base has different auth in each function

onflow · Nov 27, 2023 · 1f9ce66 · 1f9ce66
1 parent 2b76f59
commit 1f9ce66
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 14 deletions.
diff --git a/runtime/interpreter/interpreter.go b/runtime/interpreter/interpreter.go
@@ -1348,9 +1348,8 @@ func (declarationInterpreter *Interpreter) declareNonEnumCompositeValue(
 
 					var auth Authorization = UnauthorizedAccess
 					attachmentType := interpreter.MustSemaTypeOfValue(value).(*sema.CompositeType)
-					// Self's type in the constructor is codomain of the attachment's entitlement map, since
+					// Self's type in the constructor is fully entitled, since
 					// the constructor can only be called when in possession of the base resource
-					// if the attachment is declared with access(all) access, then self is unauthorized
 
 					auth = ConvertSemaAccessToStaticAuthorization(
 						interpreter,

diff --git a/runtime/interpreter/interpreter_expression.go b/runtime/interpreter/interpreter_expression.go
@@ -1404,7 +1404,12 @@ func (interpreter *Interpreter) VisitAttachExpression(attachExpression *ast.Atta
 	// set it on the attachment's `CompositeValue` yet, because the value does not exist.
 	// Instead, we create an implicit constructor argument containing a reference to the base.
 
-	var auth Authorization = UnauthorizedAccess
+	// within the constructor, the attachment's base and self references should be fully entitled,
+	// as the constructor of the attachment is only callable by the owner of the base
+	baseType := interpreter.MustSemaTypeOfValue(base).(sema.EntitlementSupportingType)
+	baseAccess := sema.NewEntitlementSetAccessFromSet(baseType.SupportedEntitlements(), sema.Conjunction)
+	auth := ConvertSemaAccessToStaticAuthorization(interpreter, baseAccess)
+
 	attachmentType := interpreter.Program.Elaboration.AttachTypes(attachExpression)
 
 	var baseValue Value = NewEphemeralReferenceValue(
@@ -1432,6 +1437,8 @@ func (interpreter *Interpreter) VisitAttachExpression(attachExpression *ast.Atta
 		nil,
 	).(*CompositeValue)
 
+	attachment.setBaseValue(interpreter, base)
+
 	// we enforce this in the checker
 	if !ok {
 		panic(errors.NewUnreachableError())

diff --git a/runtime/interpreter/value.go b/runtime/interpreter/value.go
@@ -16323,7 +16323,7 @@ type CompositeValue struct {
 	// 2) When a resource `r`'s destructor is invoked, all of `r`'s attachments' destructors will also run, and
 	//    have their `base` fields set to `&r`
 	// 3) When a value is transferred, this field is copied between its attachments
-	base                *EphemeralReferenceValue
+	base                *CompositeValue
 	QualifiedIdentifier string
 	Kind                common.CompositeKind
 	isDestroyed         bool
@@ -17175,7 +17175,7 @@ func (v *CompositeValue) ConformsToStaticType(
 	}
 
 	if compositeType.Kind == common.CompositeKindAttachment {
-		base := v.getBaseValue().Value
+		base := v.getBaseValue(interpreter, UnauthorizedAccess).Value
 		if base == nil || !base.ConformsToStaticType(interpreter, locationRange, results) {
 			return false
 		}
@@ -17686,11 +17686,7 @@ func NewEnumCaseValue(
 	return v
 }
 
-func (v *CompositeValue) getBaseValue() *EphemeralReferenceValue {
-	return v.base
-}
-
-func (v *CompositeValue) setBaseValue(interpreter *Interpreter, base *CompositeValue) {
+func (v *CompositeValue) getBaseValue(interpreter *Interpreter, fnAuth Authorization) *EphemeralReferenceValue {
 	attachmentType, ok := interpreter.MustSemaTypeOfValue(v).(*sema.CompositeType)
 	if !ok {
 		panic(errors.NewUnreachableError())
@@ -17704,8 +17700,11 @@ func (v *CompositeValue) setBaseValue(interpreter *Interpreter, base *CompositeV
 		baseType = ty
 	}
 
-	authorization := attachmentBaseAuthorization(interpreter, v)
-	v.base = NewEphemeralReferenceValue(interpreter, authorization, base, baseType)
+	return NewEphemeralReferenceValue(interpreter, fnAuth, v.base, baseType)
+}
+
+func (v *CompositeValue) setBaseValue(interpreter *Interpreter, base *CompositeValue) {
+	v.base = base
 }
 
 func attachmentMemberName(ty sema.Type) string {
@@ -17776,6 +17775,7 @@ func (v *CompositeValue) forEachAttachmentFunction(interpreter *Interpreter, loc
 
 func attachmentBaseAuthorization(
 	interpreter *Interpreter,
+	fnAccess sema.Access,
 	attachment *CompositeValue,
 ) Authorization {
 	var auth Authorization = UnauthorizedAccess
@@ -17788,10 +17788,9 @@ func attachmentBaseAndSelfValues(
 	fnAccess sema.Access,
 	v *CompositeValue,
 ) (base *EphemeralReferenceValue, self *EphemeralReferenceValue) {
-	base = v.getBaseValue()
-
 	attachmentReferenceAuth := ConvertSemaAccessToStaticAuthorization(interpreter, fnAccess)
 
+	base = v.getBaseValue(interpreter, attachmentReferenceAuth)
 	// in attachment functions, self is a reference value
 	self = NewEphemeralReferenceValue(interpreter, attachmentReferenceAuth, v, interpreter.MustSemaTypeOfValue(v))