Ensure ritual is finalized before check for authorization.

nucypher · Sep 13, 2023 · 3b70a7c · 3b70a7c
1 parent 6f1bee4
commit 3b70a7c
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/contracts/contracts/coordination/Coordinator.sol b/contracts/contracts/coordination/Coordinator.sol
@@ -412,6 +412,7 @@ contract Coordinator is AccessControlDefaultAdminRules, FlatRateFeeModel {
         bytes memory ciphertextHeader
     ) external view returns (bool) {
         Ritual storage ritual = rituals[ritualId];
+        require(getRitualState(ritual) == RitualState.FINALIZED, "Ritual not finalized");
         return ritual.accessController.isAuthorized(ritualId, evidence, ciphertextHeader);
     }
 

diff --git a/tests/test_coordinator.py b/tests/test_coordinator.py
@@ -385,7 +385,6 @@ def test_authorize_using_global_allow_list(
 
     # Not authorized
     assert not global_allow_list.isAuthorized(0, bytes(signature), bytes(digest))
-    assert not coordinator.isEncryptionAuthorized(0, bytes(signature), bytes(digest))
 
     # Negative test cases for authorization
     with ape.reverts("Only ritual authority is permitted"):
@@ -394,6 +393,9 @@ def test_authorize_using_global_allow_list(
     with ape.reverts("Only active rituals can add authorizations"):
         global_allow_list.authorize(0, [deployer.address], sender=initiator)
 
+    with ape.reverts("Ritual not finalized"):
+        coordinator.isEncryptionAuthorized(0, bytes(signature), bytes(digest))
+
     # Finalize ritual
     transcript = os.urandom(transcript_size(len(nodes), len(nodes)))
     for node in nodes: