commit 0ec91ea75c7881d4d0f624ea1b1bc89b2894b1a3
parent 39c2d28ebb398da24541a079b822bf6fe57810b0
Author: triesap <tyson@radroots.org>
Date: Sun, 14 Jun 2026 20:41:07 -0700
authority: protect actor context invariants
Diffstat:
2 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/crates/authority/src/actor.rs b/crates/authority/src/actor.rs
@@ -138,10 +138,10 @@ impl RadrootsActorResolutionRequest {
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct RadrootsActorContext {
- pub pubkey: RadrootsPublicKey,
- pub roles: BTreeSet<RadrootsActorRole>,
- pub account_id: Option<RadrootsActorAccountId>,
- pub source: RadrootsActorSource,
+ pubkey: RadrootsPublicKey,
+ roles: BTreeSet<RadrootsActorRole>,
+ account_id: Option<RadrootsActorAccountId>,
+ source: RadrootsActorSource,
}
impl RadrootsActorContext {
@@ -330,6 +330,15 @@ mod tests {
}
#[test]
+ fn test_context_has_no_account_id() {
+ let actor =
+ RadrootsActorContext::test(hex_64('a'), [RadrootsActorRole::Farmer]).expect("actor");
+
+ assert_eq!(actor.source(), RadrootsActorSource::Test);
+ assert_eq!(actor.account_id(), None);
+ }
+
+ #[test]
fn remote_signer_and_service_contexts_carry_account_ids() {
let remote = RadrootsActorContext::remote_signer(
hex_64('a'),
diff --git a/crates/authority/src/authorization.rs b/crates/authority/src/authorization.rs
@@ -44,10 +44,10 @@ pub fn authorize_actor_for_draft(
});
}
authorize_actor_for_contract(actor, contract)?;
- if actor.pubkey.as_str() != draft.expected_pubkey.as_str() {
+ if actor.pubkey().as_str() != draft.expected_pubkey.as_str() {
return Err(RadrootsAuthorityError::ActorPubkeyMismatch {
expected_pubkey: draft.expected_pubkey.clone(),
- actor_pubkey: actor.pubkey.as_str().to_owned(),
+ actor_pubkey: actor.pubkey().as_str().to_owned(),
});
}
Ok(contract)
