diff --git a/integration-tests/emulated/tests/people/people-polkadot/src/tests/governance.rs b/integration-tests/emulated/tests/people/people-polkadot/src/tests/governance.rs index ced5a3f3d4..23286e2892 100644 --- a/integration-tests/emulated/tests/people/people-polkadot/src/tests/governance.rs +++ b/integration-tests/emulated/tests/people/people-polkadot/src/tests/governance.rs @@ -16,7 +16,7 @@ use crate::*; use emulated_integration_tests_common::accounts::{ALICE, BOB}; -use frame_support::sp_runtime::traits::Dispatchable; +use frame_support::{sp_runtime::traits::Dispatchable, traits::ProcessMessageError}; use people_polkadot_runtime::people::IdentityInfo; use polkadot_runtime::governance::pallet_custom_origins::Origin::GeneralAdmin as GeneralAdminOrigin; @@ -78,6 +78,60 @@ fn relay_commands_add_registrar() { } } +#[test] +fn relay_commands_add_registrar_wrong_origin() { + let people_polkadot_alice = PeoplePolkadot::account_id_of(ALICE); + + let (origin_kind, origin) = + (OriginKind::SovereignAccount, ::RuntimeOrigin::signed(people_polkadot_alice)); + + let registrar: AccountId = [1; 32].into(); + Polkadot::execute_with(|| { + type Runtime = ::Runtime; + type RuntimeCall = ::RuntimeCall; + type RuntimeEvent = ::RuntimeEvent; + type PeopleCall = ::RuntimeCall; + type PeopleRuntime = ::Runtime; + + let add_registrar_call = + PeopleCall::Identity(pallet_identity::Call::::add_registrar { + account: registrar.into(), + }); + + let xcm_message = RuntimeCall::XcmPallet(pallet_xcm::Call::::send { + dest: bx!(VersionedLocation::from(Location::new(0, [Parachain(1004)]))), + message: bx!(VersionedXcm::from(Xcm(vec![ + UnpaidExecution { weight_limit: Unlimited, check_origin: None }, + Transact { + origin_kind, + require_weight_at_most: Weight::from_parts(5_000_000_000, 500_000), + call: add_registrar_call.encode().into(), + } + ]))), + }); + + assert_ok!(xcm_message.dispatch(origin)); + + assert_expected_events!( + Polkadot, + vec![ + RuntimeEvent::XcmPallet(pallet_xcm::Event::Sent { .. }) => {}, + ] + ); + }); + + PeoplePolkadot::execute_with(|| { + type RuntimeEvent = ::RuntimeEvent; + + assert_expected_events!( + PeoplePolkadot, + vec![ + RuntimeEvent::MessageQueue(pallet_message_queue::Event::ProcessingFailed { error: ProcessMessageError::Unsupported, .. }) => {}, + ] + ); + }); +} + #[test] fn relay_commands_kill_identity() { // To kill an identity, first one must be set @@ -162,6 +216,59 @@ fn relay_commands_kill_identity() { }); } +#[test] +fn relay_commands_kill_identity_wrong_origin() { + let people_polkadot_alice = PeoplePolkadot::account_id_of(BOB); + + let (origin_kind, origin) = + (OriginKind::SovereignAccount, ::RuntimeOrigin::signed(people_polkadot_alice)); + + Polkadot::execute_with(|| { + type Runtime = ::Runtime; + type RuntimeCall = ::RuntimeCall; + type PeopleCall = ::RuntimeCall; + type RuntimeEvent = ::RuntimeEvent; + type PeopleRuntime = ::Runtime; + + let kill_identity_call = + PeopleCall::Identity(pallet_identity::Call::::kill_identity { + target: people_polkadot_runtime::MultiAddress::Id(PeoplePolkadot::account_id_of(ALICE)), + }); + + let xcm_message = RuntimeCall::XcmPallet(pallet_xcm::Call::::send { + dest: bx!(VersionedLocation::from(Location::new(0, [Parachain(1004)]))), + message: bx!(VersionedXcm::from(Xcm(vec![ + UnpaidExecution { weight_limit: Unlimited, check_origin: None }, + Transact { + origin_kind, + require_weight_at_most: Weight::from_parts(11_000_000_000, 500_000), + call: kill_identity_call.encode().into(), + } + ]))), + }); + + assert_ok!(xcm_message.dispatch(origin)); + + assert_expected_events!( + Polkadot, + vec![ + RuntimeEvent::XcmPallet(pallet_xcm::Event::Sent { .. }) => {}, + ] + ); + }); + + PeoplePolkadot::execute_with(|| { + type RuntimeEvent = ::RuntimeEvent; + + assert_expected_events!( + PeoplePolkadot, + vec![ + RuntimeEvent::MessageQueue(pallet_message_queue::Event::ProcessingFailed { error: ProcessMessageError::Unsupported, .. }) => {}, + ] + ); + }); +} + #[test] fn relay_commands_add_remove_username_authority() { let people_polkadot_alice = PeoplePolkadot::account_id_of(ALICE); @@ -311,3 +418,110 @@ fn relay_commands_add_remove_username_authority() { }); } } + +#[test] +fn relay_commands_add_remove_username_authority_wrong_origin() { + let people_polkadot_alice = PeoplePolkadot::account_id_of(ALICE); + + let (origin_kind, origin) = + (OriginKind::SovereignAccount, ::RuntimeOrigin::signed(people_polkadot_alice.clone())); + + Polkadot::execute_with(|| { + type Runtime = ::Runtime; + type RuntimeCall = ::RuntimeCall; + type RuntimeEvent = ::RuntimeEvent; + type PeopleCall = ::RuntimeCall; + type PeopleRuntime = ::Runtime; + + let add_username_authority = PeopleCall::Identity(pallet_identity::Call::< + PeopleRuntime, + >::add_username_authority { + authority: people_polkadot_runtime::MultiAddress::Id(people_polkadot_alice.clone()), + suffix: b"suffix1".into(), + allocation: 10, + }); + + let add_authority_xcm_msg = RuntimeCall::XcmPallet(pallet_xcm::Call::::send { + dest: bx!(VersionedLocation::from(Location::new(0, [Parachain(1004)]))), + message: bx!(VersionedXcm::from(Xcm(vec![ + UnpaidExecution { weight_limit: Unlimited, check_origin: None }, + Transact { + origin_kind, + require_weight_at_most: Weight::from_parts(500_000_000, 500_000), + call: add_username_authority.encode().into(), + } + ]))), + }); + + assert_ok!(add_authority_xcm_msg.dispatch(origin)); + + assert_expected_events!( + Polkadot, + vec![ + RuntimeEvent::XcmPallet(pallet_xcm::Event::Sent { .. }) => {}, + ] + ); + }); + + // Check events system-parachain-side + PeoplePolkadot::execute_with(|| { + type RuntimeEvent = ::RuntimeEvent; + + assert_expected_events!( + PeoplePolkadot, + vec![ + RuntimeEvent::MessageQueue(pallet_message_queue::Event::ProcessingFailed { error: ProcessMessageError::Unsupported, .. }) => {}, + ] + ); + }); + + // I mistakenly assumed that to test the removal of an authority would need one to exist. + // However, since the origin check is the very first extrinsic in `remove_username_authority`, + // an authority need not exist to test the safety of the origin check. + Polkadot::execute_with(|| { + type Runtime = ::Runtime; + type RuntimeCall = ::RuntimeCall; + type RuntimeEvent = ::RuntimeEvent; + type PeopleCall = ::RuntimeCall; + type PeopleRuntime = ::Runtime; + + let remove_username_authority = PeopleCall::Identity(pallet_identity::Call::< + PeopleRuntime, + >::remove_username_authority { + authority: people_polkadot_runtime::MultiAddress::Id(people_polkadot_alice.clone()), + }); + + let remove_authority_xcm_msg = + RuntimeCall::XcmPallet(pallet_xcm::Call::::send { + dest: bx!(VersionedLocation::from(Location::new(0, [Parachain(1004)]))), + message: bx!(VersionedXcm::from(Xcm(vec![ + UnpaidExecution { weight_limit: Unlimited, check_origin: None }, + Transact { + origin_kind: OriginKind::SovereignAccount, + require_weight_at_most: Weight::from_parts(500_000_000, 500_000), + call: remove_username_authority.encode().into(), + } + ]))), + }); + + assert_ok!(remove_authority_xcm_msg.dispatch(::RuntimeOrigin::signed(people_polkadot_alice))); + + assert_expected_events!( + Polkadot, + vec![ + RuntimeEvent::XcmPallet(pallet_xcm::Event::Sent { .. }) => {}, + ] + ); + }); + + PeoplePolkadot::execute_with(|| { + type RuntimeEvent = ::RuntimeEvent; + + assert_expected_events!( + PeoplePolkadot, + vec![ + RuntimeEvent::MessageQueue(pallet_message_queue::Event::ProcessingFailed { error: ProcessMessageError::Unsupported, .. }) => {}, + ] + ); + }); +}