test: verify create_package auth via real Soroban AuthorizedInvocation#326
Merged
kilodesodiq-arch merged 2 commits intoJul 17, 2026
Merged
Conversation
ethnum 1.5.2 relied on mem::transmute(()) to construct a TryFromIntError, which newer rustc (1.97.0, used by Contract CI) rejects with E0512 since the type is no longer zero-sized. Upstream fixed this in 1.5.3 by using a safe constructor instead. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
Contributor
|
Awesome work on this! Thanks for the contribution 🚀 Merging now. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
tests/authorization.rsto verifycreate_package's authorization checks against Soroban's realAuthorizedInvocationmodel instead of the blanketmock_all_auths()bypass used elsewhere in the suite. Closes #___mock_all_auths()makes everyAddress::require_auth()call succeed unconditionally, which means no existing test would catchrequire_admin_or_distributorsilently losing itsoperator.require_auth()call (e.g. via a refactor, or a reentrant token-transfer callback attempting to bypass it). This PR adds tests that construct explicitMockAuth/MockAuthInvoketrees (or zero authorization entries) so a missing or misdirected auth check increate_packageactually fails CI.No changes to
src/lib.rs—require_admin_or_distributoralready calledoperator.require_auth()correctly; this PR only closes the test gap.Note on acceptance criteria: the issue expected
try_create_packageto returnError::NotAuthorizedwhen called with zero operator auth. Verified empirically against soroban-sdk 23.4.1: with no authorization entries present, the host traps insiderequire_auth()itself before the contract can return anything, so the actual result isErr(Err(InvokeError::Abort)), not our contract'sError::NotAuthorized. This is documented in the test file. The literalError::NotAuthorizedreturn path is covered instead by a second test: an operator who does provide valid self-authorization but holds neither the admin nor distributor role.Testing
Screenshots
N/A — backend/smart-contract test-only change, no UI surface.
Checklist
Closes #229