hpl_hive_control/
assertions.rs1use crate::state::{Config, ConfigValue, Global};
2
3use {
4 crate::{
5 errors::HplHiveControlError,
6 state::{Action, ActionType, DelegateAuthority, ServiceDelegation},
7 },
8 anchor_lang::prelude::*,
9};
10
11pub fn assert_authority<'info>(
12 action: Action,
13 signer_key: Pubkey,
14 authority: Pubkey,
15 delegate_authority: &Option<Account<'info, DelegateAuthority>>,
16) -> Result<()> {
17 #[cfg(feature = "debug")]
18 msg!("Checking signer authority");
19 match action.action_type {
20 ActionType::Public => Ok(()),
21 ActionType::Restricted {
22 delegations: action_delegations,
23 } => {
24 if let Some(delegate_authority) = delegate_authority {
25 for action_delegation in action_delegations {
26 for authority_delegation in &delegate_authority.delegations {
27 match (action_delegation, authority_delegation) {
28 (
29 ServiceDelegation::HiveControl {
30 permission: action_permission,
31 },
32 ServiceDelegation::HiveControl {
33 permission: authority_permission,
34 },
35 ) => {
36 #[cfg(feature = "debug")]
37 msg!("HiveControl Delegation");
38 #[cfg(feature = "debug")]
39 msg!("Action Permission: {:?}", action_permission);
40 #[cfg(feature = "debug")]
41 msg!("Authority Permission: {:?}", authority_permission);
42 if action_permission == authority_permission {
43 return Ok(());
44 }
45 continue;
46 }
47
48 (
49 ServiceDelegation::CharacterManager {
50 index: _,
51 permission: action_permission,
52 },
53 ServiceDelegation::CharacterManager {
54 index: _,
55 permission: authority_permission,
56 },
57 ) => {
58 #[cfg(feature = "debug")]
59 msg!("CharacterManager Delegation");
60 #[cfg(feature = "debug")]
61 msg!("Action Permission: {:?}", action_permission);
62 #[cfg(feature = "debug")]
63 msg!("Authority Permission: {:?}", authority_permission);
64 if action_permission == authority_permission {
65 return Ok(());
66 }
67
68 continue;
69 }
70
71 (
72 ServiceDelegation::ResourceManager {
73 permission: action_permission,
74 },
75 ServiceDelegation::ResourceManager {
76 permission: authority_permission,
77 },
78 ) => {
79 #[cfg(feature = "debug")]
80 msg!("ResourceManager Delegation");
81 #[cfg(feature = "debug")]
82 msg!("Action Permission: {:?}", action_permission);
83 #[cfg(feature = "debug")]
84 msg!("Authority Permission: {:?}", authority_permission);
85 if action_permission == authority_permission {
86 return Ok(());
87 }
88 continue;
89 }
90
91 (
92 ServiceDelegation::NectarStaking {
93 index: action_index,
94 permission: action_permission,
95 },
96 ServiceDelegation::NectarStaking {
97 index: authority_index,
98 permission: authority_permission,
99 },
100 ) => {
101 #[cfg(feature = "debug")]
102 msg!("NectarStaking Delegation");
103 #[cfg(feature = "debug")]
104 msg!("Action Permission: {:?}", action_permission);
105 #[cfg(feature = "debug")]
106 msg!("Authority Permission: {:?}", authority_permission);
107 if action_index == authority_index
108 && action_permission == authority_permission
109 {
110 return Ok(());
111 }
112 continue;
113 }
114
115 (
116 ServiceDelegation::NectarMissions {
117 index: action_index,
118 permission: action_permission,
119 },
120 ServiceDelegation::NectarMissions {
121 index: authority_index,
122 permission: authority_permission,
123 },
124 ) => {
125 #[cfg(feature = "debug")]
126 msg!("NectarMissions Delegation");
127 #[cfg(feature = "debug")]
128 msg!("Action Permission: {:?}", action_permission);
129 #[cfg(feature = "debug")]
130 msg!("Authority Permission: {:?}", authority_permission);
131 if action_index == authority_index
132 && action_permission == authority_permission
133 {
134 return Ok(());
135 }
136 continue;
137 }
138
139 (
140 ServiceDelegation::BuzzGuild {
141 index: action_index,
142 permission: action_permission,
143 },
144 ServiceDelegation::BuzzGuild {
145 index: authority_index,
146 permission: authority_permission,
147 },
148 ) => {
149 #[cfg(feature = "debug")]
150 msg!("BuzzGuild Delegation");
151 #[cfg(feature = "debug")]
152 msg!("Action Permission: {:?}", action_permission);
153 #[cfg(feature = "debug")]
154 msg!("Authority Permission: {:?}", authority_permission);
155 if action_index == authority_index
156 && action_permission == authority_permission
157 {
158 return Ok(());
159 }
160 continue;
161 }
162
163 _ => continue,
164 }
165 }
166 }
167
168 Err(HplHiveControlError::Unauthorized.into())
169 } else {
170 if authority == signer_key {
171 Ok(())
172 } else {
173 Err(HplHiveControlError::Unauthorized.into())
174 }
175 }
176 }
177 }
178}
179
180pub fn assert_program_authority(
181 program: AccountInfo,
182 program_data: AccountInfo,
183 signer_address: &Pubkey,
184) -> Result<()> {
185 let program = UpgradeableLoaderState::try_deserialize(&mut program.data.borrow().as_ref())?;
186 match program {
187 UpgradeableLoaderState::Program {
188 programdata_address,
189 } => {
190 if programdata_address.eq(program_data.key) {
191 let programdata = UpgradeableLoaderState::try_deserialize(
192 &mut program_data.data.borrow().as_ref(),
193 )?;
194 match programdata {
195 UpgradeableLoaderState::ProgramData {
196 slot: _,
197 upgrade_authority_address,
198 } => {
199 if upgrade_authority_address.is_none()
200 || upgrade_authority_address.unwrap().ne(signer_address)
201 {
202 return Err(HplHiveControlError::Unauthorized.into());
203 }
204 }
205 _ => return Err(HplHiveControlError::InvalidProgram.into()),
206 }
207 } else {
208 return Err(HplHiveControlError::InvalidProgram.into());
209 }
210 }
211 _ => return Err(HplHiveControlError::InvalidProgram.into()),
212 }
213 return Ok(());
214}
215
216pub fn assert_global_driver<'info>(
217 global: &Account<'info, Global>,
218 authority: &Signer<'info>,
219) -> Result<()> {
220 if let Some(Config::SingleValue(ConfigValue::Pubkey(pubkey))) =
221 &global.config.get(&"driver_key".to_string())
222 {
223 if authority.key.eq(pubkey) {
224 return Ok(());
225 }
226 }
227 Err(HplHiveControlError::Unauthorized.into())
228}