Several functions have inconsistent or missing access control, and some validation logic has potential issues.
Problems Identified
attendee_event_details() only checks caller's registration but doesn't validate if caller should access that specific event
Functions like attendees_registered() and event_registration_count() only check ownership but don't validate event exists
Missing validation in some functions for zero event IDs
Current Code Issues
In attendee_event_details() - potential issue
let register_event_id = self.event_registrations.read(get_caller_address());
assert(event_id == register_event_id, 'different event_id');
// This only checks if caller registered for ANY event, not THIS event
Acceptance Criteria
Add event existence validation helper function
Fix access control in attendee_event_details()
Add proper validation for all event query functions
Implement consistent error handling patterns
Add tests for edge cases and access control scenarios
Several functions have inconsistent or missing access control, and some validation logic has potential issues.
Problems Identified
attendee_event_details() only checks caller's registration but doesn't validate if caller should access that specific event
Functions like attendees_registered() and event_registration_count() only check ownership but don't validate event exists
Missing validation in some functions for zero event IDs
Current Code Issues
In attendee_event_details() - potential issue
let register_event_id = self.event_registrations.read(get_caller_address());
assert(event_id == register_event_id, 'different event_id');
// This only checks if caller registered for ANY event, not THIS event
Acceptance Criteria
Add event existence validation helper function
Fix access control in attendee_event_details()
Add proper validation for all event query functions
Implement consistent error handling patterns
Add tests for edge cases and access control scenarios