feat: adjusted lendingpool permissions

2024-07-29 21:47:30 +00:00 · 2021-05-20 17:08:33 +02:00 · 2021-05-20 17:08:33 +02:00 · f2e8c2337d
commit f2e8c2337d
parent 42c6123697
5 changed files with 109 additions and 13 deletions
--- a/contracts/misc/PermissionedWETHGateway.sol
+++ b/contracts/misc/PermissionedWETHGateway.sol
@ -0,0 +1,83 @@
+// SPDX-License-Identifier: agpl-3.0
+pragma solidity 0.6.12;
+pragma experimental ABIEncoderV2;
+
+import {Ownable} from '../dependencies/openzeppelin/contracts/Ownable.sol';
+import {IERC20} from '../dependencies/openzeppelin/contracts/IERC20.sol';
+import {IWETH} from './interfaces/IWETH.sol';
+import {WETHGateway} from './WETHGateway.sol';
+import {ILendingPool} from '../interfaces/ILendingPool.sol';
+import {IAToken} from '../interfaces/IAToken.sol';
+import {ReserveConfiguration} from '../protocol/libraries/configuration/ReserveConfiguration.sol';
+import {UserConfiguration} from '../protocol/libraries/configuration/UserConfiguration.sol';
+import {Helpers} from '../protocol/libraries/helpers/Helpers.sol';
+import {DataTypes} from '../protocol/libraries/types/DataTypes.sol';
+import {IPermissionManager} from '../interfaces/IPermissionManager.sol';
+import {ILendingPoolAddressesProvider} from '../interfaces/ILendingPoolAddressesProvider.sol';
+import {Errors} from '../protocol/libraries/helpers/Errors.sol';
+
+contract PermissionedWETHGateway is WETHGateway {
+  /**
+   * @dev Sets the WETH address and the LendingPoolAddressesProvider address. Infinite approves lending pool.
+   * @param weth Address of the Wrapped Ether contract
+   **/
+  constructor(address weth) public WETHGateway(weth) {}
+
+  /**
+   * @dev deposits WETH into the reserve, using native ETH. A corresponding amount of the overlying asset (aTokens)
+   * is minted.
+   * @param lendingPool address of the targeted underlying lending pool
+   * @param onBehalfOf address of the user who will receive the aTokens representing the deposit
+   * @param referralCode integrators are assigned a referral code and can potentially receive rewards.
+   **/
+  function depositETH(
+    address lendingPool,
+    address onBehalfOf,
+    uint16 referralCode
+  ) public payable override {
+    ILendingPool pool = ILendingPool(lendingPool);
+
+    require(_isDepositorOrBorrowerOrLiquidator(msg.sender, pool), Errors.USER_UNAUTHORIZED);
+
+    super.depositETH(lendingPool, onBehalfOf, referralCode);
+  }
+
+  /**
+   * @dev repays a borrow on the WETH reserve, for the specified amount (or for the whole amount, if uint256(-1) is specified).
+   * @param lendingPool address of the targeted underlying lending pool
+   * @param amount the amount to repay, or uint256(-1) if the user wants to repay everything
+   * @param rateMode the rate mode to repay
+   * @param onBehalfOf the address for which msg.sender is repaying
+   */
+  function repayETH(
+    address lendingPool,
+    uint256 amount,
+    uint256 rateMode,
+    address onBehalfOf
+  ) public payable override {
+    ILendingPool pool = ILendingPool(lendingPool);
+
+    require(_isDepositorOrBorrowerOrLiquidator(msg.sender, pool), Errors.USER_UNAUTHORIZED);
+    super.repayETH(lendingPool, amount, rateMode, onBehalfOf);
+  }
+
+
+  function _isDepositorOrBorrowerOrLiquidator(address user, ILendingPool pool)
+    internal
+    view
+    returns (bool)
+  {
+    ILendingPoolAddressesProvider provider =
+      ILendingPoolAddressesProvider(pool.getAddressesProvider());
+    IPermissionManager manager =
+      IPermissionManager(provider.getAddress(keccak256('PERMISSION_MANAGER')));
+
+    uint256[] memory roles = new uint256[](3);
+
+    roles[0] = uint256(DataTypes.Roles.DEPOSITOR);
+    roles[1] = uint256(DataTypes.Roles.BORROWER);
+    roles[2] = uint256(DataTypes.Roles.LIQUIDATOR);
+
+    return manager.isInAnyRole(msg.sender, roles);
+  }
+}
--- a/contracts/misc/WETHGateway.sol
+++ b/contracts/misc/WETHGateway.sol
@ -42,7 +42,7 @@ contract WETHGateway is IWETHGateway, Ownable {
    address lendingPool,
    address onBehalfOf,
    uint16 referralCode
-  ) external payable override {
+  ) public payable virtual override {
    WETH.deposit{value: msg.value}();
    ILendingPool(lendingPool).deposit(address(WETH), msg.value, onBehalfOf, referralCode);
  }
@ -57,7 +57,7 @@ contract WETHGateway is IWETHGateway, Ownable {
    address lendingPool,
    uint256 amount,
    address to
-  ) external override {
+  ) external virtual override {
    IAToken aWETH = IAToken(ILendingPool(lendingPool).getReserveData(address(WETH)).aTokenAddress);
    uint256 userBalance = aWETH.balanceOf(msg.sender);
    uint256 amountToWithdraw = amount;
@ -84,7 +84,7 @@ contract WETHGateway is IWETHGateway, Ownable {
    uint256 amount,
    uint256 rateMode,
    address onBehalfOf
-  ) external payable override {
+  ) public payable virtual override {
    (uint256 stableDebt, uint256 variableDebt) =
      Helpers.getUserCurrentDebtMemory(
        onBehalfOf,
@ -119,7 +119,7 @@ contract WETHGateway is IWETHGateway, Ownable {
    uint256 amount,
    uint256 interesRateMode,
    uint16 referralCode
-  ) external override {
+  ) external virtual override {
    ILendingPool(lendingPool).borrow(
      address(WETH),
      amount,
--- a/contracts/protocol/configuration/PermissionManager.sol
+++ b/contracts/protocol/configuration/PermissionManager.sol
@ -120,7 +120,7 @@ contract PermissionManager is IPermissionManager, Ownable {
  }

  ///@inheritdoc IPermissionManager
-  function isInAnyRole(address account, uint256[] calldata roles) public view override returns (bool) {
+  function isInAnyRole(address account, uint256[] calldata roles) external view override returns (bool) {
  
    for(uint256 i=0; i<roles.length; i++){
      if((_permissions[account] >> roles[i]) & 1 > 0){
--- a/contracts/protocol/lendingpool/PermissionedLendingPool.sol
+++ b/contracts/protocol/lendingpool/PermissionedLendingPool.sol
@ -17,7 +17,11 @@ contract PermissionedLendingPool is LendingPool {
  bytes32 public constant PERMISSION_MANAGER = keccak256('PERMISSION_MANAGER');

  modifier onlyDepositors(address user) {
-    require(_isInRole(msg.sender, DataTypes.Roles.DEPOSITOR), Errors.DEPOSITOR_UNAUTHORIZED);
+    require(
+      _isDepositorOrBorrowerOrLiquidator(msg.sender) &&
+        ((user == msg.sender) || _isInRole(user, DataTypes.Roles.DEPOSITOR)),
+      Errors.DEPOSITOR_UNAUTHORIZED
+    );
    _;
  }

@ -32,12 +36,7 @@ contract PermissionedLendingPool is LendingPool {
  }

  modifier onlyDepositorsOrBorrowersOrLiquidators {
-    require(
-      _isInRole(msg.sender, DataTypes.Roles.DEPOSITOR) ||
-        _isInRole(msg.sender, DataTypes.Roles.BORROWER) ||
-        _isInRole(msg.sender, DataTypes.Roles.LIQUIDATOR),
-      Errors.REPAYER_UNAUTHORIZED
-    );
+    require(_isDepositorOrBorrowerOrLiquidator(msg.sender), Errors.USER_UNAUTHORIZED);
    _;
  }

@ -269,4 +268,18 @@ contract PermissionedLendingPool is LendingPool {
        uint256(role)
      );
  }
+
+  function _isDepositorOrBorrowerOrLiquidator(address user) internal view returns (bool) {
+    uint256[] memory roles = new uint256[](3);
+
+    roles[0] = uint256(DataTypes.Roles.DEPOSITOR);
+    roles[1] = uint256(DataTypes.Roles.BORROWER);
+    roles[2] = uint256(DataTypes.Roles.LIQUIDATOR);
+
+    return
+      IPermissionManager(_addressesProvider.getAddress(PERMISSION_MANAGER)).isInAnyRole(
+        user,
+        roles
+      );
+  }
 }
--- a/contracts/protocol/libraries/helpers/Errors.sol
+++ b/contracts/protocol/libraries/helpers/Errors.sol
@ -107,7 +107,7 @@ library Errors {
  string public constant BORROWER_UNAUTHORIZED = '82';
  string public constant LIQUIDATOR_UNAUTHORIZED = '83';
  string public constant CALLER_NOT_STABLE_RATE_MANAGER = '84';
-  string public constant REPAYER_UNAUTHORIZED = '85';
+  string public constant USER_UNAUTHORIZED = '85';

  enum CollateralManagerErrors {
    NO_ERROR,