Fix release finding

proto/shentu/bounty/v1/bounty.proto

@@ -32,12 +32,13 @@ message Finding {
   string title = 3;
   // JSON by FindingDetail
   string description = 4 [(gogoproto.moretags) = "yaml:\"description\""];
-  string submitter_address = 5 [(gogoproto.moretags) = "yaml:\"submitter_address\""];
-  google.protobuf.Timestamp create_time = 6
+  // hash(desc + pos + submitter)
+  string finding_hash = 5 [(gogoproto.moretags) = "yaml:\"finding_hash\""];
+  string submitter_address = 6 [(gogoproto.moretags) = "yaml:\"submitter_address\""];
+  SeverityLevel severity_level = 7 [(gogoproto.moretags) = "yaml:\"severity_level\""];
+  FindingStatus status = 8 [(gogoproto.moretags) = "yaml:\"status\""];
+  google.protobuf.Timestamp create_time = 9
   [(gogoproto.stdtime) = true, (gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"create_time\""];
-  FindingStatus status = 7 [(gogoproto.moretags) = "yaml:\"status\""];
-  string finding_hash = 8 [(gogoproto.moretags) = "yaml:\"finding_hash\""];
-  SeverityLevel severity_level = 9 [(gogoproto.moretags) = "yaml:\"severity_level\""];
 }
 
 enum ProgramStatus {
@@ -51,22 +52,22 @@ enum ProgramStatus {
 enum SeverityLevel {
   option (gogoproto.goproto_enum_prefix) = false;
 
-  SEVERITY_LEVEL_CRITICAL = 0 [(gogoproto.enumvalue_customname) = "SeverityLevelCritical"];
-  SEVERITY_LEVEL_HIGH = 1 [(gogoproto.enumvalue_customname) = "SeverityLevelHigh"];
-  SEVERITY_LEVEL_MEDIUM = 2 [(gogoproto.enumvalue_customname) = "SeverityLevelMedium"];
-  SEVERITY_LEVEL_LOW = 3 [(gogoproto.enumvalue_customname) = "SeverityLevelLow"];
-  SEVERITY_LEVEL_INFORMATIONAL = 4 [(gogoproto.enumvalue_customname) = "SeverityLevelInformational"];
+  SEVERITY_LEVEL_UNSPECIFIED = 0 [(gogoproto.enumvalue_customname) = "Unspecified"];
+  SEVERITY_LEVEL_CRITICAL = 1 [(gogoproto.enumvalue_customname) = "Critical"];
+  SEVERITY_LEVEL_HIGH = 2 [(gogoproto.enumvalue_customname) = "High"];
+  SEVERITY_LEVEL_MEDIUM = 3 [(gogoproto.enumvalue_customname) = "Medium"];
+  SEVERITY_LEVEL_LOW = 4 [(gogoproto.enumvalue_customname) = "Low"];
+  SEVERITY_LEVEL_INFORMATIONAL = 5 [(gogoproto.enumvalue_customname) = "Informational"];
 }
 
 enum FindingStatus {
   option (gogoproto.goproto_enum_prefix) = false;
 
-  FINDING_STATUS_REPORTED = 0 [(gogoproto.enumvalue_customname) = "FindingStatusReported"];
-  FINDING_STATUS_PROPOSED = 1 [(gogoproto.enumvalue_customname) = "FindingStatusProposed"];
-  FINDING_STATUS_ACTIVE = 2 [(gogoproto.enumvalue_customname) = "FindingStatusActive"];
-  FINDING_STATUS_CONFIRMED = 3 [(gogoproto.enumvalue_customname) = "FindingStatusConfirmed"];
-  FINDING_STATUS_PAID = 4 [(gogoproto.enumvalue_customname) = "FindingStatusPaid"];
-  FINDING_STATUS_CLOSED = 5 [(gogoproto.enumvalue_customname) = "FindingStatusClosed"];
+  FINDING_STATUS_SUBMITTED = 0 [(gogoproto.enumvalue_customname) = "FindingStatusSubmitted"];
+  FINDING_STATUS_ACTIVE = 1 [(gogoproto.enumvalue_customname) = "FindingStatusActive"];
+  FINDING_STATUS_CONFIRMED = 2 [(gogoproto.enumvalue_customname) = "FindingStatusConfirmed"];
+  FINDING_STATUS_PAID = 3 [(gogoproto.enumvalue_customname) = "FindingStatusPaid"];
+  FINDING_STATUS_CLOSED = 4 [(gogoproto.enumvalue_customname) = "FindingStatusClosed"];
 }
 
 message BountyLevel {
@@ -87,7 +88,6 @@ message BountyLevel {
 //  string description = 1;
 //  string scope_rules = 2;
 //  string known_issues = 3;
-//  repeated BountyLevel bounty_levels = 4 [(gogoproto.nullable) = false, (gogoproto.moretags) = "yaml:\"bounty_levels\""];
 //}
 
 //// FindingDetail defines a finding detail.
@@ -99,5 +99,4 @@ message BountyLevel {
 //  string proof_of_concept = 2 [(gogoproto.moretags) = "yaml:\"proof_of_concept\""];
 //  repeated string program_targets = 3 [(gogoproto.moretags) = "yaml:\"program_targets\""];
 //  repeated string attachments = 4;
-//  SeverityLevel severity_level = 5 [(gogoproto.moretags) = "yaml:\"severity_level\""];
 //}

proto/shentu/bounty/v1/tx.proto

@@ -28,6 +28,9 @@ service Msg {
   // SubmitFinding defines a method for submitting a new finding.
   rpc SubmitFinding(MsgSubmitFinding) returns (MsgSubmitFindingResponse);
 
+  // EditFinding defines a method for editing a new finding.
+  rpc EditFinding(MsgEditFinding) returns (MsgEditFindingResponse);
+
   // AcceptFinding defines a method for host accept a finding.
   rpc AcceptFinding(MsgAcceptFinding) returns (MsgAcceptFindingResponse);
 
@@ -103,13 +106,30 @@ message MsgSubmitFinding {
   string finding_id = 2 [(gogoproto.moretags) = "yaml:\"finding_id\""];
   string title = 3;
   string description = 4;
-  string submitter_address = 5 [(gogoproto.moretags) = "yaml:\"submitter_address\""];
-  SeverityLevel severity_level = 6 [(gogoproto.moretags) = "yaml:\"severity_level\""];
+  string finding_hash = 5 [(gogoproto.moretags) = "yaml:\"finding_hash\""];
+  string submitter_address = 6 [(gogoproto.moretags) = "yaml:\"submitter_address\""];
+  SeverityLevel severity_level = 7 [(gogoproto.moretags) = "yaml:\"severity_level\""];
 }
 
 // MsgSubmitFindingResponse defines the MsgSubmitFinding response type.
 message MsgSubmitFindingResponse {}
 
+// MsgEditFinding defines a message to edit a finding.
+message MsgEditFinding {
+  option (gogoproto.equal) = false;
+  option (gogoproto.goproto_getters) = false;
+
+  string program_id = 1 [(gogoproto.moretags) = "yaml:\"program_id\""];
+  string finding_id = 2 [(gogoproto.moretags) = "yaml:\"finding_id\""];
+  string title = 3;
+  string description = 4;
+  string submitter_address = 5 [(gogoproto.moretags) = "yaml:\"submitter_address\""];
+  SeverityLevel severity_level = 6 [(gogoproto.moretags) = "yaml:\"severity_level\""];
+}
+
+// MsgEditFindingResponse defines the MsgEditFinding response type.
+message MsgEditFindingResponse {}
+
 // MsgAcceptFinding defines a message to accept a finding to an existing finding.
 message MsgAcceptFinding {
   option (gogoproto.equal) = false;

x/bounty/client/cli/tx.go

@@ -27,6 +27,7 @@ func NewTxCmd() *cobra.Command {
 		NewOpenProgramCmd(),
 		NewCloseProgramCmd(),
 		NewSubmitFindingCmd(),
+		NewEditFindingCmd(),
 		NewAcceptFindingCmd(),
 		NewRejectFindingCmd(),
 		NewCloseFindingCmd(),
@@ -223,6 +224,62 @@ func NewSubmitFindingCmd() *cobra.Command {
 
 	_ = cmd.MarkFlagRequired(flags.FlagFrom)
 	_ = cmd.MarkFlagRequired(FlagProgramID)
+	_ = cmd.MarkFlagRequired(FlagFindingID)
+
+	return cmd
+}
+
+func NewEditFindingCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "edit-finding",
+		Short: "edit finding for a program",
+		RunE: func(cmd *cobra.Command, args []string) error {
+			clientCtx, err := client.GetClientTxContext(cmd)
+			if err != nil {
+				return err
+			}
+			submitAddr := clientCtx.GetFromAddress()
+
+			pid, err := cmd.Flags().GetString(FlagProgramID)
+			if err != nil {
+				return err
+			}
+			fid, err := cmd.Flags().GetString(FlagFindingID)
+			if err != nil {
+				return err
+			}
+			title, err := cmd.Flags().GetString(FlagFindingTitle)
+			if err != nil {
+				return err
+			}
+			desc, err := cmd.Flags().GetString(FlagDesc)
+			if err != nil {
+				return err
+			}
+			severityLevel, err := cmd.Flags().GetInt32(FlagFindingSeverityLevel)
+			if err != nil {
+				return err
+			}
+			//_, ok := types.SeverityLevel_name[severityLevel]
+			//if !ok {
+			//	return fmt.Errorf("invalid %s value", FlagFindingSeverityLevel)
+			//}
+
+			msg := types.NewMsgEditFinding(pid, fid, title, desc, submitAddr, types.SeverityLevel(severityLevel))
+			return tx.GenerateOrBroadcastTxCLI(clientCtx, cmd.Flags(), msg)
+		},
+	}
+
+	cmd.Flags().String(FlagProgramID, "", "The program's ID")
+	cmd.Flags().String(FlagFindingID, "", "The finding's ID")
+	cmd.Flags().String(FlagFindingTitle, "", "The finding's title")
+	cmd.Flags().String(FlagDesc, "", "The finding's description")
+	cmd.Flags().Int32(FlagFindingSeverityLevel, 8, "The finding's severity level")
+	flags.AddTxFlagsToCmd(cmd)
+
+	_ = cmd.MarkFlagRequired(flags.FlagFrom)
+	_ = cmd.MarkFlagRequired(FlagProgramID)
+	_ = cmd.MarkFlagRequired(FlagFindingID)
 
 	return cmd
 }

x/bounty/handler.go

@@ -30,6 +30,9 @@ func NewHandler(k keeper.Keeper) sdk.Handler {
 		case *types.MsgSubmitFinding:
 			res, err := msgServer.SubmitFinding(sdk.WrapSDKContext(ctx), msg)
 			return sdk.WrapServiceResult(ctx, res, err)
+		case *types.MsgEditFinding:
+			res, err := msgServer.EditFinding(sdk.WrapSDKContext(ctx), msg)
+			return sdk.WrapServiceResult(ctx, res, err)
 		case *types.MsgAcceptFinding:
 			res, err := msgServer.AcceptFinding(sdk.WrapSDKContext(ctx), msg)
 			return sdk.WrapServiceResult(ctx, res, err)

x/bounty/keeper/finding_test.go

@@ -42,9 +42,9 @@ func (suite *KeeperTestSuite) TestSetGetFinding() {
 						Description:      "desc",
 						SubmitterAddress: suite.address[0].String(),
 						CreateTime:       time.Time{},
-						Status:           types.FindingStatusReported,
+						Status:           types.FindingStatusSubmitted,
 						FindingHash:      "",
-						SeverityLevel:    types.SeverityLevelLow,
+						SeverityLevel:    types.Low,
 					},
 				},
 			},

x/bounty/keeper/msg_server.go

@@ -107,11 +107,6 @@ func (k msgServer) EditProgram(goCtx context.Context, msg *types.MsgEditProgram)
 func (k msgServer) OpenProgram(goCtx context.Context, msg *types.MsgOpenProgram) (*types.MsgOpenProgramResponse, error) {
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
-	_, found := k.GetProgram(ctx, msg.ProgramId)
-	if !found {
-		return nil, types.ErrNoProgramFound
-	}
-
 	operatorAddr, err := sdk.AccAddressFromBech32(msg.OperatorAddress)
 	if err != nil {
 		return nil, err
@@ -148,7 +143,7 @@ func (k msgServer) CloseProgram(goCtx context.Context, msg *types.MsgCloseProgra
 	}
 	ctx.EventManager().EmitEvents(sdk.Events{
 		sdk.NewEvent(
-			types.EventTypeOpenProgram,
+			types.EventTypeCloseProgram,
 			sdk.NewAttribute(types.AttributeKeyProgramID, msg.ProgramId),
 		),
 		sdk.NewEvent(
@@ -183,7 +178,7 @@ func (k msgServer) SubmitFinding(goCtx context.Context, msg *types.MsgSubmitFind
 		return nil, types.ErrFindingAlreadyExists
 	}
 
-	finding, err := types.NewFinding(msg.ProgramId, msg.FindingId, msg.Title, msg.Description, operatorAddr, submitTime, msg.SeverityLevel)
+	finding, err := types.NewFinding(msg.ProgramId, msg.FindingId, msg.Title, msg.Description, msg.FindingHash, operatorAddr, submitTime, msg.SeverityLevel)
 	if err != nil {
 		return nil, err
 	}
@@ -210,6 +205,53 @@ func (k msgServer) SubmitFinding(goCtx context.Context, msg *types.MsgSubmitFind
 	return &types.MsgSubmitFindingResponse{}, nil
 }
 
+func (k msgServer) EditFinding(goCtx context.Context, msg *types.MsgEditFinding) (*types.MsgEditFindingResponse, error) {
+	ctx := sdk.UnwrapSDKContext(goCtx)
+
+	program, isExist := k.GetProgram(ctx, msg.ProgramId)
+	if !isExist {
+		return nil, types.ErrProgramNotExists
+	}
+	if program.Status != types.ProgramStatusActive {
+		return nil, types.ErrProgramNotActive
+	}
+
+	finding, found := k.GetFinding(ctx, msg.FindingId)
+	if !found {
+		return nil, types.ErrFindingNotExists
+	}
+	// check submitter
+	if finding.SubmitterAddress != msg.SubmitterAddress {
+		return nil, types.ErrFindingSubmitterInvalid
+	}
+	if len(msg.Title) > 0 {
+		finding.Title = msg.Title
+	}
+	if len(msg.Description) > 0 {
+		finding.Description = msg.Description
+	}
+	if msg.SeverityLevel != types.Unspecified {
+		finding.SeverityLevel = msg.SeverityLevel
+	}
+
+	k.SetFinding(ctx, finding)
+
+	ctx.EventManager().EmitEvents(sdk.Events{
+		sdk.NewEvent(
+			types.EventTypeEditFinding,
+			sdk.NewAttribute(types.AttributeKeyFindingID, finding.FindingId),
+			sdk.NewAttribute(types.AttributeKeyProgramID, finding.ProgramId),
+		),
+		sdk.NewEvent(
+			sdk.EventTypeMessage,
+			sdk.NewAttribute(sdk.AttributeKeyModule, types.AttributeValueCategory),
+			sdk.NewAttribute(sdk.AttributeKeySender, msg.SubmitterAddress),
+		),
+	})
+
+	return &types.MsgEditFindingResponse{}, nil
+}
+
 func (k msgServer) AcceptFinding(goCtx context.Context, msg *types.MsgAcceptFinding) (*types.MsgAcceptFindingResponse, error) {
 	ctx := sdk.UnwrapSDKContext(goCtx)
 
@@ -303,12 +345,12 @@ func (k msgServer) CloseFinding(goCtx context.Context, msg *types.MsgCloseFindin
 	}
 
 	// check submitter
-	if finding.SubmitterAddress != msg.OperatorAddress || !k.certKeeper.IsCertifier(ctx, operatorAddr) {
+	if finding.SubmitterAddress != msg.OperatorAddress && !k.certKeeper.IsCertifier(ctx, operatorAddr) {
 		return nil, types.ErrFindingSubmitterInvalid
 	}
 
 	// check status
-	if finding.Status != types.FindingStatusReported {
+	if finding.Status != types.FindingStatusSubmitted {
 		return nil, types.ErrFindingStatusInvalid
 	}
 
@@ -317,7 +359,7 @@ func (k msgServer) CloseFinding(goCtx context.Context, msg *types.MsgCloseFindin
 
 	ctx.EventManager().EmitEvents(sdk.Events{
 		sdk.NewEvent(
-			types.EventTypeCancelFinding,
+			types.EventTypeCloseFinding,
 			sdk.NewAttribute(types.AttributeKeyFindingID, msg.FindingId),
 			sdk.NewAttribute(types.AttributeKeyProgramID, finding.ProgramId),
 		),
@@ -352,6 +394,7 @@ func (k msgServer) ReleaseFinding(goCtx context.Context, msg *types.MsgReleaseFi
 		return nil, types.ErrProgramCreatorInvalid
 	}
 
+	finding.Description = msg.Description
 	k.SetFinding(ctx, finding)
 
 	ctx.EventManager().EmitEvents(sdk.Events{

x/bounty/keeper/msg_server_test.go

@@ -86,7 +86,7 @@ func (suite *KeeperTestSuite) TestSubmitFinding() {
 						Title:            "Test bug 1",
 						Description:      "Desc",
 						SubmitterAddress: suite.address[0].String(),
-						SeverityLevel:    types.SeverityLevelCritical,
+						SeverityLevel:    types.Critical,
 					},
 				},
 			},
@@ -103,7 +103,7 @@ func (suite *KeeperTestSuite) TestSubmitFinding() {
 						Title:            "Test bug 1",
 						Description:      "Desc",
 						SubmitterAddress: suite.address[0].String(),
-						SeverityLevel:    types.SeverityLevelCritical,
+						SeverityLevel:    types.Critical,
 					},
 				},
 			},
@@ -120,7 +120,7 @@ func (suite *KeeperTestSuite) TestSubmitFinding() {
 						Title:            "Test bug 1",
 						Description:      "Desc",
 						SubmitterAddress: "Test address",
-						SeverityLevel:    types.SeverityLevelCritical,
+						SeverityLevel:    types.Critical,
 					},
 				},
 			},
@@ -187,7 +187,7 @@ func (suite *KeeperTestSuite) TestAcceptFinding() {
 				suite.Require().Equal(finding.Status, types.FindingStatusConfirmed)
 			} else {
 				suite.Require().Error(err)
-				suite.Require().Equal(finding.Status, types.FindingStatusReported)
+				suite.Require().Equal(finding.Status, types.FindingStatusSubmitted)
 			}
 		})
 	}
@@ -231,7 +231,7 @@ func (suite *KeeperTestSuite) TestRejectFinding() {
 				suite.Require().Equal(finding.Status, types.FindingStatusClosed)
 			} else {
 				suite.Require().Error(err)
-				suite.Require().Equal(finding.Status, types.FindingStatusReported)
+				suite.Require().Equal(finding.Status, types.FindingStatusSubmitted)
 			}
 		})
 	}
@@ -270,7 +270,7 @@ func (suite *KeeperTestSuite) InitSubmitFinding(pid, fid string) string {
 		Title:            "Bug title",
 		Description:      "Bug desc",
 		SubmitterAddress: suite.address[0].String(),
-		SeverityLevel:    types.SeverityLevelCritical,
+		SeverityLevel:    types.Critical,
 	}
 
 	ctx := types1.WrapSDKContext(suite.ctx)