mirror of
https://github.com/pezkuwichain/pezkuwi-subxt.git
synced 2026-07-19 20:25:40 +00:00
[NFTs] Rework permissions model (#13482)
* Disallow admin to transfer or burn items he doesn't own * lock_collection should be accessible by collection's owner only * Allow admin to access lock_item_properties() * Fix do_lock_item_properties * Move update_mint_settings() to Issuer * Rename check_owner to check_origin * Typo * Make admin to be in charge of managing the metadata * Make admin the main attributes manager * offchain mint should be signed by Issuer * Remove the special case when the Issuer calls the mint() function * Rework burn and destroy methods * Return back item_metadatas * Don't repatriate the deposit on transfer * A bit more tests * One more test * Add migration * Chore * Clippy * Rename to owned_item * Address comments * Replace .filter_map with .find_map * Improve version validation in pre_upgrade() * ".git/.scripts/commands/bench/bench.sh" pallet dev pallet_nfts --------- Co-authored-by: parity-processbot <>
This commit is contained in:
@@ -21,13 +21,20 @@ use frame_support::pallet_prelude::*;
|
||||
impl<T: Config<I>, I: 'static> Pallet<T, I> {
|
||||
/// Note: if `maybe_depositor` is None, that means the depositor will be a collection's owner
|
||||
pub(crate) fn do_set_item_metadata(
|
||||
maybe_check_owner: Option<T::AccountId>,
|
||||
maybe_check_origin: Option<T::AccountId>,
|
||||
collection: T::CollectionId,
|
||||
item: T::ItemId,
|
||||
data: BoundedVec<u8, T::StringLimit>,
|
||||
maybe_depositor: Option<T::AccountId>,
|
||||
) -> DispatchResult {
|
||||
let is_root = maybe_check_owner.is_none();
|
||||
if let Some(check_origin) = &maybe_check_origin {
|
||||
ensure!(
|
||||
Self::has_role(&collection, &check_origin, CollectionRole::Admin),
|
||||
Error::<T, I>::NoPermission
|
||||
);
|
||||
}
|
||||
|
||||
let is_root = maybe_check_origin.is_none();
|
||||
let mut collection_details =
|
||||
Collection::<T, I>::get(&collection).ok_or(Error::<T, I>::UnknownCollection)?;
|
||||
|
||||
@@ -37,10 +44,6 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
|
||||
Error::<T, I>::LockedItemMetadata
|
||||
);
|
||||
|
||||
if let Some(check_owner) = &maybe_check_owner {
|
||||
ensure!(check_owner == &collection_details.owner, Error::<T, I>::NoPermission);
|
||||
}
|
||||
|
||||
let collection_config = Self::get_collection_config(&collection)?;
|
||||
|
||||
ItemMetadataOf::<T, I>::try_mutate_exists(collection, item, |metadata| {
|
||||
@@ -89,22 +92,26 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
|
||||
}
|
||||
|
||||
pub(crate) fn do_clear_item_metadata(
|
||||
maybe_check_owner: Option<T::AccountId>,
|
||||
maybe_check_origin: Option<T::AccountId>,
|
||||
collection: T::CollectionId,
|
||||
item: T::ItemId,
|
||||
) -> DispatchResult {
|
||||
let is_root = maybe_check_owner.is_none();
|
||||
if let Some(check_origin) = &maybe_check_origin {
|
||||
ensure!(
|
||||
Self::has_role(&collection, &check_origin, CollectionRole::Admin),
|
||||
Error::<T, I>::NoPermission
|
||||
);
|
||||
}
|
||||
|
||||
let is_root = maybe_check_origin.is_none();
|
||||
let metadata = ItemMetadataOf::<T, I>::take(collection, item)
|
||||
.ok_or(Error::<T, I>::MetadataNotFound)?;
|
||||
let mut collection_details =
|
||||
Collection::<T, I>::get(&collection).ok_or(Error::<T, I>::UnknownCollection)?;
|
||||
|
||||
let depositor_account =
|
||||
metadata.deposit.account.unwrap_or(collection_details.owner.clone());
|
||||
|
||||
if let Some(check_owner) = &maybe_check_owner {
|
||||
ensure!(check_owner == &collection_details.owner, Error::<T, I>::NoPermission);
|
||||
}
|
||||
|
||||
// NOTE: if the item was previously burned, the ItemConfigOf record might not exist
|
||||
let is_locked = Self::get_item_config(&collection, &item)
|
||||
.map_or(false, |c| c.has_disabled_setting(ItemSetting::UnlockedMetadata));
|
||||
@@ -125,29 +132,32 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
|
||||
}
|
||||
|
||||
pub(crate) fn do_set_collection_metadata(
|
||||
maybe_check_owner: Option<T::AccountId>,
|
||||
maybe_check_origin: Option<T::AccountId>,
|
||||
collection: T::CollectionId,
|
||||
data: BoundedVec<u8, T::StringLimit>,
|
||||
) -> DispatchResult {
|
||||
if let Some(check_origin) = &maybe_check_origin {
|
||||
ensure!(
|
||||
Self::has_role(&collection, &check_origin, CollectionRole::Admin),
|
||||
Error::<T, I>::NoPermission
|
||||
);
|
||||
}
|
||||
|
||||
let is_root = maybe_check_origin.is_none();
|
||||
let collection_config = Self::get_collection_config(&collection)?;
|
||||
ensure!(
|
||||
maybe_check_owner.is_none() ||
|
||||
collection_config.is_setting_enabled(CollectionSetting::UnlockedMetadata),
|
||||
is_root || collection_config.is_setting_enabled(CollectionSetting::UnlockedMetadata),
|
||||
Error::<T, I>::LockedCollectionMetadata
|
||||
);
|
||||
|
||||
let mut details =
|
||||
Collection::<T, I>::get(&collection).ok_or(Error::<T, I>::UnknownCollection)?;
|
||||
if let Some(check_owner) = &maybe_check_owner {
|
||||
ensure!(check_owner == &details.owner, Error::<T, I>::NoPermission);
|
||||
}
|
||||
|
||||
CollectionMetadataOf::<T, I>::try_mutate_exists(collection, |metadata| {
|
||||
let old_deposit = metadata.take().map_or(Zero::zero(), |m| m.deposit);
|
||||
details.owner_deposit.saturating_reduce(old_deposit);
|
||||
let mut deposit = Zero::zero();
|
||||
if maybe_check_owner.is_some() &&
|
||||
collection_config.is_setting_enabled(CollectionSetting::DepositRequired)
|
||||
if !is_root && collection_config.is_setting_enabled(CollectionSetting::DepositRequired)
|
||||
{
|
||||
deposit = T::DepositPerByte::get()
|
||||
.saturating_mul(((data.len()) as u32).into())
|
||||
@@ -170,18 +180,22 @@ impl<T: Config<I>, I: 'static> Pallet<T, I> {
|
||||
}
|
||||
|
||||
pub(crate) fn do_clear_collection_metadata(
|
||||
maybe_check_owner: Option<T::AccountId>,
|
||||
maybe_check_origin: Option<T::AccountId>,
|
||||
collection: T::CollectionId,
|
||||
) -> DispatchResult {
|
||||
let details =
|
||||
Collection::<T, I>::get(&collection).ok_or(Error::<T, I>::UnknownCollection)?;
|
||||
if let Some(check_owner) = &maybe_check_owner {
|
||||
ensure!(check_owner == &details.owner, Error::<T, I>::NoPermission);
|
||||
if let Some(check_origin) = &maybe_check_origin {
|
||||
ensure!(
|
||||
Self::has_role(&collection, &check_origin, CollectionRole::Admin),
|
||||
Error::<T, I>::NoPermission
|
||||
);
|
||||
}
|
||||
|
||||
let details =
|
||||
Collection::<T, I>::get(&collection).ok_or(Error::<T, I>::UnknownCollection)?;
|
||||
let collection_config = Self::get_collection_config(&collection)?;
|
||||
|
||||
ensure!(
|
||||
maybe_check_owner.is_none() ||
|
||||
maybe_check_origin.is_none() ||
|
||||
collection_config.is_setting_enabled(CollectionSetting::UnlockedMetadata),
|
||||
Error::<T, I>::LockedCollectionMetadata
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user