpoint in the app, we smuggle a read into a new
|
|
|
|
# action's apply, reported to the caller via an exception
|
|
|
|
with temporary_constitution(
|
|
|
|
network,
|
|
|
|
args,
|
|
|
|
make_action_snippet(
|
|
|
|
"read_supporters",
|
|
|
|
apply="""
|
|
|
|
let supporters = ccf.kv["public:ccf.gov.testonly.supporter_points"];
|
|
|
|
let s = "Current supporter scoreboard is:\\n";
|
|
|
|
supporters.forEach((v, k) => {
|
|
|
|
s += ` Member ${ccf.bufToStr(k)} has ${ccf.bufToJsonCompatible(v)} points\\n`;
|
|
|
|
});
|
|
|
|
throw new Error(s);
|
|
|
|
""",
|
|
|
|
),
|
|
|
|
):
|
|
|
|
|
|
|
|
proposal_body, ballot = consortium.make_proposal("read_supporters")
|
|
|
|
|
|
|
|
proposal = consortium.get_any_active_member().propose(primary, proposal_body)
|
|
|
|
|
|
|
|
expected_lines = [
|
|
|
|
f"Member {booster.service_id} has 3 points",
|
|
|
|
f"Member {fairweather.service_id} has 2 points",
|
|
|
|
f"Member {turncoat.service_id} has 0 points",
|
|
|
|
]
|
|
|
|
|
|
|
|
thrown = False
|
|
|
|
try:
|
|
|
|
consortium.vote_using_majority(primary, proposal, ballot)
|
|
|
|
except infra.proposal.ProposalNotAccepted as e:
|
|
|
|
thrown = True
|
|
|
|
msg = e.response.body.json()["error"]["message"]
|
|
|
|
for line in expected_lines:
|
|
|
|
assert line in msg
|
|
|
|
assert thrown
|
|
|
|
|
|
|
|
return network
|
|
|
|
|
|
|
|
|
|
|
|
@reqs.description("Test final proposal description written to KV")
|
|
|
|
def test_ledger_governance_invariants(network, args):
|
|
|
|
node = network.nodes[0]
|
|
|
|
ledger_dirs = node.remote.ledger_paths()
|
|
|
|
|
|
|
|
ledger = ccf.ledger.Ledger(ledger_dirs)
|
|
|
|
|
|
|
|
LOG.info("Completed proposals contain final_vote for each submitted ballot")
|
|
|
|
table_name = "public:ccf.gov.proposals_info"
|
|
|
|
seen_states = set()
|
|
|
|
for transaction in ledger.transactions():
|
|
|
|
public_tables = transaction.get_public_domain().get_tables()
|
|
|
|
if table_name not in public_tables:
|
|
|
|
continue
|
|
|
|
|
|
|
|
for _, raw_proposal in public_tables[table_name].items():
|
|
|
|
if raw_proposal is None:
|
|
|
|
# This is a deletion
|
|
|
|
continue
|
|
|
|
|
|
|
|
proposal = json.loads(raw_proposal)
|
|
|
|
|
|
|
|
state = proposal["state"]
|
|
|
|
seen_states.add(state)
|
|
|
|
if state in ("Open", "Withdrawn", "Dropped"):
|
|
|
|
# This proposal contains no final_votes
|
|
|
|
continue
|
|
|
|
|
|
|
|
ballots = proposal["ballots"]
|
|
|
|
final_votes = proposal["final_votes"]
|
|
|
|
vote_failures = proposal["vote_failures"]
|
|
|
|
|
|
|
|
all_submitted = set(ballots.keys())
|
|
|
|
all_results = set.union(set(final_votes.keys()), set(vote_failures.keys()))
|
|
|
|
|
|
|
|
assert all_submitted == all_results, proposal
|
|
|
|
|
|
|
|
LOG.info("Confirm that previous tests properly stressed this behaviour")
|
|
|
|
expected = {
|
|
|
|
"Accepted",
|
|
|
|
"Dropped",
|
|
|
|
# "Failed", # This state produces an error, and is never written to the KV
|
|
|
|
"Open",
|
|
|
|
"Rejected",
|
|
|
|
"Withdrawn",
|
|
|
|
}
|
|
|
|
diff = seen_states.symmetric_difference(expected)
|
|
|
|
assert len(diff) == 0, diff
|
|
|
|
|
|
|
|
return network
|