fix(dpp): report main control group authorization#4000
Conversation
…oup change item authorized_action_takers_for_configuration_item returned NoOne for MainControlGroup(_) regardless of configuration, so UnauthorizedTokenActionError reported NoOne even when main_control_group_can_be_modified allowed the change, making misconfigured contracts look like group mutation was broken. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Covers the config-update path where main_control_group_can_be_modified is Group(0): the proposer alone does not apply the change, and the second group signature completes it. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
📝 WalkthroughWalkthroughThis change modifies ChangesMainControlGroup authorized action takers
Estimated code review effort: 2 (Simple) | ~10 minutes Sequence Diagram(s)sequenceDiagram
participant Proposer
participant GroupMember
participant StateTransitionValidator
participant TokenConfiguration
Proposer->>StateTransitionValidator: Propose main control group update
StateTransitionValidator->>TokenConfiguration: Check accumulated group power
TokenConfiguration-->>StateTransitionValidator: main_control_group remains None
GroupMember->>StateTransitionValidator: Submit corresponding update action
StateTransitionValidator->>TokenConfiguration: Recheck accumulated group power
TokenConfiguration-->>StateTransitionValidator: main_control_group set to Some(0)
Related PRs: None identified. Suggested labels: rust, tests, tokens Suggested reviewers: None identified. 🐰 A rabbit hops through control group gates, 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
@coderabbitai review |
✅ Action performedReview finished.
|
Issue being fixed or feature implemented
TokenConfigurationChangeItem::MainControlGroupis authorized by the token fieldmain_control_group_can_be_modified.The validation gate already used that field correctly. This PR does not change who is allowed to update a token main control group, and it does not make contract group membership mutable.
The bug was in the helper used to describe an unauthorized token config update. For
MainControlGroup,authorized_action_takers_for_configuration_itemalways returnedNoOne, even whenmain_control_group_can_be_modifiedwas configured asContractOwner,MainGroup,Group(0), or a specific identity. That made failures look like the action was impossible for everyone, when the real rule could be something else.In simpler terms, this changes an incorrect error/reporting answer from:
to the configured rule, for example:
It is a consensus error/reporting correctness fix, not a validation-rule change.
What was done?
authorized_action_takers_for_configuration_item(MainControlGroup(_))to returnmain_control_group_can_be_modifiedinstead of hardcodedNoOne.NoOne.MainControlGroup.Regression coverage
The main regression test is:
It proves that when
main_control_group_can_be_modifiedis configured, the helper reports that configured authority instead ofNoOne.The supporting integration test is:
It proves the existing validation behavior still works for a correctly configured token: one group member proposes the main-control-group update, the change is not applied with only 1/2 power, and the second group member completes the action.
How Has This Been Tested?
Local tests run from
fix/main-control-group-authorized-takers:Both passed.
Also ran a local pre-PR code review against
upstream/v4.1-dev..HEAD; no significant issues found.Breaking Changes
None.
Checklist:
For repository code-owners and collaborators only