m/metamask-extension
1
0
Fork 0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-10-26 13:20:26 +02:00
Code
63633635ab
metamask-extension/test/unit/app/controllers/permissions/mocks.js
Mark Stacey 63633635ab
Fix order of accounts in eth_accounts response (#8342) 
* Fix order of accounts in `eth_accounts` response

The accounts returned by `eth_accounts` were in a fixed order - the
order in which the keyring returned them - rather than ordered with the
selected account first. The accounts returned by the `accountsChanged`
event were ordered with the selected account first, but the same order
wasn't used for `eth_accounts`.

We needed to store additional state in order to determine the correct
account order correctly on all dapps. We had only been storing the
current selected account, but since we also need to determine the
primary account per dapp (i.e. the last "selected" account among the
accounts exposed to that dapp), that wasn't enough.

A `lastSelected` property has been added to each identity in the
preferences controller to keep track of the last selected time. This
property is set to the current time (in milliseconds) whenever a new
selection is made. The accounts returned with `accountsChanged` and by
`eth_accounts` are both ordered by this property.

The `updatePermittedAccounts` function was merged with the internal
methods for responding to account selection, to keep things simpler. It
wasn't called externally anyway, so it wasn't needed in the public API.

* Remove caveat update upon change in selected account

The order of accounts in the caveat isn't meaningful, so the caveat
doesn't need to be updated when the accounts get re-ordered.

* Emit event regardless of account order

Now that we're no longer relying upon the caveat for the account order,
we also have no way of knowing if a particular account selection
resulted in a change in order or not. The notification is now emitted
whenever an exposed account is selected - even if the order stayed the
same.

The inpage provider currently caches the account order, so it can be
relied upon to ignore these redundant events. We were already emiting
redundant `accountsChanged` events in some cases anyway.
2020-04-16 15:20:01 -03:00

717 lines
17 KiB
JavaScript
Raw Blame History

import { ethErrors, ERROR_CODES } from 'eth-json-rpc-errors'
import deepFreeze from 'deep-freeze-strict'
import _getRestrictedMethods
from '../../../../../app/scripts/controllers/permissions/restrictedMethods'
import {
CAVEAT_NAMES,
NOTIFICATION_NAMES,
} from '../../../../../app/scripts/controllers/permissions/enums'
/**
* README
* This file contains three primary kinds of mocks:
* - Mocks for initializing a permissions controller and getting a permissions
* middleware
* - Functions for getting various mock objects consumed or produced by
* permissions controller methods
* - Immutable mock values like Ethereum accounts and expected states
*/
export const noop = () => {}
/**
* Mock Permissions Controller and Middleware
*/
const keyringAccounts = deepFreeze([
'0x0dcd5d886577d5081b0c52e242ef29e70be3e7bc',
'0xc42edfcc21ed14dda456aa0756c153f7985d8813',
'0x7ae1cdd37bcbdb0e1f491974da8022bfdbf9c2bf',
'0xcc74c7a59194e5d9268476955650d1e285be703c',
])
const getKeyringAccounts = async () => [ ...keyringAccounts ]
const getIdentities = () => {
return keyringAccounts.reduce(
(identities, address, index) => {
identities[address] = { address, name: `Account ${index}` }
return identities
},
{}
)
}
// perm controller initialization helper
const getRestrictedMethods = (permController) => {
return {
// the actual, production restricted methods
..._getRestrictedMethods(permController),
// our own dummy method for testing
'test_method': {
description: `This method is only for testing.`,
method: (req, res, __, end) => {
if (req.params[0]) {
res.result = 1
} else {
res.result = 0
}
end()
},
},
}
}
const getUnlockPromise = () => Promise.resolve()
/**
* Gets default mock constructor options for a permissions controller.
*
* @returns {Object} A PermissionsController constructor options object.
*/
export function getPermControllerOpts () {
return {
showPermissionRequest: noop,
getKeyringAccounts,
getUnlockPromise,
getRestrictedMethods,
notifyDomain: noop,
notifyAllDomains: noop,
preferences: {
getState: () => {
return {
identities: getIdentities(),
selectedAddress: keyringAccounts[0],
}
},
subscribe: noop,
},
}
}
/**
* Gets a Promise-wrapped permissions controller middleware function.
*
* @param {PermissionsController} permController - The permissions controller to get a
* middleware for.
* @param {string} origin - The origin for the middleware.
* @param {string} extensionId - The extension id for the middleware.
* @returns {Function} A Promise-wrapped middleware function with convenient default args.
*/
export function getPermissionsMiddleware (permController, origin, extensionId) {
const middleware = permController.createMiddleware({ origin, extensionId })
return (req, res = {}, next = noop, end) => {
return new Promise((resolve, reject) => {
end = end || _end
middleware(req, res, next, end)
// emulates json-rpc-engine error handling
function _end (err) {
if (err || res.error) {
reject(err || res.error)
} else {
resolve(res)
}
}
})
}
}
/**
* @param {Object} notifications - An object that will store notifications produced
* by the permissions controller.
* @returns {Function} A function passed to the permissions controller at initialization,
* for recording notifications.
*/
export const getNotifyDomain = (notifications = {}) => (origin, notification) => {
notifications[origin].push(notification)
}
/**
* @param {Object} notifications - An object that will store notifications produced
* by the permissions controller.
* @returns {Function} A function passed to the permissions controller at initialization,
* for recording notifications.
*/
export const getNotifyAllDomains = (notifications = {}) => (notification) => {
Object.keys(notifications).forEach((origin) => {
notifications[origin].push(notification)
})
}
/**
* Constants and Mock Objects
* - e.g. permissions, caveats, and permission requests
*/
const ORIGINS = {
a: 'foo.xyz',
b: 'bar.abc',
c: 'baz.def',
}
const PERM_NAMES = {
eth_accounts: 'eth_accounts',
test_method: 'test_method',
does_not_exist: 'does_not_exist',
}
const ACCOUNT_ARRAYS = {
a: [ ...keyringAccounts.slice(0, 3) ],
b: [keyringAccounts[0]],
c: [keyringAccounts[1]],
}
/**
* Helpers for getting mock caveats.
*/
const CAVEATS = {
/**
* Gets a correctly formatted eth_accounts exposedAccounts caveat.
*
* @param {Array<string>} accounts - The accounts for the caveat
* @returns {Object} An eth_accounts exposedAccounts caveats
*/
eth_accounts: (accounts) => {
return {
type: 'filterResponse',
value: accounts,
name: CAVEAT_NAMES.exposedAccounts,
}
},
}
/**
* Each function here corresponds to what would be a type or interface consumed
* by permissions controller functions if we used TypeScript.
*/
const PERMS = {
/**
* The argument to approvePermissionsRequest
* @param {string} id - The rpc-cap permissions request id.
* @param {Object} permissions - The approved permissions, request-formatted.
*/
approvedRequest: (id, permissions = {}) => {
return {
permissions: { ...permissions },
metadata: { id },
}
},
/**
* Requested permissions objects, as passed to wallet_requestPermissions.
*/
requests: {
/**
* @returns {Object} A permissions request object with eth_accounts
*/
eth_accounts: () => {
return { eth_accounts: {} }
},
/**
* @returns {Object} A permissions request object with test_method
*/
test_method: () => {
return { test_method: {} }
},
/**
* @returns {Object} A permissions request object with does_not_exist
*/
does_not_exist: () => {
return { does_not_exist: {} }
},
},
/**
* Finalized permission requests, as returned by finalizePermissionsRequest
*/
finalizedRequests: {
/**
* @param {Array<string>} accounts - The accounts for the eth_accounts permission caveat
* @returns {Object} A finalized permissions request object with eth_accounts and its caveat
*/
eth_accounts: (accounts) => {
return {
eth_accounts: {
caveats: [CAVEATS.eth_accounts(accounts)],
} }
},
/**
* @returns {Object} A finalized permissions request object with test_method
*/
test_method: () => {
return {
test_method: {},
}
},
},
/**
* Partial members of res.result for successful:
* - wallet_requestPermissions
* - wallet_getPermissions
*/
granted: {
/**
* @param {Array<string>} accounts - The accounts for the eth_accounts permission caveat
* @returns {Object} A granted permissions object with eth_accounts and its caveat
*/
eth_accounts: (accounts) => {
return {
parentCapability: PERM_NAMES.eth_accounts,
caveats: [CAVEATS.eth_accounts(accounts)],
}
},
/**
* @returns {Object} A granted permissions object with test_method
*/
test_method: () => {
return {
parentCapability: PERM_NAMES.test_method,
}
},
},
}
/**
* Objects with function values for getting correctly formatted permissions,
* caveats, errors, permissions requests etc.
*/
export const getters = deepFreeze({
CAVEATS,
PERMS,
/**
* Getters for errors by the method or workflow that throws them.
*/
ERRORS: {
validatePermittedAccounts: {
invalidParam: () => {
return {
name: 'Error',
message: 'Must provide non-empty array of account(s).',
}
},
nonKeyringAccount: (account) => {
return {
name: 'Error',
message: `Unknown account: ${account}`,
}
},
},
finalizePermissionsRequest: {
grantEthAcountsFailure: (origin) => {
return {
// name: 'EthereumRpcError',
message: `Failed to add 'eth_accounts' to '${origin}'.`,
code: ERROR_CODES.rpc.internal,
}
},
},
legacyExposeAccounts: {
badOrigin: () => {
return {
message: 'Must provide non-empty string origin.',
}
},
forbiddenUsage: () => {
return {
name: 'Error',
message: 'May not call legacyExposeAccounts on origin with exposed accounts.',
}
},
},
_handleAccountSelected: {
invalidParams: () => {
return {
name: 'Error',
message: 'Selected account should be a non-empty string.',
}
},
},
approvePermissionsRequest: {
noPermsRequested: () => {
return {
message: 'Must request at least one permission.',
}
},
},
rejectPermissionsRequest: {
rejection: () => {
return {
message: ethErrors.provider.userRejectedRequest().message,
}
},
methodNotFound: (methodName) => {
return {
message: `The method '${methodName}' does not exist / is not available.`,
}
},
},
createMiddleware: {
badOrigin: () => {
return {
message: 'Must provide non-empty string origin.',
}
},
},
rpcCap: {
unauthorized: () => {
return {
code: 4100,
}
},
},
logAccountExposure: {
invalidParams: () => {
return {
message: 'Must provide non-empty string origin and array of accounts.',
}
},
},
pendingApprovals: {
duplicateOriginOrId: (id, origin) => {
return {
message: `Pending approval with id ${id} or origin ${origin} already exists.`,
}
},
requestAlreadyPending: () => {
return {
message: 'Permissions request already pending; please wait.',
}
},
},
eth_requestAccounts: {
requestAlreadyPending: () => {
return {
message: 'Already processing eth_requestAccounts. Please wait.',
}
},
},
},
/**
* Getters for notifications produced by the permissions controller.
*/
NOTIFICATIONS: {
/**
* Gets a removed accounts notification.
*
* @returns {Object} An accountsChanged notification with an empty array as its result
*/
removedAccounts: () => {
return {
method: NOTIFICATION_NAMES.accountsChanged,
result: [],
}
},
/**
* Gets a new accounts notification.
*
* @param {Array<string>} accounts - The accounts added to the notification.
* @returns {Object} An accountsChanged notification with the given accounts as its result
*/
newAccounts: (accounts) => {
return {
method: NOTIFICATION_NAMES.accountsChanged,
result: accounts,
}
},
/**
* Gets a test notification that doesn't occur in practice.
*
* @returns {Object} A notification with the 'test_notification' method name
*/
test: () => {
return {
method: 'test_notification',
result: true,
}
},
},
/**
* Getters for mock RPC request objects.
*/
RPC_REQUESTS: {
/**
* Gets an arbitrary RPC request object.
*
* @param {string} origin - The origin of the request
* @param {string} method - The request method
* @param {Array<any>} params - The request parameters
* @param {string} [id] - The request id
* @returns {Object} An RPC request object
*/
custom: (origin, method, params = [], id) => {
const req = {
origin,
method,
params,
}
if (id !== undefined) {
req.id = id
}
return req
},
/**
* Gets an eth_accounts RPC request object.
*
* @param {string} origin - The origin of the request
* @returns {Object} An RPC request object
*/
eth_accounts: (origin) => {
return {
origin,
method: 'eth_accounts',
params: [],
}
},
/**
* Gets a test_method RPC request object.
*
* @param {string} origin - The origin of the request
* @param {boolean} param - The request param
* @returns {Object} An RPC request object
*/
test_method: (origin, param = false) => {
return {
origin,
method: 'test_method',
params: [param],
}
},
/**
* Gets an eth_requestAccounts RPC request object.
*
* @param {string} origin - The origin of the request
* @returns {Object} An RPC request object
*/
eth_requestAccounts: (origin) => {
return {
origin,
method: 'eth_requestAccounts',
params: [],
}
},
/**
* Gets a wallet_requestPermissions RPC request object,
* for a single permission.
*
* @param {string} origin - The origin of the request
* @param {string} permissionName - The name of the permission to request
* @returns {Object} An RPC request object
*/
requestPermission: (origin, permissionName) => {
return {
origin,
method: 'wallet_requestPermissions',
params: [ PERMS.requests[permissionName]() ],
}
},
/**
* Gets a wallet_requestPermissions RPC request object,
* for multiple permissions.
*
* @param {string} origin - The origin of the request
* @param {Object} permissions - A permission request object
* @returns {Object} An RPC request object
*/
requestPermissions: (origin, permissions = {}) => {
return {
origin,
method: 'wallet_requestPermissions',
params: [ permissions ],
}
},
/**
* Gets a wallet_sendDomainMetadata RPC request object.
*
* @param {string} origin - The origin of the request
* @param {Object} name - The domainMetadata name
* @param {Array<any>} [args] - Any other data for the request's domainMetadata
* @returns {Object} An RPC request object
*/
wallet_sendDomainMetadata: (origin, name, ...args) => {
return {
origin,
method: 'wallet_sendDomainMetadata',
domainMetadata: {
...args,
name,
},
}
},
},
})
/**
* Objects with immutable mock values.
*/
export const constants = deepFreeze({
ALL_ACCOUNTS: keyringAccounts,
DUMMY_ACCOUNT: '0xabc',
EXTRA_ACCOUNT: keyringAccounts[3],
REQUEST_IDS: {
a: '1',
b: '2',
c: '3',
},
ORIGINS: { ...ORIGINS },
ACCOUNT_ARRAYS: { ...ACCOUNT_ARRAYS },
PERM_NAMES: { ...PERM_NAMES },
RESTRICTED_METHODS: [
'eth_accounts',
'test_method',
],
/**
* Mock permissions history objects.
*/
EXPECTED_HISTORIES: {
case1: [
{
[ORIGINS.a]: {
[PERM_NAMES.eth_accounts]: {
lastApproved: 1,
accounts: {
[ACCOUNT_ARRAYS.a[0]]: 1,
[ACCOUNT_ARRAYS.a[1]]: 1,
[ACCOUNT_ARRAYS.a[2]]: 1,
},
},
},
},
{
[ORIGINS.a]: {
[PERM_NAMES.eth_accounts]: {
lastApproved: 2,
accounts: {
[ACCOUNT_ARRAYS.a[0]]: 2,
[ACCOUNT_ARRAYS.a[1]]: 1,
[ACCOUNT_ARRAYS.a[2]]: 1,
},
},
},
},
],
case2: [
{
[ORIGINS.a]: {
[PERM_NAMES.eth_accounts]: {
lastApproved: 1,
accounts: {},
},
},
},
],
case3: [
{
[ORIGINS.a]: {
[PERM_NAMES.test_method]: { lastApproved: 1 },
},
[ORIGINS.b]: {
[PERM_NAMES.eth_accounts]: {
lastApproved: 1,
accounts: {
[ACCOUNT_ARRAYS.b[0]]: 1,
},
},
},
[ORIGINS.c]: {
[PERM_NAMES.test_method]: { lastApproved: 1 },
[PERM_NAMES.eth_accounts]: {
lastApproved: 1,
accounts: {
[ACCOUNT_ARRAYS.c[0]]: 1,
},
},
},
},
{
[ORIGINS.a]: {
[PERM_NAMES.test_method]: { lastApproved: 2 },
},
[ORIGINS.b]: {
[PERM_NAMES.eth_accounts]: {
lastApproved: 1,
accounts: {
[ACCOUNT_ARRAYS.b[0]]: 1,
},
},
},
[ORIGINS.c]: {
[PERM_NAMES.test_method]: { lastApproved: 1 },
[PERM_NAMES.eth_accounts]: {
lastApproved: 2,
accounts: {
[ACCOUNT_ARRAYS.c[0]]: 1,
[ACCOUNT_ARRAYS.b[0]]: 2,
},
},
},
},
],
case4: [
{
[ORIGINS.a]: {
[PERM_NAMES.test_method]: {
lastApproved: 1,
},
},
},
],
},
})
View Git Blame Copy Permalink