Add access control check for AuditTrail.update_metadata() and delete_record_lock

chrisgitiota · chrisgitiota · commit c029e29084e0 · 2025-12-23T18:39:24.000Z
diff --git a/audit-trail-move/sources/audit_trail.move b/audit-trail-move/sources/audit_trail.move
@@ -10,7 +10,7 @@
 module audit_trail::main;
 
 use audit_trail::capability::{Self, Capability};
-use audit_trail::locking::{Self, LockingConfig};
+use audit_trail::locking::{Self, LockingConfig, LockingWindow, set_delete_record_lock};
 use audit_trail::permission::{Self, Permission};
 use audit_trail::record::{Self, Record};
 use iota::clock::{Self, Clock};
@@ -217,8 +217,6 @@ public fun initial_admin_role_name(): String {
 /// Add a record to the trail
 ///
 /// Records are added sequentially with auto-assigned sequence numbers.
-///
-/// TODO: Add capability parameter and permission check once implemented
 public fun trail_add_record<D: store + copy>(
     trail: &mut AuditTrail<D>,
     cap: &Capability,
@@ -256,7 +254,7 @@ public fun trail_add_record<D: store + copy>(
 // ===== Locking =====
 
 /// Check if a record is locked (cannot be deleted)
-public fun is_record_locked<D: store + copy>(
+public fun trail_is_record_locked<D: store + copy>(
     trail: &AuditTrail<D>,
     sequence_number: u64,
     clock: &Clock,
@@ -276,22 +274,29 @@ public fun is_record_locked<D: store + copy>(
 }
 
 /// Update the locking configuration
-///
-/// TODO: Add capability parameter and permission check once implemented
-public fun update_locking_config<D: store + copy>(
+public fun trail_update_locking_config<D: store + copy>(
     trail: &mut AuditTrail<D>,
     cap: &Capability,
     new_config: LockingConfig,
     _ctx: &mut TxContext,
 ) {
-    // TODO: check_permission(trail, cap, &permissions::locking_update(), ctx);
+    assert!(trail.has_capability_permission(cap, &permission::update_locking_config()), EPermissionDenied);
     trail.locking_config = new_config;
 }
 
-// ===== Metadata =====
+/// Update the `delete_record_lock` locking configuration
+public fun trail_update_locking_config_for_delete_record<D: store + copy>(
+    trail: &mut AuditTrail<D>,
+    cap: &Capability,
+    new_delete_record_lock: LockingWindow,
+    _ctx: &mut TxContext,
+) {
+    assert!(trail.has_capability_permission(cap, &permission::update_locking_config_for_delete_record()), EPermissionDenied);
+    set_delete_record_lock(&mut trail.locking_config, new_delete_record_lock);
+}
 
 /// Update the trail's mutable metadata
-public fun update_metadata<D: store + copy>(
+public fun trail_update_metadata<D: store + copy>(
     trail: &mut AuditTrail<D>,
     cap: &Capability,
     new_metadata: Option<String>,
@@ -511,6 +516,10 @@ public use fun trail_name as AuditTrail.name;
 public use fun trail_description as AuditTrail.description;
 public use fun trail_metadata as AuditTrail.metadata;
 public use fun trail_locking_config as AuditTrail.locking_config;
+public use fun trail_update_locking_config as AuditTrail.update_locking_config;
+public use fun trail_is_record_locked as AuditTrail.is_record_locked;
+public use fun trail_update_locking_config_for_delete_record as AuditTrail.update_locking_config_for_delete_record;
+public use fun trail_update_metadata as AuditTrail.update_metadata;
 public use fun trail_is_empty as AuditTrail.is_empty;
 public use fun trail_first_sequence as AuditTrail.first_sequence;
 public use fun trail_last_sequence as AuditTrail.last_sequence;
diff --git a/audit-trail-move/sources/locking.move b/audit-trail-move/sources/locking.move
@@ -99,6 +99,13 @@ public fun delete_record_lock(config: &LockingConfig): &LockingWindow {
     &config.delete_record_lock
 }
 
+// ===== LockingConfig Setters =====
+
+/// Set the record deletion locking window
+public(package) fun set_delete_record_lock(config: &mut LockingConfig, window: LockingWindow) {
+    config.delete_record_lock = window;
+}
+
 // ===== Locking Logic (LockingWindow) =====
 
 /// Check if a record is locked based on time window
diff --git a/audit-trail-move/sources/permission.move b/audit-trail-move/sources/permission.move
@@ -22,11 +22,12 @@ public enum Permission has copy, drop, store {
 
 
     // --- Locking Config - Proposed role: `LockingAdmin` ---
-    /// Edit the delete_lock configuration for records
-    ConfigRecordDeleteLock,
-    /// Edit the delete_lock configuration for the whole Audit Trail
-    ConfigTrailDeleteLock,
-
+    /// Update the whole locking configuration
+    UpdateLockingConfig,
+    /// Update the delete_record_lock configuration which is part of the locking configuration
+    UpdateLockingConfigForDeleteRecord,
+    /// Update the delete_lock configuration for the whole Audit Trail
+    UpdateLockingConfigForDeleteTrail,
 
     // --- Role Management - Proposed role: `RoleAdmin` ---
     /// Add new roles with associated permissions
@@ -102,8 +103,9 @@ public fun record_admin_permissions(): VecSet<Permission> {
 /// Create permissions typical used for the `LockingAdmin` role
 public fun locking_admin_permissions(): VecSet<Permission> {
     let mut perms = vec_set::empty();
-    perms.insert(config_record_delete_lock());
-    perms.insert(config_trail_delete_lock());
+    perms.insert(update_locking_config());
+    perms.insert(update_locking_config_for_delete_trail());
+    perms.insert(update_locking_config_for_delete_record());
     perms
 }
 
@@ -154,14 +156,19 @@ public fun correct_record(): Permission {
     Permission::CorrectRecord
 }
 
-/// Returns a permission allowing to edit the delete_lock configuration for records
-public fun config_record_delete_lock(): Permission {
-    Permission::ConfigRecordDeleteLock
+/// Returns a permission allowing to update the whole locking configuration
+public fun update_locking_config(): Permission {
+    Permission::UpdateLockingConfig
+}
+
+/// Returns a permission allowing to update the delete_lock configuration for records
+public fun update_locking_config_for_delete_record(): Permission {
+    Permission::UpdateLockingConfigForDeleteRecord
 }
 
-/// Returns a permission allowing to edit the delete_lock configuration for the whole Audit Trail
-public fun config_trail_delete_lock(): Permission {
-    Permission::ConfigTrailDeleteLock
+/// Returns a permission allowing to update the delete_lock configuration for the whole Audit Trail
+public fun update_locking_config_for_delete_trail(): Permission {
+    Permission::UpdateLockingConfigForDeleteTrail
 }
 
 /// Returns a permission allowing to add new roles with associated permissions
