Skip to content

serviceability: authorize contributor instructions via Permission accounts#3978

Open
juan-malbeclabs wants to merge 2 commits into
mainfrom
perm-contributor
Open

serviceability: authorize contributor instructions via Permission accounts#3978
juan-malbeclabs wants to merge 2 commits into
mainfrom
perm-contributor

Conversation

@juan-malbeclabs

@juan-malbeclabs juan-malbeclabs commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Summary

Gate Contributor instructions (create, update, suspend, resume, delete) on the CONTRIBUTOR_ADMIN flag via authorize(). Behavior is preserved: the legacy foundation-allowlist check still authorizes while RequirePermissionAccounts is off, and the contributor owner retains the ops-manager-only update path.

One PR per domain in the incremental Permission-system rollout. See smartcontract/programs/doublezero-serviceability/PERMISSION.md.

Testing Verification

  • New CONTRIBUTOR_ADMIN permission-account test plus the existing test_contributor coverage (owner ops-manager update, non-owner rejection).
  • cargo test -p doublezero-serviceability, cargo test -p doublezero_sdk, make rust-lint pass.

Permission migration series

One of 8 per-domain PRs migrating serviceability instructions to the Permission (authorize()) system. The branches partition the change set with no overlap and can be reviewed and merged independently (only the CHANGELOG entry conflicts trivially).

PR Domain Flag(s)
#3977 Governance (globalstate/globalconfig/allowlists) GLOBALSTATE_ADMIN
#3978 Contributor CONTRIBUTOR_ADMIN ← this PR
#3979 Infra (location/exchange) INFRA_ADMIN
#3980 Devices + interfaces NETWORK_ADMIN, HEALTH_ORACLE
#3981 Links NETWORK_ADMIN, HEALTH_ORACLE
#3982 Multicast MULTICAST_ADMIN, ACCESS_PASS_ADMIN
#3983 Tenant TENANT_ADMIN
#3984 User (update / check_access_pass / check_status) USER_ADMIN, ACTIVATOR

…ounts

Migrate Contributor create/update/suspend/resume/delete to authorize() with
the CONTRIBUTOR_ADMIN flag. Behavior preserved via the legacy foundation
fallback; the contributor owner still retains the ops-manager-only update path.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant