Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DO NOT MERGE] Disputable: Move set agreement to Kernel #599

Draft
wants to merge 3 commits into
base: next
Choose a base branch
from

Conversation

facuspagnuolo
Copy link
Contributor

@facuspagnuolo facuspagnuolo commented Jul 22, 2020

This PR moves the setAgreement security check to the Kernel, allowing us to define Agreement<>Kernel permissions instead of Agreement<>Disputable ones.

@facuspagnuolo facuspagnuolo requested review from bingen and sohkai and removed request for bingen July 22, 2020 22:05
@facuspagnuolo facuspagnuolo changed the title Disputable: Move set agreement to Kernel [DO NOT MERGE] Disputable: Move set agreement to Kernel Jul 23, 2020
@facuspagnuolo facuspagnuolo self-assigned this Jul 23, 2020
@facuspagnuolo facuspagnuolo force-pushed the move_set_agreement_to_kernel branch from fa0d40b to 595ed33 Compare July 23, 2020 16:06
Copy link
Contributor

@sohkai sohkai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few minor comments, but LGTM!

For other's sake, we decided to batch this breaking change with a few more breaking changes down the road as we otherwise cannot use the same DAOFactorys and DAO templates as before to create test organizations with Agreements.

contracts/kernel/IKernel.sol Outdated Show resolved Hide resolved
@@ -15,6 +17,8 @@ interface IKernelEvents {

// This should be an interface, but interfaces can't inherit yet :(
contract IKernel is IKernelEvents, IVaultRecoverable {
function setAgreement(IDisputable _disputableApp, IAgreement _agreement) external;

function acl() public view returns (IACL);
function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool);

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two comments:

  1. Are we able to move all the interfaces to be external?
  2. Should we use AragonApp as the type for setApp()'s app parameter? I'm debating if this interface dependency tree is worth it, but if not, then we may also want to type setAgreement() with just addresses.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was planning to discuss this as one of the things to change in the new breaking version, but yea, I'd love to polish all the interfaces we provide

test/contracts/apps/disputable/disputable_app.js Outdated Show resolved Hide resolved

const currentAgreement = await disputable.getAgreement()
assert.equal(currentAgreement, agreement, 'disputable agreement does not match')
})

it('emits an event', async () => {
const receipt = await disputable.setAgreement(agreement, { from })
const { tx } = await dao.setAgreement(disputable.address, agreement, { from })
const receipt = await web3.eth.getTransactionReceipt(tx)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh interesting, was the receipt we got as the return of dao.setAgreement() not sufficient?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For some reason, it wasn't working. I think this will be fixed when we upgrade to Truffle 5 + helpers

contracts/kernel/Kernel.sol Outdated Show resolved Hide resolved
@izqui
Copy link
Contributor

izqui commented Aug 10, 2020

As an alternative implementation, we could introduce the concept of ANY_ADDRESS for the where value in the ACL, instead of hardcoding any knowledge about agreements in the Kernel.

It would work similarly to how ANY_ADDRESS works for who, basically giving a particular address permission over a certain role in any app in the organization. With that we could grant the Agreement instance permission to execute SET_AGREEMENT in any app in the DAO.

This change in the ACL could be useful for other cases as well, such as setting permissions just once for the admin functions of an app that the DAO has multiple instances of (e.g. multiple Voting instances).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants