Non owner can delete domain after grace period ends (#1201)

* bnsd: Implement grace perion feature on deleteDomain * bnscli: add domain grace period to update-account-conf * bnsd: Add domain grace period to datamigration * Add changelog
iov-one · Apr 6, 2020 · 35b6df3 · 35b6df3
1 parent 406079a
commit 35b6df3
Show file tree

Hide file tree

Showing 8 changed files with 194 additions and 69 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 # Changelog
 
 ## HEAD
+- `feature/account`: A non owner can delete domain after grace period ends
 
 ## 1.0.1
 - `bnsd`: updated error messages to better reflect the account module spec

diff --git a/cmd/bnscli/clitests/account_update_configuration.test.gold b/cmd/bnscli/clitests/account_update_configuration.test.gold
@@ -13,7 +13,8 @@
 				"valid_name": "^valid-name-rule$",
 				"valid_blockchain_id": "^valid-bl-id-rule$",
 				"valid_blockchain_address": "^valid-bl-address-rule$",
-				"domain_renew": 151711200
+				"domain_renew": 151711200,
+				"domain_grace_period": 2592000
 			}
 		}
 	}

diff --git a/cmd/bnscli/cmd_account.go b/cmd/bnscli/cmd_account.go
@@ -115,7 +115,7 @@ Create a transaction for registering an account within a given domain.
 		nameFl   = fl.String("name", "", "Account name")
 		domainFl = fl.String("domain", "", "Account domain.")
 		adminFl  = flAddress(fl, "owner", "", "An address that the newly registered account will belong to.")
-		brokerFl       = flAddress(fl, "broker", "", "Address of the issuer entity")
+		brokerFl = flAddress(fl, "broker", "", "Address of the issuer entity")
 	)
 	fl.Parse(args)
 
@@ -201,6 +201,7 @@ Create a transaction to change account extension configuration.
 		validBlockchainID   = fl.String("valid-bl-id", "", "Regular expression defining a rule for a valid blockchain ID string.")
 		validBlockchainAddr = fl.String("valid-bl-address", "", "Regular expression defining a rule for a valid blockchain address string.")
 		domainRenewFl       = fl.Duration("domain-renew", 0, "Domain renew time.")
+		domainGracePeriodFl = fl.Duration("domain-grace-period", 30*24*time.Hour, "Domain grace period.")
 	)
 	fl.Parse(args)
 
@@ -214,6 +215,7 @@ Create a transaction to change account extension configuration.
 			ValidBlockchainID:      *validBlockchainID,
 			ValidBlockchainAddress: *validBlockchainAddr,
 			DomainRenew:            weave.AsUnixDuration(*domainRenewFl),
+			DomainGracePeriod:      weave.AsUnixDuration(*domainGracePeriodFl),
 		},
 	}
 	if err := msg.Validate(); err != nil {

diff --git a/cmd/bnsd/app/datamigration.go b/cmd/bnsd/app/datamigration.go
@@ -65,6 +65,7 @@ func migrateRelease_1_0(ctx context.Context, db weave.KVStore) error {
 		ValidBlockchainID:      `^[a-z0-9A-Z\-]+$`,
 		ValidBlockchainAddress: `^[a-z0-9A-Z]+$`,
 		DomainRenew:            weave.AsUnixDuration(365*24*time.Hour + 6*time.Hour),
+		DomainGracePeriod:      weave.AsUnixDuration(30 * 24 * time.Hour),
 	}); err != nil {
 		return errors.Wrap(err, "save initial gconf configuration")
 	}
@@ -85,6 +86,7 @@ func migrateRelease_1_0(ctx context.Context, db weave.KVStore) error {
 		ValidBlockchainID:      `^[a-z0-9A-Z\-:]+$`,
 		ValidBlockchainAddress: `^[a-z0-9A-Z]+$`,
 		DomainRenew:            weave.AsUnixDuration(365*24*time.Hour + 6*time.Hour),
+		DomainGracePeriod:      weave.AsUnixDuration(30 * 24 * time.Hour),
 	}); err != nil {
 		return errors.Wrap(err, "save final gconf configuration")
 	}

diff --git a/cmd/bnsd/x/account/codec.pb.go b/cmd/bnsd/x/account/codec.pb.go
diff --git a/cmd/bnsd/x/account/codec.proto b/cmd/bnsd/x/account/codec.proto
@@ -119,8 +119,11 @@ message Configuration {
   // Valid blockchain address defines a regular expression that a valid target
   // blockchain address must match.
   string valid_blockchain_address = 6;
-  // Domain review defines the duration of the domain renewal period.
+  // Domain renew defines the duration of the domain renewal period.
   int64 domain_renew = 7 [(gogoproto.casttype) = "github.com/iov-one/weave.UnixDuration"];
+  // Domain grace period defines the duration of the release duration of a domain. A non-admin
+  // can delete the domain after the grace period ends.
+  int64 domain_grace_period = 8 [(gogoproto.casttype) = "github.com/iov-one/weave.UnixDuration"];
 }
 
 // UpdateConfigurationMsg is used by the gconf extension to update the

diff --git a/cmd/bnsd/x/account/handler.go b/cmd/bnsd/x/account/handler.go
@@ -489,9 +489,22 @@ func (h *deleteDomainHandler) validate(ctx weave.Context, db weave.KVStore, tx w
 	if !domain.HasSuperuser {
 		return nil, nil, errors.Wrap(errors.ErrState, "domain without a superuser cannot be deleted")
 	}
-	if !h.auth.HasAddress(ctx, domain.Admin) {
-		return nil, nil, errors.Wrap(errors.ErrUnauthorized, "only admin can delete a domain")
+	conf, err := loadConf(db)
+	if err != nil {
+		return nil, nil, errors.Wrap(err, "cannot load configuration")
 	}
+	now, err := weave.BlockTime(ctx)
+	if err != nil {
+		return nil, nil, errors.Wrap(err, "block time")
+	}
+	// if now > domain.ValidUntil + DomainGracePeriod then non owner can delete
+	// issue https://github.com/iov-one/weave/issues/1199
+	if !now.After(domain.ValidUntil.Add(conf.DomainGracePeriod.Duration()).Time()) {
+		if !h.auth.HasAddress(ctx, domain.Admin) {
+			return nil, nil, errors.Wrap(errors.ErrUnauthorized, "only admin can delete a domain")
+		}
+	}
+
 	return &domain, &msg, nil
 }