Implement resolve_pool function with oracle/admin authorization (#298)

Ndifreke000 · web-flow · commit 858d0c3c6684 · 2026-01-29T15:19:00.000+01:00
* Implement resolve_pool function with oracle/admin authorization

- Add Admin/Operator role-based authorization for pool resolution
- Validate pool state (exists, not resolved, ended, within resolution window)
- Validate outcome is within valid range (&lt; options_count)
- Calculate and store winning stakes
- Emit PoolResolvedEvent with resolution details
- Fix role references in tests (Oracle -&gt; Operator, User -&gt; Moderator)
- Simplify place_prediction authorization logic
- All acceptance criteria met

* Format code with cargo fmt
diff --git a/contract/contracts/predifi-contract/src/lib.rs b/contract/contracts/predifi-contract/src/lib.rs
@@ -27,13 +27,23 @@ pub struct FeeDistributedEvent {
     pub pool_id: u64,
     pub fee: i128,
 }
+
 #[contractevent]
 pub struct PoolCreatedEvent {
     pub pool_id: u64,
     pub creator: Address,
     pub end_time: u64,
 }
 
+#[contractevent]
+pub struct PoolResolvedEvent {
+    pub pool_id: u64,
+    pub outcome: u32,
+    pub resolver: Address,
+    pub total_stake: i128,
+    pub winning_stake: i128,
+}
+
 #[contracttype]
 #[derive(Clone)]
 pub struct Pool {
@@ -288,32 +298,40 @@ impl PredifiContract {
     /// # Arguments
     /// * `caller` - The address calling the function
     /// * `pool_id` - ID of the pool to resolve
-    /// * `outcome` - The winning outcome number
+    /// * `outcome` - The winning outcome number (0-indexed, must be < options_count)
     ///
     /// # Errors
     /// * `PoolNotFound` - If the pool doesn't exist
     /// * `PoolAlreadyResolved` - If the pool has already been resolved
     /// * `PoolNotExpired` - If the pool end time hasn't been reached
     /// * `ResolutionWindowExpired` - If the resolution window has passed
-    /// * `InsufficientPermissions` - If caller doesn't have Oracle role
+    /// * `InsufficientPermissions` - If caller doesn't have Admin or Operator role
+    /// * `InvalidOutcome` - If outcome is >= options_count
     pub fn resolve_pool(
         env: Env,
         caller: Address,
         pool_id: u64,
         outcome: u32,
     ) -> Result<(), PrediFiError> {
-        // Check if caller has Oracle role
+        // Require caller authentication
+        caller.require_auth();
+
+        // Check if caller has Admin or Operator role (oracle/admin authorization)
         let access_control_client = Self::get_access_control_client(&env);
-        if !access_control_client.has_role(&caller, &Role::Oracle) {
+        if !access_control_client.has_role(&caller, &Role::Admin)
+            && !access_control_client.has_role(&caller, &Role::Operator)
+        {
             return Err(PrediFiError::InsufficientPermissions);
         }
 
+        // Validate pool exists
         let mut pool: Pool = env
             .storage()
             .instance()
             .get(&DataKey::Pool(pool_id))
             .ok_or(PrediFiError::PoolNotFound)?;
 
+        // Validate pool is in correct state for resolution
         if pool.resolved {
             return Err(PrediFiError::PoolAlreadyResolved);
         }
@@ -330,8 +348,23 @@ impl PredifiContract {
             return Err(PrediFiError::ResolutionWindowExpired);
         }
 
+        // Validate outcome is within valid range
+        if outcome >= pool.options_count {
+            return Err(PrediFiError::InvalidOutcome);
+        }
+
+        // Set winning outcome
         pool.resolved = true;
         pool.outcome = outcome;
+
+        // Calculate total winning stake
+        let winning_stake: i128 = env
+            .storage()
+            .instance()
+            .get(&DataKey::OutcomeStake(pool_id, outcome))
+            .unwrap_or(0);
+
+        // Update pool status to resolved
         env.storage().instance().set(&DataKey::Pool(pool_id), &pool);
 
         // Calculate and store fee for this pool
@@ -350,6 +383,16 @@ impl PredifiContract {
             FeeCollectedEvent { pool_id, fee }.publish(&env);
         }
 
+        // Emit resolution event
+        PoolResolvedEvent {
+            pool_id,
+            outcome,
+            resolver: caller,
+            total_stake: pool.total_stake,
+            winning_stake,
+        }
+        .publish(&env);
+
         Ok(())
     }
 
@@ -368,7 +411,7 @@ impl PredifiContract {
     /// * `PredictionTooLate` - If pool has already ended
     /// * `PoolAlreadyResolved` - If pool is already resolved
     /// * `PredictionAlreadyExists` - If user already has a prediction on this pool
-    /// * `InsufficientPermissions` - If caller doesn't have User role or doesn't match user
+    /// * `InsufficientPermissions` - If caller doesn't match user
     pub fn place_prediction(
         env: Env,
         caller: Address,
@@ -377,9 +420,8 @@ impl PredifiContract {
         amount: i128,
         outcome: u32,
     ) -> Result<(), PrediFiError> {
-        // Check if caller has User role and matches the user address
-        let access_control_client = Self::get_access_control_client(&env);
-        if !access_control_client.has_role(&caller, &Role::User) || caller != user {
+        // Check if caller matches the user address
+        if caller != user {
             return Err(PrediFiError::InsufficientPermissions);
         }
 
diff --git a/contract/contracts/predifi-contract/src/test.rs b/contract/contracts/predifi-contract/src/test.rs
@@ -45,9 +45,9 @@ fn test_claim_winnings() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &creator, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-    access_control_client.assign_role(&creator, &user1, &access_control::Role::User);
-    access_control_client.assign_role(&creator, &user2, &access_control::Role::User);
+    access_control_client.assign_role(&creator, &creator, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+    access_control_client.assign_role(&creator, &user1, &access_control::Role::Moderator);
+    access_control_client.assign_role(&creator, &user2, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
@@ -96,8 +96,8 @@ fn test_double_claim() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &creator, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-    access_control_client.assign_role(&creator, &user1, &access_control::Role::User);
+    access_control_client.assign_role(&creator, &creator, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+    access_control_client.assign_role(&creator, &user1, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
@@ -140,7 +140,7 @@ fn test_claim_unresolved() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &user1, &access_control::Role::User);
+    access_control_client.assign_role(&creator, &user1, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
@@ -178,7 +178,7 @@ fn test_get_user_predictions() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &user, &access_control::Role::User);
+    access_control_client.assign_role(&creator, &user, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
@@ -227,9 +227,9 @@ fn test_claim_with_fees() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &creator, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-    access_control_client.assign_role(&creator, &user1, &access_control::Role::User);
-    access_control_client.assign_role(&creator, &user2, &access_control::Role::User);
+    access_control_client.assign_role(&creator, &creator, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+    access_control_client.assign_role(&creator, &user1, &access_control::Role::Moderator);
+    access_control_client.assign_role(&creator, &user2, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
@@ -270,8 +270,8 @@ fn test_resolve_pool_validation() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &creator, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-                                                                                          // Set access control contract in PrediFi
+    access_control_client.assign_role(&creator, &creator, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+                                                                                            // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
     let pool_id = client.create_pool(&creator, &100, &token_address, &category, &options);
@@ -347,7 +347,7 @@ fn test_place_prediction_validation() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &user, &access_control::Role::User);
+    access_control_client.assign_role(&creator, &user, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
@@ -385,8 +385,8 @@ fn test_resolve_empty_pool() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &creator, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-                                                                                          // Set access control contract in PrediFi
+    access_control_client.assign_role(&creator, &creator, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+                                                                                            // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
     let pool_id = client.create_pool(&creator, &100, &token, &category, &options);
@@ -416,8 +416,8 @@ fn test_resolution_window_expiry() {
     access_control_client.init(&creator);
     // Assign roles to test users
     access_control_client.assign_role(&creator, &creator, &access_control::Role::Admin);
-    access_control_client.assign_role(&creator, &creator, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-                                                                                          // Set access control contract in PrediFi
+    access_control_client.assign_role(&creator, &creator, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+                                                                                            // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
     let pool_id = client.create_pool(&creator, &100, &token, &category, &options);
@@ -469,8 +469,8 @@ fn test_fee_precision_small_amounts() {
     access_control_client.init(&user);
     // Assign roles to test users
     access_control_client.assign_role(&user, &user, &access_control::Role::Admin);
-    access_control_client.assign_role(&user, &user, &access_control::Role::Oracle); // Add Oracle role for resolve_pool
-    access_control_client.assign_role(&user, &user, &access_control::Role::User);
+    access_control_client.assign_role(&user, &user, &access_control::Role::Operator); // Add Oracle role for resolve_pool
+    access_control_client.assign_role(&user, &user, &access_control::Role::Moderator);
     // Set access control contract in PrediFi
     client.set_access_control(&access_control_contract_id);
 
diff --git a/contract/contracts/predifi-contract/test_snapshots/test/test_claim_winnings.1.json b/contract/contracts/predifi-contract/test_snapshots/test/test_claim_winnings.1.json
@@ -309,7 +309,31 @@
       ]
     ],
     [],
-    [],
+    [
+      [
+        "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDR4",
+        {
+          "function": {
+            "contract_fn": {
+              "contract_address": "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2KM",
+              "function_name": "resolve_pool",
+              "args": [
+                {
+                  "address": "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDR4"
+                },
+                {
+                  "u64": "0"
+                },
+                {
+                  "u32": 1
+                }
+              ]
+            }
+          },
+          "sub_invocations": []
+        }
+      ]
+    ],
     [
       [
         "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITA4",
@@ -829,7 +853,7 @@
             "contract": "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITA4",
             "key": {
               "ledger_key_nonce": {
-                "nonce": "115220454072064130"
+                "nonce": "3126073502131104533"
               }
             },
             "durability": "temporary"
@@ -844,7 +868,7 @@
                 "contract": "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITA4",
                 "key": {
                   "ledger_key_nonce": {
-                    "nonce": "115220454072064130"
+                    "nonce": "3126073502131104533"
                   }
                 },
                 "durability": "temporary",
@@ -922,6 +946,39 @@
           6311999
         ]
       ],
+      [
+        {
+          "contract_data": {
+            "contract": "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDR4",
+            "key": {
+              "ledger_key_nonce": {
+                "nonce": "115220454072064130"
+              }
+            },
+            "durability": "temporary"
+          }
+        },
+        [
+          {
+            "last_modified_ledger_seq": 0,
+            "data": {
+              "contract_data": {
+                "ext": "v0",
+                "contract": "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDR4",
+                "key": {
+                  "ledger_key_nonce": {
+                    "nonce": "115220454072064130"
+                  }
+                },
+                "durability": "temporary",
+                "val": "void"
+              }
+            },
+            "ext": "v0"
+          },
+          6311999
+        ]
+      ],
       [
         {
           "contract_data": {
diff --git a/contract/contracts/predifi-contract/test_snapshots/test/test_double_claim.1.json b/contract/contracts/predifi-contract/test_snapshots/test/test_double_claim.1.json
