mirror of
https://github.com/XRPLF/rippled.git
synced 2025-11-20 02:55:50 +00:00
Remove tecINVALID_DOMAIN error code
Also remove superflous checks in CredentialHelpers
This commit is contained in:
Bronek Kozicki
@@ -346,8 +346,7 @@ enum TECcodes : TERUnderlyingType {
|
|||||||
tecBAD_CREDENTIALS = 193,
|
tecBAD_CREDENTIALS = 193,
|
||||||
tecWRONG_ASSET = 194,
|
tecWRONG_ASSET = 194,
|
||||||
tecLIMIT_EXCEEDED = 195,
|
tecLIMIT_EXCEEDED = 195,
|
||||||
tecINVALID_DOMAIN = 196,
|
tecPSEUDO_ACCOUNT = 196,
|
||||||
tecPSEUDO_ACCOUNT = 197,
|
|
||||||
};
|
};
|
||||||
|
|
||||||
//------------------------------------------------------------------------------
|
//------------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -125,7 +125,6 @@ transResults()
|
|||||||
MAKE_ERROR(tecBAD_CREDENTIALS, "Bad credentials."),
|
MAKE_ERROR(tecBAD_CREDENTIALS, "Bad credentials."),
|
||||||
MAKE_ERROR(tecWRONG_ASSET, "Wrong asset given."),
|
MAKE_ERROR(tecWRONG_ASSET, "Wrong asset given."),
|
||||||
MAKE_ERROR(tecLIMIT_EXCEEDED, "Limit exceeded."),
|
MAKE_ERROR(tecLIMIT_EXCEEDED, "Limit exceeded."),
|
||||||
MAKE_ERROR(tecINVALID_DOMAIN, "Invalid permissioned domain."),
|
|
||||||
MAKE_ERROR(tecPSEUDO_ACCOUNT, "This operation is not allowed against a pseudo-account."),
|
MAKE_ERROR(tecPSEUDO_ACCOUNT, "This operation is not allowed against a pseudo-account."),
|
||||||
|
|
||||||
MAKE_ERROR(tefALREADY, "The exact transaction was already in this ledger."),
|
MAKE_ERROR(tefALREADY, "The exact transaction was already in this ledger."),
|
||||||
|
|||||||
@@ -179,10 +179,10 @@ class Vault_test : public beast::unit_test::suite
|
|||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
testcase(prefix + " fail to set nonexistent domain");
|
testcase(prefix + " fail to set domain on public vault");
|
||||||
auto tx = vault.set({.owner = owner, .id = keylet.key});
|
auto tx = vault.set({.owner = owner, .id = keylet.key});
|
||||||
tx[sfDomainID] = to_string(base_uint<256>(42ul));
|
tx[sfDomainID] = to_string(base_uint<256>(42ul));
|
||||||
env(tx, ter(tecINVALID_DOMAIN));
|
env(tx, ter{tecNO_PERMISSION});
|
||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
@@ -837,6 +837,13 @@ class Vault_test : public beast::unit_test::suite
|
|||||||
env(tx, ter{tecNO_AUTH});
|
env(tx, ter{tecNO_AUTH});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
testcase("private vault cannot set non-existing domain");
|
||||||
|
auto tx = vault.set({.owner = owner, .id = keylet.key});
|
||||||
|
tx[sfDomainID] = to_string(base_uint<256>(42ul));
|
||||||
|
env(tx, ter{tecOBJECT_NOT_FOUND});
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
testcase("private vault set domainId");
|
testcase("private vault set domainId");
|
||||||
|
|
||||||
|
|||||||
@@ -20,6 +20,7 @@
|
|||||||
#include <xrpld/app/misc/CredentialHelpers.h>
|
#include <xrpld/app/misc/CredentialHelpers.h>
|
||||||
#include <xrpld/ledger/View.h>
|
#include <xrpld/ledger/View.h>
|
||||||
|
|
||||||
|
#include <xrpl/protocol/TER.h>
|
||||||
#include <xrpl/protocol/digest.h>
|
#include <xrpl/protocol/digest.h>
|
||||||
|
|
||||||
#include <unordered_set>
|
#include <unordered_set>
|
||||||
@@ -190,17 +191,12 @@ validDomain(ReadView const& view, uint256 domainID, AccountID const& subject)
|
|||||||
// Note, permissioned domain objects can be deleted at any time
|
// Note, permissioned domain objects can be deleted at any time
|
||||||
auto const slePD = view.read(keylet::permissionedDomain(domainID));
|
auto const slePD = view.read(keylet::permissionedDomain(domainID));
|
||||||
if (!slePD)
|
if (!slePD)
|
||||||
return tecINVALID_DOMAIN;
|
return tecOBJECT_NOT_FOUND;
|
||||||
else if (!slePD->isFieldPresent(sfAcceptedCredentials))
|
|
||||||
return tefINTERNAL;
|
|
||||||
|
|
||||||
auto const closeTime = view.info().parentCloseTime;
|
auto const closeTime = view.info().parentCloseTime;
|
||||||
bool foundExpired = false;
|
bool foundExpired = false;
|
||||||
for (auto const& h : slePD->getFieldArray(sfAcceptedCredentials))
|
for (auto const& h : slePD->getFieldArray(sfAcceptedCredentials))
|
||||||
{
|
{
|
||||||
if (!h.isFieldPresent(sfIssuer) || !h.isFieldPresent(sfCredentialType))
|
|
||||||
return tefINTERNAL;
|
|
||||||
|
|
||||||
auto const issuer = h.getAccountID(sfIssuer);
|
auto const issuer = h.getAccountID(sfIssuer);
|
||||||
auto const type = h.getFieldVL(sfCredentialType);
|
auto const type = h.getFieldVL(sfCredentialType);
|
||||||
auto const keyletCredential =
|
auto const keyletCredential =
|
||||||
@@ -324,17 +320,14 @@ verifyValidDomain(
|
|||||||
beast::Journal j)
|
beast::Journal j)
|
||||||
{
|
{
|
||||||
auto const slePD = view.read(keylet::permissionedDomain(domainID));
|
auto const slePD = view.read(keylet::permissionedDomain(domainID));
|
||||||
if (!slePD || !slePD->isFieldPresent(sfAcceptedCredentials))
|
if (!slePD)
|
||||||
return tefINTERNAL;
|
return tecOBJECT_NOT_FOUND;
|
||||||
|
|
||||||
// Collect all matching credentials on a side, so we can remove expired ones
|
// Collect all matching credentials on a side, so we can remove expired ones
|
||||||
// We may finish the loop with this collection empty, it's fine.
|
// We may finish the loop with this collection empty, it's fine.
|
||||||
STVector256 credentials;
|
STVector256 credentials;
|
||||||
for (auto const& h : slePD->getFieldArray(sfAcceptedCredentials))
|
for (auto const& h : slePD->getFieldArray(sfAcceptedCredentials))
|
||||||
{
|
{
|
||||||
if (!h.isFieldPresent(sfIssuer) || !h.isFieldPresent(sfCredentialType))
|
|
||||||
return tefINTERNAL;
|
|
||||||
|
|
||||||
auto const issuer = h.getAccountID(sfIssuer);
|
auto const issuer = h.getAccountID(sfIssuer);
|
||||||
auto const type = h.getFieldVL(sfCredentialType);
|
auto const type = h.getFieldVL(sfCredentialType);
|
||||||
auto const keyletCredential =
|
auto const keyletCredential =
|
||||||
|
|||||||
@@ -95,12 +95,12 @@ VaultSet::preclaim(PreclaimContext const& ctx)
|
|||||||
{
|
{
|
||||||
// We can only set domain if private flag was originally set
|
// We can only set domain if private flag was originally set
|
||||||
if ((vault->getFlags() & tfVaultPrivate) == 0)
|
if ((vault->getFlags() & tfVaultPrivate) == 0)
|
||||||
return tecINVALID_DOMAIN;
|
return tecNO_PERMISSION;
|
||||||
|
|
||||||
auto const sleDomain =
|
auto const sleDomain =
|
||||||
ctx.view.read(keylet::permissionedDomain(*domain));
|
ctx.view.read(keylet::permissionedDomain(*domain));
|
||||||
if (!sleDomain)
|
if (!sleDomain)
|
||||||
return tecNO_ENTRY;
|
return tecOBJECT_NOT_FOUND;
|
||||||
|
|
||||||
// Sanity check only, this should be enforced by VaultCreate
|
// Sanity check only, this should be enforced by VaultCreate
|
||||||
if ((sleIssuance->getFlags() & lsfMPTRequireAuth) == 0)
|
if ((sleIssuance->getFlags() & lsfMPTRequireAuth) == 0)
|
||||||
|
|||||||
@@ -2238,7 +2238,7 @@ requireAuth(
|
|||||||
return tesSUCCESS;
|
return tesSUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
// err = tefINTERNAL | tecINVALID_DOMAIN | tecNO_AUTH | tecEXPIRED
|
// err = tefINTERNAL | tecOBJECT_NOT_FOUND | tecNO_AUTH | tecEXPIRED
|
||||||
if (auto const err =
|
if (auto const err =
|
||||||
credentials::validDomain(view, *maybeDomainID, account);
|
credentials::validDomain(view, *maybeDomainID, account);
|
||||||
!isTesSuccess(err))
|
!isTesSuccess(err))
|
||||||
|
|||||||
Reference in New Issue
Block a user