Access control tests

README.md

@@ -179,7 +179,7 @@ FlowALP/
 
 - `FungibleToken.Vault`: Standard token operations
 - `DeFiActions.Sink/Source`: DeFi protocol composability
-- Entitlements: `FlowALPv0.EParticipant`, `FlowALPv0.EPosition`, `FlowALPv0.EGovernance`, `FlowALPv0.ERebalance`
+- Entitlements: `FlowALPModels.EParticipant`, `FlowALPModels.EPosition`, `FlowALPModels.EGovernance`, `FlowALPModels.ERebalance`
 
 ## 🛠️ Development
 

cadence/scripts/flow-alp/position_max_health.cdc

@@ -0,0 +1,14 @@
+import "FlowALPv0"
+import "FlowALPPositionResources"
+
+/// Returns the maximum health for the given position.
+///
+/// @param positionOwner: The account address that holds the PositionManager
+/// @param pid:           The position ID
+access(all)
+fun main(positionOwner: Address, pid: UInt64): UFix64 {
+    let manager = getAccount(positionOwner).capabilities
+        .borrow<&FlowALPPositionResources.PositionManager>(FlowALPv0.PositionPublicPath)
+        ?? panic("Could not borrow PositionManager from \(positionOwner) at \(FlowALPv0.PositionPublicPath)")
+    return manager.borrowPosition(pid: pid).getMaxHealth()
+}

cadence/scripts/flow-alp/position_min_health.cdc

@@ -0,0 +1,14 @@
+import "FlowALPv0"
+import "FlowALPPositionResources"
+
+/// Returns the minimum health for the given position.
+///
+/// @param positionOwner: The account address that holds the PositionManager
+/// @param pid:           The position ID
+access(all)
+fun main(positionOwner: Address, pid: UInt64): UFix64 {
+    let manager = getAccount(positionOwner).capabilities
+        .borrow<&FlowALPPositionResources.PositionManager>(FlowALPv0.PositionPublicPath)
+        ?? panic("Could not borrow PositionManager from \(positionOwner) at \(FlowALPv0.PositionPublicPath)")
+    return manager.borrowPosition(pid: pid).getMinHealth()
+}

cadence/scripts/flow-alp/position_target_health.cdc

@@ -0,0 +1,14 @@
+import "FlowALPv0"
+import "FlowALPPositionResources"
+
+/// Returns the target health for the given position.
+///
+/// @param positionOwner: The account address that holds the PositionManager
+/// @param pid:           The position ID
+access(all)
+fun main(positionOwner: Address, pid: UInt64): UFix64 {
+    let manager = getAccount(positionOwner).capabilities
+        .borrow<&FlowALPPositionResources.PositionManager>(FlowALPv0.PositionPublicPath)
+        ?? panic("Could not borrow PositionManager from \(positionOwner) at \(FlowALPv0.PositionPublicPath)")
+    return manager.borrowPosition(pid: pid).getTargetHealth()
+}

cadence/tests/adversarial_recursive_withdraw_source_test.cdc

@@ -120,7 +120,7 @@ fun testRecursiveWithdrawSource() {
     // In this test, the topUpSource behavior is adversarial: it attempts to re-enter
     // the pool during the pull/deposit flow. We expect the transaction to fail.
     let withdrawRes = executeTransaction(
-        "./transactions/flow-alp/pool-management/withdraw_from_position.cdc",
+        "./transactions/flow-alp/epositionadmin/withdraw_from_position.cdc",
         [positionID, flowTokenIdentifier, 1500.0, true], // pullFromTopUpSource: true
         userAccount
     )

cadence/tests/adversarial_type_spoofing_test.cdc

@@ -59,7 +59,7 @@ fun testMaliciousSource() {
 
     // withdraw 1337 Flow from the position
     let withdrawRes = executeTransaction(
-        "./transactions/flow-alp/pool-management/withdraw_from_position.cdc",
+        "./transactions/flow-alp/epositionadmin/withdraw_from_position.cdc",
         [1 as UInt64, flowTokenIdentifier, 1337.0, true],
         hackerAccount
     )

cadence/tests/async_update_position_test.cdc

@@ -41,7 +41,7 @@ fun testUpdatePosition() {
     depositToPosition(signer: user, positionID: 0, amount: 600.0, vaultStoragePath: FLOW_VAULT_STORAGE_PATH, pushToDrawDownSink: false)
 
     let updatePositionRes = _executeTransaction(
-        "./transactions/flow-alp/pool-management/async_update_position.cdc",
+        "./transactions/flow-alp/eimplementation/async_update_position.cdc",
         [ 0 as UInt64 ],
         PROTOCOL_ACCOUNT
     )