feat: add function to update the admin

hirosystems · Jun 22, 2023 · 2654055 · 2654055
1 parent 8ad91b5
commit 2654055
Show file tree

Hide file tree

Showing 2 changed files with 100 additions and 21 deletions.
diff --git a/core-contracts/contracts/subnet.clar b/core-contracts/contracts/subnet.clar
@@ -34,6 +34,7 @@
 (define-constant ERR_IN_COMPUTATION 15)
 ;; The contract does not own this NFT to withdraw it.
 (define-constant ERR_NFT_NOT_OWNED_BY_CONTRACT 16)
+(define-constant ERR_UNAUTHORIZED 17)
 (define-constant ERR_VALIDATION_LEAF_FAILED 30)
 
 ;; Map from Stacks block height to block commit
@@ -65,16 +66,24 @@
 ;; Update the miner for this contract.
 (define-public (update-miner (new-miner principal))
     (begin
-        (asserts! (is-eq tx-sender (var-get miner)) (err ERR_INVALID_MINER))
+        (asserts! (is-admin tx-sender) (err ERR_UNAUTHORIZED))
         (ok (var-set miner new-miner))
     )
 )
 
+;; Update the admin for this contract.
+(define-public (update-admin (new-admin principal))
+    (begin
+        (asserts! (is-admin tx-sender) (err ERR_UNAUTHORIZED))
+        (ok (var-set admin new-admin))
+    )
+)
+
 ;; Register a new FT contract to be supported by this subnet.
 (define-public (register-new-ft-contract (ft-contract <ft-trait>) (l2-contract principal))
     (begin
         ;; Verify that tx-sender is an authorized admin
-        (asserts! (is-admin tx-sender) (err ERR_INVALID_MINER))
+        (asserts! (is-admin tx-sender) (err ERR_UNAUTHORIZED))
 
         ;; Set up the assets that the contract is allowed to transfer
         (asserts! (map-insert allowed-contracts (contract-of ft-contract) l2-contract)
@@ -95,7 +104,7 @@
 (define-public (register-new-nft-contract (nft-contract <nft-trait>) (l2-contract principal))
     (begin
         ;; Verify that tx-sender is an authorized admin
-        (asserts! (is-admin tx-sender) (err ERR_INVALID_MINER))
+        (asserts! (is-admin tx-sender) (err ERR_UNAUTHORIZED))
 
         ;; Set up the assets that the contract is allowed to transfer
         (asserts! (map-insert allowed-contracts (contract-of nft-contract) l2-contract)

diff --git a/core-contracts/tests/subnets/subnet_test.ts b/core-contracts/tests/subnets/subnet_test.ts
@@ -111,17 +111,8 @@ Clarinet.test({
         [types.principal(alice.address)],
         deployer.address
       ),
-      // Try to set alice as a miner again, should fail
-      Tx.contractCall(
-        SUBNET_CONTRACT,
-        "update-miner",
-        [types.principal(alice.address)],
-        deployer.address
-      ),
     ]);
     block.receipts[0].result.expectOk().expectBool(true);
-    // should return (err ERR_INVALID_MINER)
-    block.receipts[1].result.expectErr().expectInt(2);
 
     const id_header_hash1 = chain
       .callReadOnlyFn("test-helpers", "get-id-header-hash", [], alice.address)
@@ -282,7 +273,7 @@ Clarinet.test({
     ]);
     block.receipts[0].result.expectOk().expectBool(true);
 
-    // Invalid miner can't register contracts
+    // Invalid admin can't register contracts
     block = chain.mineBlock([
       Tx.contractCall(
         SUBNET_CONTRACT,
@@ -294,8 +285,8 @@ Clarinet.test({
         bob.address
       ),
     ]);
-    // should return (err ERR_INVALID_MINER)
-    block.receipts[0].result.expectErr().expectInt(2);
+    // should return (err ERR_UNAUTHORIZED)
+    block.receipts[0].result.expectErr().expectInt(17);
 
     // Deployer can set up allowed assets
     block = chain.mineBlock([
@@ -391,6 +382,85 @@ Clarinet.test({
   },
 });
 
+Clarinet.test({
+  name: "Ensure that admin can be updated successfully",
+  fn(
+    chain: Chain,
+    accounts: Map<string, Account>,
+    contracts: Map<string, Contract>
+  ) {
+    // contract deployer and default admin
+    const deployer = accounts.get("deployer")!;
+    // updated admin
+    const alice = accounts.get("wallet_1")!;
+    // invalid admin
+    const bob = accounts.get("wallet_2")!;
+
+    // contract ids
+    const simple_ft_contract = contracts.get(
+      "ST1PQHQKV0RJXZFY1DGX8MNSNYVE3VGZJSRTPGZGM.simple-ft"
+    )!;
+    const simple_nft_contract = contracts.get(
+      "ST1PQHQKV0RJXZFY1DGX8MNSNYVE3VGZJSRTPGZGM.simple-nft"
+    )!;
+    const simple_nft_no_mint_contract = contracts.get(
+      "ST1PQHQKV0RJXZFY1DGX8MNSNYVE3VGZJSRTPGZGM.simple-nft-no-mint"
+    )!;
+    const second_nft_contract = contracts.get(
+      "ST1PQHQKV0RJXZFY1DGX8MNSNYVE3VGZJSRTPGZGM.second-simple-nft"
+    )!;
+    const second_ft_contract = contracts.get(
+      "ST1PQHQKV0RJXZFY1DGX8MNSNYVE3VGZJSRTPGZGM.second-simple-ft"
+    )!;
+
+    // set alice as the admin
+    let block = chain.mineBlock([
+      Tx.contractCall(
+        SUBNET_CONTRACT,
+        "update-admin",
+        [types.principal(alice.address)],
+        deployer.address
+      ),
+    ]);
+    block.receipts[0].result.expectOk().expectBool(true);
+
+    // Invalid admin can't change the admin
+    block = chain.mineBlock([
+      Tx.contractCall(
+        SUBNET_CONTRACT,
+        "update-admin",
+        [types.principal(alice.address)],
+        deployer.address
+      ),
+    ]);
+    // should return (err ERR_UNAUTHORIZED)
+    block.receipts[0].result.expectErr().expectInt(17);
+
+    // admin can update the miner
+    block = chain.mineBlock([
+      Tx.contractCall(
+        SUBNET_CONTRACT,
+        "update-miner",
+        [types.principal(alice.address)],
+        alice.address
+      ),
+    ]);
+    block.receipts[0].result.expectOk().expectBool(true);
+
+    // Invalid admin can't update the miner
+    block = chain.mineBlock([
+      Tx.contractCall(
+        SUBNET_CONTRACT,
+        "update-miner",
+        [types.principal(bob.address)],
+        deployer.address
+      ),
+    ]);
+    // should return (err ERR_UNAUTHORIZED)
+    block.receipts[0].result.expectErr().expectInt(17);
+  },
+});
+
 Clarinet.test({
   name: "Ensure that user can deposit NFT & miner can withdraw it",
   fn(
@@ -457,7 +527,7 @@ Clarinet.test({
     // should return (err ERR_DISALLOWED_ASSET)
     block.receipts[0].result.expectErr().expectInt(5);
 
-    // Invalid miner can't register contracts
+    // Invalid admin can't register contracts
     block = chain.mineBlock([
       Tx.contractCall(
         SUBNET_CONTRACT,
@@ -469,8 +539,8 @@ Clarinet.test({
         bob.address
       ),
     ]);
-    // should return (err ERR_INVALID_MINER)
-    block.receipts[0].result.expectErr().expectInt(2);
+    // should return (err ERR_UNAUTHORIZED)
+    block.receipts[0].result.expectErr().expectInt(17);
 
     // Deployer sets up allowed assets
     block = chain.mineBlock([
@@ -1026,7 +1096,7 @@ Clarinet.test({
     // should return (err ERR_DISALLOWED_ASSET)
     block.receipts[0].result.expectErr().expectInt(5);
 
-    // Invalid miner can't register new contracts
+    // Invalid admin can't register new contracts
     block = chain.mineBlock([
       Tx.contractCall(
         SUBNET_CONTRACT,
@@ -1038,8 +1108,8 @@ Clarinet.test({
         bob.address
       ),
     ]);
-    // should return (err ERR_INVALID_MINER)
-    block.receipts[0].result.expectErr().expectInt(2);
+    // should return (err ERR_UNAUTHORIZED)
+    block.receipts[0].result.expectErr().expectInt(17);
 
     // Deployer sets up allowed assets
     block = chain.mineBlock([