From bdbc1d6196a90dac1d59795145af8977c78ef7b4 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Thu, 24 Aug 2023 19:03:00 +0000
Subject: [PATCH] fix(x/authz): GetAuthorizations (backport #17334) (#17524)

Co-authored-by: devon <80245700+devon-chain@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
---
 CHANGELOG.md                  |  1 +
 x/authz/keeper/keeper.go      |  2 +-
 x/authz/keeper/keeper_test.go | 21 +++++++++++++++++++++
 3 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5edd1b875f52..0f60cf30ea35 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -52,6 +52,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 
 ### Bug Fixes
 
+* (x/authz) [#17524](https://github.com/cosmos/cosmos-sdk/pull/17524) Fix an issue where the `cachedValue` of an authorization would not be correcty populated when there are multiple authorizations returned in `GetAuthorizations`.
 * (server) [#17181](https://github.com/cosmos/cosmos-sdk/pull/17181) Fix `db_backend` lookup fallback from `config.toml`.
 * (runtime) [#17284](https://github.com/cosmos/cosmos-sdk/pull/17284) Properly allow to combine depinject-enabled modules and non-depinject-enabled modules in app v2.
 * (baseapp) [#17159](https://github.com/cosmos/cosmos-sdk/pull/17159) Validators can propose blocks that exceed the gas limit.
diff --git a/x/authz/keeper/keeper.go b/x/authz/keeper/keeper.go
index 788b87418e23..8e077e7674f2 100644
--- a/x/authz/keeper/keeper.go
+++ b/x/authz/keeper/keeper.go
@@ -234,9 +234,9 @@ func (k Keeper) GetAuthorizations(ctx sdk.Context, grantee sdk.AccAddress, grant
 	iter := sdk.KVStorePrefixIterator(store, key)
 	defer iter.Close()
 
-	var authorization authz.Grant
 	var authorizations []authz.Authorization
 	for ; iter.Valid(); iter.Next() {
+		var authorization authz.Grant
 		if err := k.cdc.Unmarshal(iter.Value(), &authorization); err != nil {
 			return nil, err
 		}
diff --git a/x/authz/keeper/keeper_test.go b/x/authz/keeper/keeper_test.go
index c9d3189ca055..80d8aef18377 100644
--- a/x/authz/keeper/keeper_test.go
+++ b/x/authz/keeper/keeper_test.go
@@ -470,6 +470,27 @@ func (s *TestSuite) TestGetAuthorization() {
 	}
 }
 
+func (s *TestSuite) TestGetAuthorizations() {
+	require := s.Require()
+	addr1 := s.addrs[1]
+	addr2 := s.addrs[2]
+
+	genAuthMulti := authz.NewGenericAuthorization(sdk.MsgTypeURL(&banktypes.MsgMultiSend{}))
+	genAuthSend := authz.NewGenericAuthorization(sdk.MsgTypeURL(&banktypes.MsgSend{}))
+
+	start := s.ctx.BlockHeader().Time
+	expired := start.Add(time.Duration(1) * time.Second)
+
+	s.Require().NoError(s.authzKeeper.SaveGrant(s.ctx, addr1, addr2, genAuthMulti, &expired), "creating multi send grant 1->2")
+	s.Require().NoError(s.authzKeeper.SaveGrant(s.ctx, addr1, addr2, genAuthSend, &expired), "creating send grant 1->2")
+
+	authzs, err := s.authzKeeper.GetAuthorizations(s.ctx, addr1, addr2)
+	require.NoError(err)
+	require.Len(authzs, 2)
+	require.Equal(sdk.MsgTypeURL(&banktypes.MsgMultiSend{}), authzs[0].MsgTypeURL())
+	require.Equal(sdk.MsgTypeURL(&banktypes.MsgSend{}), authzs[1].MsgTypeURL())
+}
+
 func TestTestSuite(t *testing.T) {
 	suite.Run(t, new(TestSuite))
 }