Skip to content

Commit

Permalink
Merge pull request #3590 from onflow/bastian/port-internal-243-244
Browse files Browse the repository at this point in the history
Allow validation of `Account.capabilities.get/borrow/publish`
  • Loading branch information
turbolent authored Sep 26, 2024
2 parents 7137ac7 + 1b790e0 commit 96e06e7
Show file tree
Hide file tree
Showing 10 changed files with 640 additions and 20 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/compatibility-check-template.yml
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ jobs:
- name: Check contracts using ${{ inputs.base-branch }}
working-directory: ./tools/compatibility-check
run: |
GOPROXY=direct go mod edit -replace github.com/onflow/cadence=github.com/${{ inputs.repo }}@${{ inputs.base-branch }}
GOPROXY=direct go mod edit -replace github.com/onflow/cadence=github.com/${{ inputs.repo }}@`git rev-parse origin/${{ inputs.base-branch }}`
go mod tidy
go run ./cmd/check_contracts/main.go ../../tmp/contracts.csv ../../tmp/output-old.txt
Expand Down
22 changes: 22 additions & 0 deletions runtime/empty.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
"github.com/onflow/cadence/runtime/ast"
"github.com/onflow/cadence/runtime/common"
"github.com/onflow/cadence/runtime/interpreter"
"github.com/onflow/cadence/runtime/sema"
)

// EmptyRuntimeInterface is an empty implementation of runtime.Interface.
Expand Down Expand Up @@ -238,3 +239,24 @@ func (EmptyRuntimeInterface) GenerateAccountID(_ common.Address) (uint64, error)
func (EmptyRuntimeInterface) RecoverProgram(_ *ast.Program, _ common.Location) ([]byte, error) {
panic("unexpected call to RecoverProgram")
}

func (EmptyRuntimeInterface) ValidateAccountCapabilitiesGet(
_ *interpreter.Interpreter,
_ interpreter.LocationRange,
_ interpreter.AddressValue,
_ interpreter.PathValue,
_ *sema.ReferenceType,
_ *sema.ReferenceType,
) (bool, error) {
panic("unexpected call to ValidateAccountCapabilitiesGet")
}

func (EmptyRuntimeInterface) ValidateAccountCapabilitiesPublish(
_ *interpreter.Interpreter,
_ interpreter.LocationRange,
_ interpreter.AddressValue,
_ interpreter.PathValue,
_ *interpreter.ReferenceStaticType,
) (bool, error) {
panic("unexpected call to ValidateAccountCapabilitiesPublish")
}
80 changes: 70 additions & 10 deletions runtime/environment.go
Original file line number Diff line number Diff line change
Expand Up @@ -185,16 +185,18 @@ func (e *interpreterEnvironment) newInterpreterConfig() *interpreter.Config {
// and disable storage validation after each value modification.
// Instead, storage is validated after commits (if validation is enabled),
// see interpreterEnvironment.CommitStorage
AtreeStorageValidationEnabled: false,
Debugger: e.config.Debugger,
OnStatement: e.newOnStatementHandler(),
OnMeterComputation: e.newOnMeterComputation(),
OnFunctionInvocation: e.newOnFunctionInvocationHandler(),
OnInvokedFunctionReturn: e.newOnInvokedFunctionReturnHandler(),
CapabilityBorrowHandler: e.newCapabilityBorrowHandler(),
CapabilityCheckHandler: e.newCapabilityCheckHandler(),
LegacyContractUpgradeEnabled: e.config.LegacyContractUpgradeEnabled,
ContractUpdateTypeRemovalEnabled: e.config.ContractUpdateTypeRemovalEnabled,
AtreeStorageValidationEnabled: false,
Debugger: e.config.Debugger,
OnStatement: e.newOnStatementHandler(),
OnMeterComputation: e.newOnMeterComputation(),
OnFunctionInvocation: e.newOnFunctionInvocationHandler(),
OnInvokedFunctionReturn: e.newOnInvokedFunctionReturnHandler(),
CapabilityBorrowHandler: e.newCapabilityBorrowHandler(),
CapabilityCheckHandler: e.newCapabilityCheckHandler(),
LegacyContractUpgradeEnabled: e.config.LegacyContractUpgradeEnabled,
ContractUpdateTypeRemovalEnabled: e.config.ContractUpdateTypeRemovalEnabled,
ValidateAccountCapabilitiesGetHandler: e.newValidateAccountCapabilitiesGetHandler(),
ValidateAccountCapabilitiesPublishHandler: e.newValidateAccountCapabilitiesPublishHandler(),
}
}

Expand Down Expand Up @@ -1397,3 +1399,61 @@ func (e *interpreterEnvironment) newCapabilityCheckHandler() interpreter.Capabil
)
}
}

func (e *interpreterEnvironment) newValidateAccountCapabilitiesGetHandler() interpreter.ValidateAccountCapabilitiesGetHandlerFunc {
return func(
inter *interpreter.Interpreter,
locationRange interpreter.LocationRange,
address interpreter.AddressValue,
path interpreter.PathValue,
wantedBorrowType *sema.ReferenceType,
capabilityBorrowType *sema.ReferenceType,
) (bool, error) {
var (
ok bool
err error
)
errors.WrapPanic(func() {
ok, err = e.runtimeInterface.ValidateAccountCapabilitiesGet(
inter,
locationRange,
address,
path,
wantedBorrowType,
capabilityBorrowType,
)
})
if err != nil {
err = interpreter.WrappedExternalError(err)
}
return ok, err
}
}

func (e *interpreterEnvironment) newValidateAccountCapabilitiesPublishHandler() interpreter.ValidateAccountCapabilitiesPublishHandlerFunc {
return func(
inter *interpreter.Interpreter,
locationRange interpreter.LocationRange,
address interpreter.AddressValue,
path interpreter.PathValue,
capabilityBorrowType *interpreter.ReferenceStaticType,
) (bool, error) {
var (
ok bool
err error
)
errors.WrapPanic(func() {
ok, err = e.runtimeInterface.ValidateAccountCapabilitiesPublish(
inter,
locationRange,
address,
path,
capabilityBorrowType,
)
})
if err != nil {
err = interpreter.WrappedExternalError(err)
}
return ok, err
}
}
16 changes: 16 additions & 0 deletions runtime/interface.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
"github.com/onflow/cadence/runtime/ast"
"github.com/onflow/cadence/runtime/common"
"github.com/onflow/cadence/runtime/interpreter"
"github.com/onflow/cadence/runtime/sema"
)

type Interface interface {
Expand Down Expand Up @@ -145,6 +146,21 @@ type Interface interface {
// GenerateAccountID generates a new, *non-zero*, unique ID for the given account.
GenerateAccountID(address common.Address) (uint64, error)
RecoverProgram(program *ast.Program, location common.Location) ([]byte, error)
ValidateAccountCapabilitiesGet(
inter *interpreter.Interpreter,
locationRange interpreter.LocationRange,
address interpreter.AddressValue,
path interpreter.PathValue,
wantedBorrowType *sema.ReferenceType,
capabilityBorrowType *sema.ReferenceType,
) (bool, error)
ValidateAccountCapabilitiesPublish(
inter *interpreter.Interpreter,
locationRange interpreter.LocationRange,
address interpreter.AddressValue,
path interpreter.PathValue,
capabilityBorrowType *interpreter.ReferenceStaticType,
) (bool, error)
}

type MeterInterface interface {
Expand Down
4 changes: 4 additions & 0 deletions runtime/interpreter/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,4 +74,8 @@ type Config struct {
LegacyContractUpgradeEnabled bool
// ContractUpdateTypeRemovalEnabled specifies if type removal is enabled in contract updates
ContractUpdateTypeRemovalEnabled bool
// ValidateAccountCapabilitiesGetHandler is used to handle when a capability of an account is got.
ValidateAccountCapabilitiesGetHandler ValidateAccountCapabilitiesGetHandlerFunc
// ValidateAccountCapabilitiesPublishHandler is used to handle when a capability of an account is got.
ValidateAccountCapabilitiesPublishHandler ValidateAccountCapabilitiesPublishHandlerFunc
}
32 changes: 32 additions & 0 deletions runtime/interpreter/errors.go
Original file line number Diff line number Diff line change
Expand Up @@ -1027,6 +1027,25 @@ func (e CapabilityAddressPublishingError) Error() string {
)
}

// EntitledCapabilityPublishingError
type EntitledCapabilityPublishingError struct {
LocationRange
BorrowType *ReferenceStaticType
Path PathValue
}

var _ errors.UserError = EntitledCapabilityPublishingError{}

func (EntitledCapabilityPublishingError) IsUserError() {}

func (e EntitledCapabilityPublishingError) Error() string {
return fmt.Sprintf(
"cannot publish capability of type `%s` to the path %s",
e.BorrowType.ID(),
e.Path.String(),
)
}

// NestedReferenceError
type NestedReferenceError struct {
Value ReferenceValue
Expand Down Expand Up @@ -1132,3 +1151,16 @@ func (ReferencedValueChangedError) IsUserError() {}
func (e ReferencedValueChangedError) Error() string {
return "referenced value has been changed after taking the reference"
}

// GetCapabilityError
type GetCapabilityError struct {
LocationRange
}

var _ errors.UserError = GetCapabilityError{}

func (GetCapabilityError) IsUserError() {}

func (e GetCapabilityError) Error() string {
return "cannot get capability"
}
19 changes: 19 additions & 0 deletions runtime/interpreter/interpreter.go
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,25 @@ type AccountHandlerFunc func(
address AddressValue,
) Value

// ValidateAccountCapabilitiesGetHandlerFunc is a function that is used to handle when a capability of an account is got.
type ValidateAccountCapabilitiesGetHandlerFunc func(
inter *Interpreter,
locationRange LocationRange,
address AddressValue,
path PathValue,
wantedBorrowType *sema.ReferenceType,
capabilityBorrowType *sema.ReferenceType,
) (bool, error)

// ValidateAccountCapabilitiesPublishHandlerFunc is a function that is used to handle when a capability of an account is got.
type ValidateAccountCapabilitiesPublishHandlerFunc func(
inter *Interpreter,
locationRange LocationRange,
address AddressValue,
path PathValue,
capabilityBorrowType *ReferenceStaticType,
) (bool, error)

// UUIDHandlerFunc is a function that handles the generation of UUIDs.
type UUIDHandlerFunc func() (uint64, error)

Expand Down
Loading

0 comments on commit 96e06e7

Please sign in to comment.