Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Problem: authz module is risky #1274

Merged
merged 8 commits into from
Dec 25, 2023
Merged

Conversation

yihuang
Copy link
Collaborator

@yihuang yihuang commented Dec 22, 2023

Solution:

  • it's already disabled in mempool in v1.0.x, now remove completely in v1.1.x.

👮🏻👮🏻👮🏻 !!!! REFERENCE THE PROBLEM YOUR ARE SOLVING IN THE PR TITLE AND DESCRIBE YOUR SOLUTION HERE !!!! DO NOT FORGET !!!! 👮🏻👮🏻👮🏻

PR Checklist:

  • Have you read the CONTRIBUTING.md?
  • Does your PR follow the C4 patch requirements?
  • Have you rebased your work on top of the latest master?
  • Have you checked your code compiles? (make)
  • Have you included tests for any non-trivial functionality?
  • Have you checked your code passes the unit tests? (make test)
  • Have you checked your code formatting is correct? (go fmt)
  • Have you checked your basic code style is fine? (golangci-lint run)
  • If you added any dependencies, have you checked they do not contain any known vulnerabilities? (go list -json -m all | nancy sleuth)
  • If your changes affect the client infrastructure, have you run the integration test?
  • If your changes affect public APIs, does your PR follow the C4 evolution of public contracts?
  • If your code changes public APIs, have you incremented the crate version numbers and documented your changes in the CHANGELOG.md?
  • If you are contributing for the first time, please read the agreement in CONTRIBUTING.md now and add a comment to this pull request stating that your PR is in accordance with the Developer's Certificate of Origin.

Thank you for your code, it's appreciated! :)

Summary by CodeRabbit

  • Bug Fixes

    • Removed deprecated authorization module to streamline permissions and access controls within the app.
  • Refactor

    • Eliminated unused code related to the authorization module, enhancing app performance and maintainability.
  • Documentation

    • Updated CHANGELOG.md to reflect significant changes in authorization logic.

Solution:
- it's already disabled in mempool in v1.0.x, now remove completely in v1.1.x.
@yihuang yihuang requested a review from a team as a code owner December 22, 2023 01:55
@yihuang yihuang requested review from mmsqe and leejw51crypto and removed request for a team December 22, 2023 01:55
Copy link
Contributor

coderabbitai bot commented Dec 22, 2023

Walkthrough

The unidiff snippets indicate the complete removal of the "authz" module from the codebase, signifying a significant alteration to the logic and functionality of the application, particularly in the area related to authorization. This involves the removal of related imports, module declarations, and initializations across various files, reflecting a substantial shift in how the application handles authorization.

Changes

File Path Change Summary
CHANGELOG.md Removed authz module in PR #1274, signifying a significant alteration to the logic and functionality of the codebase related to authorization.
app/app.go Removed authz related imports, module basics, store keys, and initializations.
app/upgrades.go Added import authzkeeper and updated storeUpgrades logic to delete authz store under specific conditions.
store/rootmulti/store.go Refactored logic for processing upgrades, replacing switch statement with conditional checks on the upgrades parameter.

🐇✨
Changes abound, the authz is gone,
Code hops away, a new dawn upon.
In files, it's clear, the module's no trace,
A rabbit's cheer, for cleaner code space. 🌟📜

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

Tips

Chat with CodeRabbit Bot (@coderabbitai)

  • You can directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
  • You can tag CodeRabbit on specific lines of code or entire files in the PR by tagging @coderabbitai in a comment. Examples:
    • @coderabbitai generate unit tests for this file
    • @coderabbitai modularize this function
  • You can tag @coderabbitai in a PR comment and ask questions about the PR and the codebase. Use quoted replies to pass the context for follow-up questions. Examples:
    • @coderabbitai gather interesting statistics about this repository and render them in a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai generate unit tests for the src/utils.ts file.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • The JSON schema for the configuration file is available here.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

CHANGELOG.md Outdated Show resolved Hide resolved
Signed-off-by: yihuang <huang@crypto.com>
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between b47e5c1 and c7a2da7.
Files selected for processing (3)
  • CHANGELOG.md (1 hunks)
  • app/app.go (9 hunks)
  • app/upgrades.go (2 hunks)
Additional comments: 11
app/upgrades.go (2)
  • 12-12: The addition of the authztypes import is necessary for the removal of the authz module's store. Ensure that this import is used elsewhere in the file as intended and that there are no references to authz left that would require this import.

  • 149-158: The addition of authztypes.StoreKey to the Deleted field of storeUpgrades for both the mainnet and testnet upgrade plans is consistent with the objective of removing the authz module. Verify that the upgrade logic has been tested and that the deletion of the authz store does not affect other parts of the system unexpectedly.

CHANGELOG.md (1)
app/app.go (8)
  • 248-253: The removal of the authz module from GenModuleBasics aligns with the PR objective to remove the authz module from the codebase. Ensure that dependent modules and functionalities are not affected by this removal.

  • 278-281: The removal of authz related keys from the StoreKeys function is consistent with the PR objective. Ensure that there are no remaining references to these keys elsewhere in the codebase that could cause runtime errors.

  • 340-344: The removal of authz related keepers from the App struct is consistent with the PR objective. Ensure that there are no remaining references to these keepers or methods that were specifically used by the authz module.

  • 462-467: The removal of authz related functionality from the App struct's initialization is consistent with the PR objective. Ensure that the initialization sequence of other modules is not disrupted by this change.

  • 697-702: The removal of the authz module from the NewAppModule function calls is consistent with the PR objective. Confirm that the app module's functionality remains intact and that no other modules depend on the authz module.

  • 728-733: The removal of the authz module from the SetOrderBeginBlockers function calls is consistent with the PR objective. Ensure that the order of operations during the begin block is not negatively impacted by this change.

  • 750-755: The removal of the authz module from the SetOrderEndBlockers function calls is consistent with the PR objective. Confirm that the order of operations during the end block remains correct and that no dependencies on the authz module exist.

  • 783-788: The removal of the authz module from the SetOrderInitGenesis function calls is consistent with the PR objective. Ensure that the initialization of the genesis state for other modules is not affected by this change.

app/upgrades.go Outdated Show resolved Hide resolved
Signed-off-by: yihuang <huang@crypto.com>
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between c7a2da7 and 4835b64.
Files selected for processing (1)
  • CHANGELOG.md (1 hunks)
Files skipped from review due to trivial changes (1)
  • CHANGELOG.md

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between 4835b64 and 71e8f60.
Files selected for processing (1)
  • app/upgrades.go (2 hunks)
Files skipped from review as they are similar to previous changes (1)
  • app/upgrades.go

Copy link

codecov bot commented Dec 22, 2023

Codecov Report

Attention: 10 lines in your changes are missing coverage. Please review.

Comparison is base (345f564) 16.02% compared to head (8b0c5af) 35.77%.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main    #1274       +/-   ##
===========================================
+ Coverage   16.02%   35.77%   +19.75%     
===========================================
  Files          80      116       +36     
  Lines        6184    10663     +4479     
===========================================
+ Hits          991     3815     +2824     
- Misses       5114     6471     +1357     
- Partials       79      377      +298     
Files Coverage Δ
app/upgrades.go 38.39% <0.00%> (-3.77%) ⬇️

... and 54 files with indirect coverage changes

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between 71e8f60 and e78d2fb.
Files selected for processing (1)
  • CHANGELOG.md (1 hunks)
Files skipped from review as they are similar to previous changes (1)
  • CHANGELOG.md

@mmsqe
Copy link
Collaborator

mmsqe commented Dec 22, 2023

seems get wrong Block.Header.AppHash in upgrade test

@yihuang
Copy link
Collaborator Author

yihuang commented Dec 22, 2023

seems get wrong Block.Header.AppHash in upgrade test

yeah, maybe some inconsistency between memiavl and iavl handling deletion of store.

@yihuang yihuang requested a review from mmsqe December 25, 2023 06:14
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Status

Actionable comments generated: 1

Configuration used: CodeRabbit UI

Commits Files that changed from the base of the PR and between e78d2fb and 8b0c5af.
Files selected for processing (1)
  • store/rootmulti/store.go (2 hunks)
Additional comments: 1
store/rootmulti/store.go (1)
  • 371-373: The addition of an else block to initialize lastCommitInfo as an empty types.CommitInfo struct when the database version is 0 is a good safety measure. This ensures that lastCommitInfo is never left uninitialized, which could prevent potential nil pointer dereferences.

store/rootmulti/store.go Show resolved Hide resolved
@yihuang yihuang enabled auto-merge December 25, 2023 06:31
@yihuang yihuang added this pull request to the merge queue Dec 25, 2023
Merged via the queue into crypto-org-chain:main with commit 42f2597 Dec 25, 2023
40 of 44 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants