Challenge/hardworking toptal dev

soroban-react-dapp/README.md

@@ -43,6 +43,148 @@ The contracts workflow happens in the `contracts/` folder. Here you can see that
 
 Every new contract should be in its own folder, and the folder should be named the same name as the name of the contract in its `cargo.toml` file. You can check how the `tweaked_greeting` contract is changed from the `greeting` contract and you can also start from this to build your own contract.
 
+**Challenge contract**
+
+> _This challenge contract is to add authorization controls to the contract so only specific addresses can modify a title. Implement address management and `required_auth` to verify authorized changes._
+
+- `init` instruction
+
+add init instruction to set admin for contract initial.
+
+```rust
+// initialize the contract and set the admin
+    pub fn init(env: Env, admin: Address) -> Result<(), Error> {
+        let storage = env.storage().instance();
+        admin.require_auth();
+        if storage.has(&Assets::Admin) {
+            return Err(Error::AlreadyInitialized);
+        }
+        storage.set(&Assets::Admin, &admin);
+        Ok(())
+    }
+```
+
+- `add_editor` instruction
+
+admin can add editors who can modify the title
+
+```rust
+pub fn add_editor(env: Env, new_editor: Address) -> Result<(), Error>{
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap();
+        admin.require_auth();
+
+        let mut editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        if !editors.contains(&new_editor) {
+            editors.push_front(new_editor);
+            env.storage().instance().set(&Assets::Editors, &editors);
+            Ok(())
+        } else {
+            Err(Error::AlreadyExist)
+        }
+    }
+```
+
+- `remove_editor` instruction
+
+admin can remove editor from their list.
+
+```rust
+// remove wallets from editors
+    pub fn remove_editor(env: Env, editor_to_remove: Address) {
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap();
+        admin.require_auth();
+
+        let mut editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        editors
+            .first_index_of(&editor_to_remove)
+            .map(|index| editors.remove(index));
+        env.storage().instance().set(&Assets::Editors, &editors);
+    }
+```
+
+- `set_title` instruction
+
+editors can modify the tile, if not editor, it cause UnAthorized Error.
+
+```rust
+// set the title only available editors
+    pub fn set_title(env: Env, user: Address, title: String) -> Result<(), Error> {
+        user.require_auth();
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap_or_else(|| {
+            // You can log or handle the error here
+            // In this case, we'll return an error
+            return Err(Error::NotInitialized);
+        })?;
+
+        let editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        if editors.contains(&user) || user.eq(&admin) {
+            env.storage().instance().set(&Assets::Title, &title);
+            Ok(())
+        } else {
+            Err(Error::Unauthorized)
+        }
+    }
+```
+
+**Test Contract**
+
+- `require_auth` test
+
+```rust
+// mofify the title with editors
+    client.set_title(&new_editor, &String::from_str(&env, "Hello, Stellar"));
+
+    // test for require_auth
+    assert_eq!(
+        env.auths(),
+        std::vec![(
+            // Address for which authorization check is performed
+            new_editor.clone(),
+            // Invocation tree that needs to be authorized
+            AuthorizedInvocation {
+                // Function that is authorized. Can be a contract function or
+                // a host function that requires authorization.
+                function: AuthorizedFunction::Contract((
+                    // Address of the called contract
+                    contract_id.clone(),
+                    // Name of the called function
+                    symbol_short!("set_title"),
+                    // Arguments used to call `set_title`
+                    vec![&env, new_editor.to_val(), String::from_str(&env, "Hello, Stellar").into()]
+                )),
+                // The contract doesn't call any other contracts that require
+                // authorization,
+                sub_invocations: std::vec![]
+            }
+        )]
+    );
+```
+
+- `set_title` and `add_editor` test
+
+```rust
+// test either everyone access to modify title or not
+    let _ = client.try_set_title(&new_editor, &String::from_str(&env, "Hello, Stellar"));
+    let client_title = client.read_title();
+    assert_eq!(client_title, String::from_str(&env, "Default Title"));
+
+// test with new title 
+    let client_new_title = client.read_title();
+    assert_eq!(client_new_title, String::from_str(&env, "Hello, Stellar"));
+
+    // remove editors by admin
+    let _ = client.remove_editor(&new_editor);
+    let admins = client.fetch_editors();
+    assert_eq!(admins.len(), 1);
+```
+
+
+
+
+
 To build the contracts you can simply invoke the `make` command which will recursively build all contracts by propagating the `make` command to subfolders. Each contract needs to have its own `Makefile` for this to work. The `Makefile` from the greeting contract is a generic one and can be copied and paste to use with any of your new contract.
 
 If you are not familiar or comfortable with Makefiles you can simply go in the directory of the contract you want to compile and run 
@@ -96,4 +238,4 @@ You then need to adapt the `contractInvoke()` calls in these functions to match
 
 Finally feel, of course, free to change the front-end how you wish, to match your desired functionalities.
 
-*Good luck building!*
+*Good luck building!*

soroban-react-dapp/contracts/deployments.json

@@ -7,6 +7,6 @@
   {
     "contractId": "greeting",
     "networkPassphrase": "Test SDF Network ; September 2015",
-    "contractAddress": "CDWGVPSUXXSGABQ663FVV4TZJH4Q2R3HVAKTKWFFFMWPF23O7KMNS4KU"
+    "contractAddress": "CC7LM32RVA7FSWIDQS7DSYAZWKA2NBIS2PSIDX2NZOCKFVZWBMDP3ZV3"
   }
 ]

soroban-react-dapp/contracts/greeting/src/lib.rs

@@ -1,24 +1,106 @@
 #![no_std]
-use soroban_sdk::{contract, contractimpl, Env, Symbol, symbol_short, String};
-
-const TITLE: Symbol = symbol_short!("TITLE");
-
+use soroban_sdk::{contract, contracterror, contractimpl, contracttype, Address, Env, String, Vec};
 
 #[contract]
 pub struct TitleContract;
 
+#[contracterror]
+#[derive(Clone, Copy, Debug, PartialEq, Eq, PartialOrd, Ord)]
+#[repr(u32)]
+pub enum Error {
+    Unauthorized = 1,
+    AlreadyInitialized = 2,
+    NotInitialized = 3,
+    AlreadyExist = 4,  // when editor already exist, add_editor invoke this error
+}
+
 #[contractimpl]
 impl TitleContract {
+    // initialize the contract and set the admin
+    pub fn init(env: Env, admin: Address) -> Result<(), Error> {
+        let storage = env.storage().instance();
+        admin.require_auth();
+        if storage.has(&Assets::Admin) {
+            return Err(Error::AlreadyInitialized);
+        }
+        storage.set(&Assets::Admin, &admin);
+        Ok(())
+    }
 
-    pub fn set_title(env: Env, title: String) {
-                env.storage().instance().set(&TITLE, &title)
+    // set the title only available editors
+    pub fn set_title(env: Env, user: Address, title: String) -> Result<(), Error> {
+        user.require_auth();
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap_or_else(|| {
+            // You can log or handle the error here
+            // In this case, we'll return an error
+            return Err(Error::NotInitialized);
+        })?;
+
+        let editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        if editors.contains(&user) || user.eq(&admin) {
+            env.storage().instance().set(&Assets::Title, &title);
+            Ok(())
+        } else {
+            Err(Error::Unauthorized)
+        }
     }
 
+    // read the title
     pub fn read_title(env: Env) -> String {
-        env.storage().instance().get(&TITLE)
+        env.storage()
+            .instance()
+            .get(&Assets::Title)
             .unwrap_or(String::from_str(&env, "Default Title"))
     }
-
-} 
+
+    /// ***** Address Management ***** ///
+
+    // add wallet address for editors
+    pub fn add_editor(env: Env, new_editor: Address) -> Result<(), Error>{
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap();
+        admin.require_auth();
+
+        let mut editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        if !editors.contains(&new_editor) {
+            editors.push_front(new_editor);
+            env.storage().instance().set(&Assets::Editors, &editors);
+            Ok(())
+        } else {
+            Err(Error::AlreadyExist)
+        }
+    }
+
+    // remove wallets from editors
+    pub fn remove_editor(env: Env, editor_to_remove: Address) {
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap();
+        admin.require_auth();
+
+        let mut editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        editors
+            .first_index_of(&editor_to_remove)
+            .map(|index| editors.remove(index));
+        env.storage().instance().set(&Assets::Editors, &editors);
+    }
+
+    // fetch the editor lists
+    pub fn fetch_editors(env: Env) -> Vec<Address> {
+        let storage = env.storage().instance();
+        let admin: Address = storage.get(&Assets::Admin).unwrap();
+        let mut editors: Vec<Address> = storage.get(&Assets::Editors).unwrap_or(Vec::new(&env));
+        editors.push_front(admin);
+        editors
+    }
+}
+
+#[derive(Clone)]
+#[contracttype]
+pub enum Assets {
+    Admin,
+    Editors,
+    Title,
+}
 
 mod test;

soroban-react-dapp/contracts/greeting/src/test.rs

@@ -1,21 +1,73 @@
 #![cfg(test)]
 
-use super::*;
-use soroban_sdk::{Env, String};
+extern crate std;
 
+use super::*;
+use soroban_sdk::{symbol_short, testutils::{Address as _, AuthorizedFunction, AuthorizedInvocation}, vec, Address, Env, String};
 
 #[test]
 fn test() {
+    // test to mock the all auths
     let env = Env::default();
+    env.mock_all_auths();
+
     let contract_id = env.register_contract(None, TitleContract);
     let client = TitleContractClient::new(&env, &contract_id);
 
-    let client_default_title = client.read_title(); 
-    assert_eq!(client_default_title, String::from_slice(&env, "Default Title"));
+    let admin = Address::generate(&env);
+    let new_editor = Address::generate(&env);
+
+    // init by admin
+    client.init(&admin);
+
+    let client_default_title = client.read_title();
+    assert_eq!(
+        client_default_title,
+        String::from_str(&env, "Default Title")
+    );
+
+    // test either everyone access to modify title or not
+    let _ = client.try_set_title(&new_editor, &String::from_str(&env, "Hello, Stellar"));
+    let client_title = client.read_title();
+    assert_eq!(client_title, String::from_str(&env, "Default Title"));
+
+    // give edit access
+    client.add_editor(&new_editor);
+
+    // mofify the title with editors
+    client.set_title(&new_editor, &String::from_str(&env, "Hello, Stellar"));
 
-    client.set_title(&String::from_slice(&env, "My New Title"));
-    let client_new_title = client.read_title(); 
+    // test for require_auth
+    assert_eq!(
+        env.auths(),
+        std::vec![(
+            // Address for which authorization check is performed
+            new_editor.clone(),
+            // Invocation tree that needs to be authorized
+            AuthorizedInvocation {
+                // Function that is authorized. Can be a contract function or
+                // a host function that requires authorization.
+                function: AuthorizedFunction::Contract((
+                    // Address of the called contract
+                    contract_id.clone(),
+                    // Name of the called function
+                    symbol_short!("set_title"),
+                    // Arguments used to call `set_title`
+                    vec![&env, new_editor.to_val(), String::from_str(&env, "Hello, Stellar").into()]
+                )),
+                // The contract doesn't call any other contracts that require
+                // authorization,
+                sub_invocations: std::vec![]
+            }
+        )]
+    );
 
-    assert_eq!(client_new_title, String::from_slice(&env, "My New Title"));
+    // test with new title 
+    let client_new_title = client.read_title();
+    assert_eq!(client_new_title, String::from_str(&env, "Hello, Stellar"));
 
+    // remove editors by admin
+    let _ = client.remove_editor(&new_editor);
+    let admins = client.fetch_editors();
+    assert_eq!(admins.len(), 1);
 }