Error out on permissions config accounts-allowlist validation errors. [#7138] (#7161)

* Error out on permissions config accounts-allowlist validation errors.

Signed-off-by: krishnannarayanan <krsh24@gmail.com>

* Fixing compilation errors

Signed-off-by: krishnannarayanan <krsh24@gmail.com>

* Incorrect file check in

Signed-off-by: krishnannarayanan <krsh24@gmail.com>

---------

Signed-off-by: krishnannarayanan <krsh24@gmail.com>
pull/7179/head
krsh24 5 months ago committed by GitHub
parent e4daf6ada2
commit 9d8c191911
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
  1. 8
      ethereum/permissioning/src/main/java/org/hyperledger/besu/ethereum/permissioning/AccountLocalConfigPermissioningController.java
  2. 35
      ethereum/permissioning/src/test/java/org/hyperledger/besu/ethereum/permissioning/AccountLocalConfigPermissioningControllerTest.java

@ -84,7 +84,13 @@ public class AccountLocalConfigPermissioningController implements TransactionPer
private void readAccountsFromConfig(final LocalPermissioningConfiguration configuration) { private void readAccountsFromConfig(final LocalPermissioningConfiguration configuration) {
if (configuration != null && configuration.isAccountAllowlistEnabled()) { if (configuration != null && configuration.isAccountAllowlistEnabled()) {
if (!configuration.getAccountAllowlist().isEmpty()) { if (!configuration.getAccountAllowlist().isEmpty()) {
addAccounts(configuration.getAccountAllowlist()); AllowlistOperationResult result = addAccounts(configuration.getAccountAllowlist());
if (result != AllowlistOperationResult.SUCCESS) {
throw new IllegalStateException(
String.format(
"Error reloading permissions file. Invalid accounts allowlist, validation failed due to \"%s\"",
result));
}
} }
} }
} }

@ -17,6 +17,7 @@ package org.hyperledger.besu.ethereum.permissioning;
import static java.util.Collections.singletonList; import static java.util.Collections.singletonList;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.catchThrowable; import static org.assertj.core.api.Assertions.catchThrowable;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.doThrow; import static org.mockito.Mockito.doThrow;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
@ -108,6 +109,40 @@ public class AccountLocalConfigPermissioningControllerTest {
.containsExactly("0xfe3b557e8fb62b89f4916b721be55ceb828dbd73"); .containsExactly("0xfe3b557e8fb62b89f4916b721be55ceb828dbd73");
} }
@Test
public void whenLoadingDuplicateAccountsFromConfigShouldThrowError() {
when(permissioningConfig.isAccountAllowlistEnabled()).thenReturn(true);
when(permissioningConfig.getAccountAllowlist())
.thenReturn(
List.of(
"0xcb88953e60948e3a76fa658d65b7c2d5043c6409",
"0xdd76406b124f9e3ae9fbeb47e4d8dc0ab143902d",
"0x432132e8561785c33afe931762cf8eeb9c80e3ad",
"0xcb88953e60948e3a76fa658d65b7c2d5043c6409"));
assertThrows(
IllegalStateException.class,
() -> {
controller =
new AccountLocalConfigPermissioningController(
permissioningConfig, allowlistPersistor, metricsSystem);
});
}
@Test
public void whenLoadingInvalidAccountsFromConfigShouldThrowError() {
when(permissioningConfig.isAccountAllowlistEnabled()).thenReturn(true);
when(permissioningConfig.getAccountAllowlist()).thenReturn(List.of("0x0", "0xzxy"));
assertThrows(
IllegalStateException.class,
() -> {
controller =
new AccountLocalConfigPermissioningController(
permissioningConfig, allowlistPersistor, metricsSystem);
});
}
@Test @Test
public void whenPermConfigContainsEmptyListOfAccountsContainsShouldReturnFalse() { public void whenPermConfigContainsEmptyListOfAccountsContainsShouldReturnFalse() {
when(permissioningConfig.isAccountAllowlistEnabled()).thenReturn(true); when(permissioningConfig.isAccountAllowlistEnabled()).thenReturn(true);

Loading…
Cancel
Save