Tests for interleaved execution and authorization (#7476)

* Add new tests to demonstrate that authorizing checking is interleaved with execution. This work is a follow up to PR #7400, and relates to issue #132 changelog_begin changelog_end * naming and other small review comments
2024-09-20 09:17:43 +03:00 · 2020-09-24 12:38:56 +01:00 · 2020-09-24 12:38:56 +01:00 · eca7c78540
commit eca7c78540
parent cfa05fa893
1 changed files with 67 additions and 0 deletions
--- a/compiler/damlc/tests/daml-test-files/AuthEvalOrder.daml
+++ b/compiler/damlc/tests/daml-test-files/AuthEvalOrder.daml
@ -0,0 +1,67 @@
+-- Copyright (c) 2020, Digital Asset (Switzerland) GmbH and/or its affiliates.
+-- All rights reserved.
+
+module AuthEvalOrder where
+
+template TheContract
+  with
+    party : Party
+  where
+    signatory party
+
+-- t1/t2 are a pair of similar tests, except t2 is badly authorized.
+-- In the well-authorized t1, execution reaches the `error` function
+-- In the badly-authorized t2, the auth failure prevent the error from being reached.
+
+-- @ERROR Aborted: t1 finished with no authorization failure
+t1_create_success = scenario do
+  ivy <- getParty "Ivy-t1"
+  submit ivy $ do
+    create (TheContract with party = ivy)
+    abort "t1 finished with no authorization failure"
+
+-- @ERROR failed due to a missing authorization from 'Ivy-t2'
+t2_create_badlyAuthorized = scenario do
+  mach <- getParty "Mach-t1"
+  ivy <- getParty "Ivy-t2"
+  submit mach $ do
+    create (TheContract with party = ivy)
+    abort "t2 Finished"
+
+template TheContractBuilder
+  with
+    p1 : Party
+    p2 : Party
+  where
+    signatory p1
+    controller p2 can
+      TheChoice : ContractId TheContract
+        with party : Party
+        do
+          create TheContract with party
+
+-- t3/t4 are a pair of similar tests, except t4 is badly authorized.
+-- It is the 2nd submit which is of interest here, where mach exercises the `builder` contract created in the first submit, to contract signed by Ivy. This is possible in t3 because `builder` is signed by Ivy, but it is not well authorized in t4.
+-- Only in the well-authorized case will execution reach the `error` function.
+
+-- @ERROR Aborted: t3 finished with no authorization failure
+t3_createViaExerice_success = scenario do
+  ivy <- getParty "Ivy-t3"
+  mach <- getParty "Mach-t3"
+  builder <-
+    submit ivy $ do
+      create (TheContractBuilder with p1 = ivy; p2 = mach)
+  submit mach $ do
+    exercise builder TheChoice with party = ivy
+    abort "t3 finished with no authorization failure"
+
+-- @ERROR failed due to a missing authorization from 'Ivy-t4'
+t4_createViaExerice_badlyAuthorized = scenario do
+  ivy <- getParty "Ivy-t4"
+  mach <- getParty "Mach-t4"
+  builder <-
+    submit mach $ do
+      create (TheContractBuilder with p1 = mach; p2 = mach)
+  submit mach $ do
+    exercise builder TheChoice with party = ivy
+    abort "t4 finished with no authorization failure"