NAC_Blockchain/nac-constitution-state/src/upgrade.rs

//! 宪法升级验证模块

use crate::{ConstitutionVersion, Result, Error};
use nac_udm::primitives::Address;
use std::collections::HashSet;

/// 升级验证器
pub struct UpgradeValidator {
    /// 授权地址列表
    authorized_addresses: HashSet<Address>,
    /// 最小升级间隔（区块数）
    min_upgrade_interval: u64,
    /// 最小条款增量
    min_clause_increment: u64,
}

impl UpgradeValidator {
    /// 创建新的升级验证器
    pub fn new() -> Self {
        Self {
            authorized_addresses: HashSet::new(),
            min_upgrade_interval: 1000, // 默认1000个区块
            min_clause_increment: 0,    // 默认允许减少条款
        }
    }

    /// 添加授权地址
    pub fn add_authorized_address(&mut self, address: Address) {
        self.authorized_addresses.insert(address);
    }

    /// 移除授权地址
    pub fn remove_authorized_address(&mut self, address: &Address) {
        self.authorized_addresses.remove(address);
    }

    /// 检查地址是否授权
    pub fn is_authorized(&self, address: &Address) -> bool {
        self.authorized_addresses.contains(address)
    }

    /// 验证权限
    pub fn validate_permission(&self, address: &Address) -> Result<()> {
        if !self.is_authorized(address) {
            return Err(Error::Unauthorized(*address));
        }
        Ok(())
    }

    /// 验证升级
    pub fn validate_upgrade(
        &self,
        current: &ConstitutionVersion,
        new: &ConstitutionVersion,
    ) -> Result<()> {
        // 验证版本号递增
        if new.version <= current.version {
            return Err(Error::InvalidUpgrade(
                format!("新版本号({})必须大于当前版本号({})", new.version, current.version)
            ));
        }

        // 验证生效高度
        if new.effective_from <= current.effective_from {
            return Err(Error::InvalidUpgrade(
                format!("新版本生效高度({})必须大于当前版本生效高度({})", 
                    new.effective_from, current.effective_from)
            ));
        }

        // 验证升级间隔
        let interval = new.effective_from - current.effective_from;
        if interval < self.min_upgrade_interval {
            return Err(Error::InvalidUpgrade(
                format!("升级间隔({})小于最小间隔({})", interval, self.min_upgrade_interval)
            ));
        }

        // 验证条款数量
        if self.min_clause_increment > 0 {
            if new.clause_count < current.clause_count + self.min_clause_increment {
                return Err(Error::InvalidUpgrade(
                    format!("条款数量增量不足，至少需要增加{}", self.min_clause_increment)
                ));
            }
        }

        // 验证宪法哈希不同
        if new.constitution_hash == current.constitution_hash {
            return Err(Error::InvalidUpgrade(
                "新版本宪法哈希与当前版本相同".to_string()
            ));
        }

        Ok(())
    }

    /// 设置最小升级间隔
    pub fn set_min_upgrade_interval(&mut self, interval: u64) {
        self.min_upgrade_interval = interval;
    }

    /// 设置最小条款增量
    pub fn set_min_clause_increment(&mut self, increment: u64) {
        self.min_clause_increment = increment;
    }

    /// 获取最小升级间隔
    pub fn get_min_upgrade_interval(&self) -> u64 {
        self.min_upgrade_interval
    }

    /// 获取最小条款增量
    pub fn get_min_clause_increment(&self) -> u64 {
        self.min_clause_increment
    }
}

impl Default for UpgradeValidator {
    fn default() -> Self {
        Self::new()
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use nac_udm::primitives::Hash;

    fn create_test_version(version: u64, effective_from: u64, clause_count: u64) -> ConstitutionVersion {
        let mut hash_bytes = [0u8; 48];
        hash_bytes[0] = version as u8;
        ConstitutionVersion::new(
            version,
            Hash::from_slice(&hash_bytes).unwrap(),
            effective_from,
            clause_count,
            version * 100,
            Address::zero(),
            format!("Version {}", version),
        )
    }

    #[test]
    fn test_authorization() {
        let mut validator = UpgradeValidator::new();
        let address = Address::zero();
        
        assert!(!validator.is_authorized(&address));
        validator.add_authorized_address(address);
        assert!(validator.is_authorized(&address));
        validator.remove_authorized_address(&address);
        assert!(!validator.is_authorized(&address));
    }

    #[test]
    fn test_validate_permission() {
        let mut validator = UpgradeValidator::new();
        let address = Address::zero();
        
        assert!(validator.validate_permission(&address).is_err());
        validator.add_authorized_address(address);
        assert!(validator.validate_permission(&address).is_ok());
    }

    #[test]
    fn test_validate_upgrade_version_increment() {
        let validator = UpgradeValidator::new();
        let current = create_test_version(1, 1000, 10);
        let new = create_test_version(1, 2000, 10); // 版本号相同
        
        assert!(validator.validate_upgrade(&current, &new).is_err());
    }

    #[test]
    fn test_validate_upgrade_interval() {
        let mut validator = UpgradeValidator::new();
        validator.set_min_upgrade_interval(1000);
        
        let current = create_test_version(1, 1000, 10);
        let new = create_test_version(2, 1500, 10); // 间隔只有500
        
        assert!(validator.validate_upgrade(&current, &new).is_err());
    }

    #[test]
    fn test_validate_upgrade_success() {
        let validator = UpgradeValidator::new();
        let current = create_test_version(1, 1000, 10);
        let new = create_test_version(2, 3000, 15);
        
        assert!(validator.validate_upgrade(&current, &new).is_ok());
    }
}