refactor(snaps-rpc-methods)!: Use messenger for permitted methods#3987
refactor(snaps-rpc-methods)!: Use messenger for permitted methods#3987FrederikBolding wants to merge 17 commits intomainfrom
Conversation
| /** | ||
| * @returns All installed Snaps. | ||
| */ | ||
| getAllSnaps: () => Promise<GetSnapsResult>; |
There was a problem hiding this comment.
Turns out the types here have always been wrong
| * file does not exist. | ||
| */ | ||
| export type GetFileResult = string; | ||
| export type GetFileResult = string | null; |
There was a problem hiding this comment.
This has always been possible, but the type was wrong.
FrederikBolding
changed the base branch from
main
to
fb/restricted-methods-messenger
FrederikBolding
force-pushed
the
fb/refactor-permitted-methods
branch
from
41732f0 to
84d1229
Compare
FrederikBolding
changed the title
| import { updateInterfaceHandler } from './updateInterface'; | ||
|
|
||
| /* eslint-disable @typescript-eslint/naming-convention */ | ||
| const methodHandlers = { |
There was a problem hiding this comment.
TypeScript failed to generate declarations for this, but we don't actually need to export it, so I moved it here and stopped exporting.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3987 +/- ##
=======================================
Coverage 98.58% 98.58%
=======================================
Files 427 425 -2
Lines 12400 12360 -40
Branches 1948 1948
=======================================
- Hits 12224 12185 -39
+ Misses 176 175 -1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 644d708. Configure here.
FrederikBolding
force-pushed
the
fb/refactor-permitted-methods
branch
2 times, most recently
from
8d8aceb to
0e1747b
Compare
| const response = await engine.handle({ | ||
| jsonrpc: '2.0', | ||
| id: 1, | ||
| method: 'snap_updateInterface', |
There was a problem hiding this comment.
Some of the tests were not correctly nested under the describe() which results in some whitespace changes. Likely easier to review with whitespace off.
| origin, | ||
| params.path, | ||
| params.encoding ?? AuxiliaryFileEncoding.Base64, | ||
| (params.encoding as AuxiliaryFileEncoding) ?? |
There was a problem hiding this comment.
How come this isn't typed properly anymore? Or was the hook not as strict?
There was a problem hiding this comment.
The hook used InferredGetFileParams, which makes the enum a union: https://github.com/MetaMask/snaps-skunkworks/blob/fb/refactor-permitted-methods/packages/snaps-sdk/src/types/methods/get-file.ts#L25
The controller expects the union type.
| hooks: PermittedRpcMethodHooks, | ||
| messenger: Messenger<string, PermittedRpcMethodActions>, | ||
| ): JsonRpcMiddleware<JsonRpcParams, Json> { | ||
| // This is not actually a misused promise, the type is just wrong |
There was a problem hiding this comment.
This comment still seems accurate, no?
There was a problem hiding this comment.
Maybe? I don't think I understand why the linter thinks this is a misused promise.
| * @param origin - The origin to set on the request. | ||
| * @returns The middleware. | ||
| */ | ||
| export function createOriginMiddleware(origin: string) { |
There was a problem hiding this comment.
Can we use the one from json-rpc-engine?
There was a problem hiding this comment.
Yes, I added this before going back to add it to core. I have yet to release core though.
FrederikBolding
force-pushed
the
fb/refactor-permitted-methods
branch
from
7bdac91 to
3d46203
Compare
2 participants
Migrate the permitted method handlers to use the
messengerwhere applicable.https://consensyssoftware.atlassian.net/browse/WPC-995
Note
Medium Risk
Refactors many permitted RPC method handlers to route permission checks and side effects through controller
messenger.callactions, which could subtly change authorization, origin handling, or return types if any action wiring is incorrect.Overview
Migrates permitted RPC method handlers in
snaps-rpc-methodsfrom hook-based implementations to messenger-driven controller actions, adding explicitactionNamesand usingmessenger.call(...)for permission checks and operations like state access, cronjob/websocket management, UI interface operations, and Snap invocation.Updates the permitted middleware/schema plumbing to source handlers from
src/permitted/middleware.ts, adjusts public exports (droppingpermittedMethods/selectHooks), and rewrites unit tests to inject origin viacreateOriginMiddlewareplusMockControllerMessenger. Also includes small follow-ups: tightensnap_getFileexample snap parsing with anassert, refresh the example manifest shasum, and bump Jest coverage thresholds.Reviewed by Cursor Bugbot for commit 7bb3579. Bugbot is set up for automated code reviews on this repo. Configure here.