https://github.com/pendulum-chain/spacewalk/pull/418#discussion_r1358…

…238805, #418 (comment), #418 (comment), #418 (comment)
pendulum-chain · Oct 16, 2023 · 9130670 · 9130670
2 parents c388cd8 + 2155806
commit 9130670
Showing 1 changed file with 23 additions and 33 deletions.
diff --git a/pallets/clients-info/src/lib.rs b/pallets/clients-info/src/lib.rs
@@ -1,7 +1,6 @@
 //! # ClientsInfo Module
 //! Stores information about clients used for the network.
 
-#![deny(warnings)]
 #![cfg_attr(test, feature(proc_macro_hygiene))]
 #![cfg_attr(not(feature = "std"), no_std)]
 
@@ -39,7 +38,6 @@ pub use pallet::*;
 #[frame_support::pallet]
 pub mod pallet {
 	use crate::*;
-	use frame_support::dispatch::RawOrigin;
 
 	use frame_support::pallet_prelude::*;
 	use frame_system::pallet_prelude::*;
@@ -73,26 +71,6 @@ pub mod pallet {
 		}
 	}
 
-	impl<T: Config> Pallet<T> {
-		fn check_non_root_rights(origin: OriginFor<T>) -> Result<T::AccountId, DispatchError> {
-			let origin_account_id = ensure_signed(origin)?;
-			ensure!(
-				<AuthorizedAccounts<T>>::contains_key(&origin_account_id),
-				Error::<T>::ThisAccountIdIsNotAuthorized
-			);
-
-			Ok(origin_account_id)
-		}
-
-		fn check_origin_rights(origin: OriginFor<T>) -> DispatchResult {
-			if ensure_root(origin.clone()).is_err() {
-				let _ = Pallet::<T>::check_non_root_rights(origin)?;
-			};
-
-			Ok(())
-		}
-	}
-
 	#[pallet::call]
 	impl<T: Config> Pallet<T> {
 		/// Sets the current client release version, in case of a bug fix or patch.
@@ -156,20 +134,12 @@ pub mod pallet {
 			origin: OriginFor<T>,
 			account_id: T::AccountId,
 		) -> DispatchResult {
-			if let Ok(origin_account_id) = ensure_signed(origin.clone()) {
-				Pallet::<T>::check_non_root_rights(origin.clone())?;
+			if let Err(e) = ensure_root(origin.clone()) {
+				let origin_account_id = Pallet::<T>::check_non_root_rights(origin)?;
 				ensure!(
 					account_id != origin_account_id,
 					Error::<T>::UserUnableToDeauthorizeThemself
 				);
-
-				// do not deauthorize the root account
-				let account_id_to_origin =
-					OriginFor::<T>::from(RawOrigin::Signed(account_id.clone()));
-				ensure!(
-					ensure_root(account_id_to_origin).is_err(),
-					Error::<T>::UserUnableToDeauthorizeRootAccount
-				);
 			}
 
 			if <AuthorizedAccounts<T>>::contains_key(&account_id) {
@@ -194,7 +164,6 @@ pub mod pallet {
 	pub enum Error<T> {
 		ThisAccountIdIsNotAuthorized,
 		UserUnableToDeauthorizeThemself,
-		UserUnableToDeauthorizeRootAccount,
 	}
 
 	/// Mapping of client name (string literal represented as bytes) to its release details.
@@ -214,6 +183,27 @@ pub mod pallet {
 	#[pallet::getter(fn authorized_accounts)]
 	pub(super) type AuthorizedAccounts<T: Config> =
 		StorageMap<_, Blake2_128Concat, T::AccountId, ()>;
+
+	impl<T: Config> Pallet<T> {
+		fn check_non_root_rights(origin: OriginFor<T>) -> Result<T::AccountId, DispatchError> {
+			let origin_account_id = ensure_signed(origin.clone())?;
+
+			ensure!(
+				<AuthorizedAccounts<T>>::contains_key(&origin_account_id),
+				Error::<T>::ThisAccountIdIsNotAuthorized
+			);
+
+			Ok(origin_account_id)
+		}
+
+		fn check_origin_rights(origin: OriginFor<T>) -> DispatchResult {
+			if ensure_root(origin.clone()).is_err() {
+				Pallet::<T>::check_non_root_rights(origin.clone())?;
+			}
+
+			Ok(())
+		}
+	}
 }
 
 pub mod upgrade_client_releases {