Client: Permissions: can "brick" your organization by creating permissions for invalid app

Created on 20 Jan 2019  Â·  1Comment  Â·  Source: aragon/client

Describe the bug
If you use dao acl create and specify a non-app entity (e.g. a minime token as opposed to a token-manager instance) it will add the permission even if the entity does not have the role. After this happens though no further actions can be taken including removing the invalid permissions:

luke at beehive in ~/repos/aragon/1hive
$ dao --environment aragon:rinkeby acl create 0x61054DB91BcA13EFa3F51585958B5228a41591D9 0x56ca3DB6958e5510ed6440A0926BFbD57a55368a MINT_ROLE 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e
 ✔ Generating transaction
 ✔ Sending transaction
 ✔ Successfully executed: "Create a new permission granting 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e the ability to perform actions of role 'Mint tokens' on 0x56ca3DB6958e5510ed6440A0926BFbD57a55368a (setting 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e as the permission manager)"
$ dao --environment aragon:rinkeby acl revoke 0x61054DB91BcA13EFa3F51585958B5228a41591D9 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e MINT_ROLE 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e
 â ¸ Generating transaction
   → Fetching DAO at 0x61054DB91BcA13EFa3F51585958B5228a41591D9...
   Sending transaction
/Users/luke/repos/aragon/aragon-cli/node_modules/rxjs/util/subscribeToResult.js:43
            root_1.root.setTimeout(function () { throw err; });
                                                 ^

Error: No method named getCode on 0x56ca3db6958e5510ed6440a0926bfbd57a55368a
    at Proxy.call (/Users/luke/repos/aragon/aragon-cli/node_modules/@aragon/wrapper/dist/core/proxy/index.js:2:501)
    at Promise.all.appProxy.call.catch (/Users/luke/repos/aragon/aragon-cli/node_modules/@aragon/wrapper/dist/index.js:119:2)
    at <anonymous>
$ dao --environment aragon:rinkeby acl remove-manager 0x61054DB91BcA13EFa3F51585958B5228a41591D9 0x590e1aC49666ec8024dC0C6620Eed6916a18F27e MINT_ROLE
 â ¼ Generating transaction
   → Fetching DAO at 0x61054DB91BcA13EFa3F51585958B5228a41591D9...
   Sending transaction
/Users/luke/repos/aragon/aragon-cli/node_modules/rxjs/util/subscribeToResult.js:43
            root_1.root.setTimeout(function () { throw err; });
                                                 ^

Error: No method named getCode on 0x56ca3db6958e5510ed6440a0926bfbd57a55368a
    at Proxy.call (/Users/luke/repos/aragon/aragon-cli/node_modules/@aragon/wrapper/dist/core/proxy/index.js:2:501)
    at Promise.all.appProxy.call.catch (/Users/luke/repos/aragon/aragon-cli/node_modules/@aragon/wrapper/dist/index.js:119:2)
    at <anonymous>

Mainnet or testnet?
testnet

Organization
https://rinkeby.aragon.org/#/0x61054DB91BcA13EFa3F51585958B5228a41591D9

To Reproduce
Steps to reproduce the behavior:

  1. create a minime token dao token new [name] [symbol]
  2. create a permission using the minime entity dao acl create [dao] [token-address] ROLE_NAME [address] [address]

Expected behavior
If possible CLI should validate that the entity is valid (has role, has getcode function), or if not possible provide an option to forcible remove invalid permissions after they have been added without needing to call getcode.

Screenshots
image

Desktop (please complete the following information):

  • OS and OS version: OS X
  • Browser and browser version: Chrome

Additional context
Add any other context about the problem here.

bug request discussion

Most helpful comment

Not quite sure what the best course of action for the frontend would be with invalid apps.

Perhaps we can try to detect that the "app" you've installed isn't actually an app (checking app.kernel() and app.appId() are more robust than app.implementation() or the older app.getCode()) and flag it with a marker in the Permissions UI?

>All comments

Not quite sure what the best course of action for the frontend would be with invalid apps.

Perhaps we can try to detect that the "app" you've installed isn't actually an app (checking app.kernel() and app.appId() are more robust than app.implementation() or the older app.getCode()) and flag it with a marker in the Permissions UI?

Was this page helpful?
0 / 5 - 0 ratings

Related issues

john-light picture john-light  Â·  3Comments

john-light picture john-light  Â·  3Comments

sohkai picture sohkai  Â·  3Comments

ricburton picture ricburton  Â·  3Comments

john-light picture john-light  Â·  4Comments