Instadapp/dsa-connectors
1
0
Fork 0
mirror of https://github.com/Instadapp/dsa-connectors.git synced 2024-07-29 22:37:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: 🎸 access controller -> mapping controller bytes32 -> addr

Browse Source
This commit is contained in:
Daksh Miglani 2021-05-10 14:19:45 +05:30
parent 66f1a7cc6e
commit e3eddd093a
4 changed files with 67 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
contracts/mapping/InstaAccessControl.sol → contracts/mapping/InstaMappingController.sol
View File

@ -10,11 +10,11 @@ interface IndexInterface {
function master() external view returns (address); function master() external view returns (address);
} }
contract InstaAccessControl is Context { contract InstaMappingController is Context {
using EnumerableSet for EnumerableSet.AddressSet; using EnumerableSet for EnumerableSet.AddressSet;
using Address for address; using Address for address;
mapping(bytes32 => EnumerableSet.AddressSet) private _roles; mapping(address => EnumerableSet.AddressSet) private _roles;
IndexInterface public constant instaIndex = IndexInterface public constant instaIndex =
IndexInterface(0x2971AdFa57b20E5a416aE5a708A8655A9c74f723); IndexInterface(0x2971AdFa57b20E5a416aE5a708A8655A9c74f723);
@ -22,7 +22,7 @@ contract InstaAccessControl is Context {
/** /**
* @dev Emitted when `account` is granted `role`. * @dev Emitted when `account` is granted `role`.
*/ */
event RoleGranted(bytes32 indexed role, address indexed account); event RoleGranted(address indexed role, address indexed account);
/** /**
* @dev Emitted when `account` is revoked `role`. * @dev Emitted when `account` is revoked `role`.
@ -32,7 +32,7 @@ contract InstaAccessControl is Context {
* - if using `renounceRole`, it is the role bearer (i.e. `account`) * - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/ */
event RoleRevoked( event RoleRevoked(
bytes32 indexed role, address indexed role,
address indexed account, address indexed account,
address indexed sender address indexed sender
); );
@ -40,7 +40,7 @@ contract InstaAccessControl is Context {
modifier onlyMaster { modifier onlyMaster {
require( require(
instaIndex.master() == _msgSender(), instaIndex.master() == _msgSender(),
"AccessControl: sender must be master" "MappingController: sender must be master"
); );
_; _;
} }
@ -48,7 +48,7 @@ contract InstaAccessControl is Context {
/** /**
* @dev Returns `true` if `account` has been granted `role`. * @dev Returns `true` if `account` has been granted `role`.
*/ */
function hasRole(bytes32 role, address account) public view returns (bool) { function hasRole(address role, address account) public view returns (bool) {
return _roles[role].contains(account); return _roles[role].contains(account);
} }
@ -56,7 +56,7 @@ contract InstaAccessControl is Context {
* @dev Returns the number of accounts that have `role`. Can be used * @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role. * together with {getRoleMember} to enumerate all bearers of a role.
*/ */
function getRoleMemberCount(bytes32 role) public view returns (uint256) { function getRoleMemberCount(address role) public view returns (uint256) {
return _roles[role].length(); return _roles[role].length();
} }
@ -72,7 +72,7 @@ contract InstaAccessControl is Context {
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post] * https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information. * for more information.
*/ */
function getRoleMember(bytes32 role, uint256 index) function getRoleMember(address role, uint256 index)
public public
view view
returns (address) returns (address)
@ -90,7 +90,7 @@ contract InstaAccessControl is Context {
* *
* - the caller must be the master. * - the caller must be the master.
*/ */
function grantRole(bytes32 role, address account) function grantRole(address role, address account)
public public
virtual virtual
onlyMaster onlyMaster
@ -107,7 +107,7 @@ contract InstaAccessControl is Context {
* *
* - the caller must be the master. * - the caller must be the master.
*/ */
function revokeRole(bytes32 role, address account) function revokeRole(address role, address account)
public public
virtual virtual
onlyMaster onlyMaster
@ -129,10 +129,10 @@ contract InstaAccessControl is Context {
* *
* - the caller must be `account`. * - the caller must be `account`.
*/ */
function renounceRole(bytes32 role, address account) public virtual { function renounceRole(address role, address account) public virtual {
require( require(
account == _msgSender(), account == _msgSender(),
"AccessControl: can only renounce roles for self" "MappingController: can only renounce roles for self"
); );
_revokeRole(role, account); _revokeRole(role, account);
@ -154,17 +154,17 @@ contract InstaAccessControl is Context {
* system imposed by {AccessControl}. * system imposed by {AccessControl}.
* ==== * ====
*/ */
function _setupRole(bytes32 role, address account) internal virtual { function _setupRole(address role, address account) internal virtual {
_grantRole(role, account); _grantRole(role, account);
} }
function _grantRole(bytes32 role, address account) private { function _grantRole(address role, address account) private {
if (_roles[role].add(account)) { if (_roles[role].add(account)) {
emit RoleGranted(role, account); emit RoleGranted(role, account);
} }
} }
function _revokeRole(bytes32 role, address account) private { function _revokeRole(address role, address account) private {
if (_roles[role].remove(account)) { if (_roles[role].remove(account)) {
emit RoleRevoked(role, account, _msgSender()); emit RoleRevoked(role, account, _msgSender());
} }

37
contracts/mapping/InstaMappings.sol
View File

@ -1,37 +0,0 @@
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import {InstaAccessControl} from "./InstaAccessControl.sol";
contract InstaMappings is InstaAccessControl {
function getMappingContractRole(address mappingContract)
public
pure
returns (bytes32 role)
{
bytes memory encoded = abi.encode(mappingContract);
assembly {
role := mload(add(encoded, 32))
}
}
function hasRole(address mappingAddr, address account)
public
view
returns (bool)
{
return super.hasRole(getMappingContractRole(mappingAddr), account);
}
function grantRole(address mappingAddr, address account) public {
super.grantRole(getMappingContractRole(mappingAddr), account);
}
function revokeRole(address mappingAddr, address account) public {
super.revokeRole(getMappingContractRole(mappingAddr), account);
}
function renounceRole(address mappingAddr, address account) public {
super.renounceRole(getMappingContractRole(mappingAddr), account);
}
}

113
test/01_insta_access_control.js
View File

@ -8,22 +8,22 @@ chai.use(solidity);
const { expect } = chai; const { expect } = chai;
const getAccessControl = (address, signer) => { const getMapping = (address, signer) => {
return ethers.getContractAt("InstaAccessControl", address, signer); return ethers.getContractAt("InstaMappingController", address, signer);
}; };
describe("Test InstaAccessControl contract", () => { describe("Test InstaMapping contract", () => {
let account, instaMaster; let account, instaMaster;
let accessControlAddress; let mappingAddress;
let masterAccessControl; let masterMapping;
const indexInterfaceAddress = "0x2971AdFa57b20E5a416aE5a708A8655A9c74f723"; const indexInterfaceAddress = "0x2971AdFa57b20E5a416aE5a708A8655A9c74f723";
const TEST_ROLE = ethers.utils.formatBytes32String("test"); const testRoleAddress = "0x2971AdFa57b20E5a416aE5a708A8655A9c74f723";
before("get signers", async () => { before("get signers", async () => {
[account] = await ethers.getSigners(); [account] = await ethers.getSigners();
const IndexContract = await ethers.getContractAt( const IndexContract = await ethers.getContractAt(
"contracts/mapping/InstaAccessControl.sol:IndexInterface", "contracts/mapping/InstaMappingController.sol:IndexInterface",
indexInterfaceAddress indexInterfaceAddress
); );
const masterAddress = await IndexContract.master(); const masterAddress = await IndexContract.master();
@ -44,130 +44,121 @@ describe("Test InstaAccessControl contract", () => {
}); });
beforeEach("deploy contract", async () => { beforeEach("deploy contract", async () => {
const accessControlFactory = await ethers.getContractFactory( const mappingFactory = await ethers.getContractFactory(
"InstaAccessControl" "InstaMappingController"
); );
const accessControl = await accessControlFactory.deploy(); const mapping = await mappingFactory.deploy();
await accessControl.deployed(); await mapping.deployed();
accessControlAddress = accessControl.address; mappingAddress = mapping.address;
masterAccessControl = await getAccessControl( masterMapping = await getMapping(mappingAddress, instaMaster);
accessControlAddress,
instaMaster
);
}); });
it("grant,revoke role should fail with non master signer", async () => { it("grant,revoke role should fail with non master signer", async () => {
const selfAccessControl = await getAccessControl( const selfMapping = await getMapping(mappingAddress, account);
accessControlAddress,
account
);
await expect( await expect(
selfAccessControl.grantRole(TEST_ROLE, account.address) selfMapping.grantRole(testRoleAddress, account.address)
).to.rejectedWith(/AccessControl: sender must be master/); ).to.rejectedWith(/MappingController: sender must be master/);
await expect( await expect(
selfAccessControl.revokeRole(TEST_ROLE, account.address) selfMapping.revokeRole(testRoleAddress, account.address)
).to.rejectedWith(/AccessControl: sender must be master/); ).to.rejectedWith(/MappingController: sender must be master/);
}); });
it("hasRole should return false for roles not assigned to users", async () => { it("hasRole should return false for roles not assigned to users", async () => {
expect(await masterAccessControl.hasRole(TEST_ROLE, account.address)).to.eq( expect(await masterMapping.hasRole(testRoleAddress, account.address)).to.eq(
false false
); );
}); });
it("should grant roles", async () => { it("should grant roles", async () => {
await expect(masterAccessControl.grantRole(TEST_ROLE, account.address)) await expect(masterMapping.grantRole(testRoleAddress, account.address))
.to.emit(masterAccessControl, "RoleGranted") .to.emit(masterMapping, "RoleGranted")
.withArgs(TEST_ROLE, account.address); .withArgs(testRoleAddress, account.address);
expect(await masterAccessControl.hasRole(TEST_ROLE, account.address)).to.eq( expect(await masterMapping.hasRole(testRoleAddress, account.address)).to.eq(
true true
); );
}); });
it("should revoke role", async () => { it("should revoke role", async () => {
// add a role first // add a role first
await masterAccessControl.grantRole(TEST_ROLE, account.address); await masterMapping.grantRole(testRoleAddress, account.address);
expect(await masterAccessControl.hasRole(TEST_ROLE, account.address)).to.eq( expect(await masterMapping.hasRole(testRoleAddress, account.address)).to.eq(
true true
); );
// then remove the role // then remove the role
await expect(masterAccessControl.revokeRole(TEST_ROLE, account.address)) await expect(masterMapping.revokeRole(testRoleAddress, account.address))
.to.emit(masterAccessControl, "RoleRevoked") .to.emit(masterMapping, "RoleRevoked")
.withArgs(TEST_ROLE, account.address, instaMaster.address); .withArgs(testRoleAddress, account.address, instaMaster.address);
expect(await masterAccessControl.hasRole(TEST_ROLE, account.address)).to.eq( expect(await masterMapping.hasRole(testRoleAddress, account.address)).to.eq(
false false
); );
}); });
it("should renounce role only with the account not master", async () => { it("should renounce role only with the account not master", async () => {
// add a role first // add a role first
await masterAccessControl.grantRole(TEST_ROLE, account.address); await masterMapping.grantRole(testRoleAddress, account.address);
expect(await masterAccessControl.hasRole(TEST_ROLE, account.address)).to.eq( expect(await masterMapping.hasRole(testRoleAddress, account.address)).to.eq(
true true
); );
// then renounce the the role // then renounce the the role
await expect( await expect(
masterAccessControl.renounceRole(TEST_ROLE, account.address) masterMapping.renounceRole(testRoleAddress, account.address)
).to.rejectedWith(/AccessControl: can only renounce roles for self/); ).to.rejectedWith(/MappingController: can only renounce roles for self/);
const selfAccessControl = await getAccessControl( const selfMapping = await getMapping(mappingAddress, account);
accessControlAddress, expect(await selfMapping.renounceRole(testRoleAddress, account.address))
account .to.emit(masterMapping, "RoleRevoked")
); .withArgs(testRoleAddress, account.address, account.address);
expect(await selfAccessControl.renounceRole(TEST_ROLE, account.address))
.to.emit(masterAccessControl, "RoleRevoked")
.withArgs(TEST_ROLE, account.address, account.address);
expect(await masterAccessControl.hasRole(TEST_ROLE, account.address)).to.eq( expect(await masterMapping.hasRole(testRoleAddress, account.address)).to.eq(
false false
); );
}); });
it("should do role count properly", async () => { it("should do role count properly", async () => {
expect(await masterAccessControl.getRoleMemberCount(TEST_ROLE)).to.eq(0); expect(await masterMapping.getRoleMemberCount(testRoleAddress)).to.eq(0);
await masterAccessControl.grantRole(TEST_ROLE, account.address); await masterMapping.grantRole(testRoleAddress, account.address);
expect(await masterAccessControl.getRoleMemberCount(TEST_ROLE)).to.eq(1); expect(await masterMapping.getRoleMemberCount(testRoleAddress)).to.eq(1);
await masterAccessControl.grantRole(TEST_ROLE, instaMaster.address); await masterMapping.grantRole(testRoleAddress, instaMaster.address);
expect(await masterAccessControl.getRoleMemberCount(TEST_ROLE)).to.eq(2); expect(await masterMapping.getRoleMemberCount(testRoleAddress)).to.eq(2);
await masterAccessControl.revokeRole(TEST_ROLE, instaMaster.address); await masterMapping.revokeRole(testRoleAddress, instaMaster.address);
expect(await masterAccessControl.getRoleMemberCount(TEST_ROLE)).to.eq(1); expect(await masterMapping.getRoleMemberCount(testRoleAddress)).to.eq(1);
}); });
it("should get member correctly by index", async () => { it("should get member correctly by index", async () => {
await expect( await expect(
masterAccessControl.getRoleMember(TEST_ROLE, 0) masterMapping.getRoleMember(testRoleAddress, 0)
).to.rejectedWith(/EnumerableSet: index out of bounds/); ).to.rejectedWith(/EnumerableSet: index out of bounds/);
await masterAccessControl.grantRole(TEST_ROLE, account.address); await masterMapping.grantRole(testRoleAddress, account.address);
expect(await masterAccessControl.getRoleMember(TEST_ROLE, 0)).to.eq( expect(await masterMapping.getRoleMember(testRoleAddress, 0)).to.eq(
account.address account.address
); );
await masterAccessControl.grantRole(TEST_ROLE, instaMaster.address); await masterMapping.grantRole(testRoleAddress, instaMaster.address);
expect(await masterAccessControl.getRoleMember(TEST_ROLE, 1)).to.eq( expect(await masterMapping.getRoleMember(testRoleAddress, 1)).to.eq(
instaMaster.address instaMaster.address
); );
await masterAccessControl.revokeRole(TEST_ROLE, instaMaster.address); await masterMapping.revokeRole(testRoleAddress, instaMaster.address);
await expect( await expect(
masterAccessControl.getRoleMember(TEST_ROLE, 1) masterMapping.getRoleMember(testRoleAddress, 1)
).to.rejectedWith(/EnumerableSet: index out of bounds/); ).to.rejectedWith(/EnumerableSet: index out of bounds/);
}); });
}); });

148
test/02_insta_mapping.js
View File

@ -1,148 +0,0 @@
const { ethers, network } = require("hardhat");
const chai = require("chai");
const chaiPromise = require("chai-as-promised");
const { solidity } = require("ethereum-waffle");
chai.use(chaiPromise);
chai.use(solidity);
const { expect } = chai;
const getInstaMappings = (address, signer) => {
return ethers.getContractAt("InstaMappings", address, signer);
};
describe("Test InstaMapping contract", () => {
let account, instaMaster;
let instaMappingAddress;
let masterInstaMapping;
const indexInterfaceAddress = "0x2971AdFa57b20E5a416aE5a708A8655A9c74f723";
const TEST_CONTRACT = "0x1f9840a85d5af5bf1d1762f925bdaddc4201f984";
let TEST_CONTRACT_ENCODED;
const keys = {
grant: "grantRole(address,address)",
revoke: "revokeRole(address,address)",
renounce: "renounceRole(address,address)",
has: "hasRole(address,address)",
};
before("get signers", async () => {
[account] = await ethers.getSigners();
const IndexContract = await ethers.getContractAt(
"contracts/mapping/InstaAccessControl.sol:IndexInterface",
indexInterfaceAddress
);
const masterAddress = await IndexContract.master();
await network.provider.request({
method: "hardhat_impersonateAccount",
params: [masterAddress],
});
instaMaster = await ethers.getSigner(masterAddress);
});
after(async () => {
await network.provider.request({
method: "hardhat_stopImpersonatingAccount",
params: [instaMaster.address],
});
});
beforeEach("deploy contract", async () => {
const instaMappingFactory = await ethers.getContractFactory(
"InstaMappings"
);
const instaMapping = await instaMappingFactory.deploy();
await instaMapping.deployed();
instaMappingAddress = instaMapping.address;
masterInstaMapping = await getInstaMappings(
instaMappingAddress,
instaMaster
);
TEST_CONTRACT_ENCODED = await instaMapping.getMappingContractRole(
TEST_CONTRACT
);
});
it("grant,revoke role should fail with non master signer", async () => {
const selfInstaMapping = await getInstaMappings(
instaMappingAddress,
account
);
await expect(
selfInstaMapping[keys.grant](TEST_CONTRACT, account.address)
).to.rejectedWith(/AccessControl: sender must be master/);
await expect(
selfInstaMapping[keys.revoke](TEST_CONTRACT, account.address)
).to.rejectedWith(/AccessControl: sender must be master/);
});
it("hasRole should return false for roles not assigned to users", async () => {
expect(
await masterInstaMapping[keys.has](TEST_CONTRACT, account.address)
).to.eq(false);
});
it("should grant roles", async () => {
await expect(masterInstaMapping[keys.grant](TEST_CONTRACT, account.address))
.to.emit(masterInstaMapping, "RoleGranted")
.withArgs(TEST_CONTRACT_ENCODED, account.address);
expect(
await masterInstaMapping[keys.has](TEST_CONTRACT, account.address)
).to.eq(true);
});
it("should revoke role", async () => {
// add a role first
await masterInstaMapping[keys.grant](TEST_CONTRACT, account.address);
expect(
await masterInstaMapping[keys.has](TEST_CONTRACT, account.address)
).to.eq(true);
// then remove the role
await expect(
masterInstaMapping[keys.revoke](TEST_CONTRACT, account.address)
)
.to.emit(masterInstaMapping, "RoleRevoked")
.withArgs(TEST_CONTRACT_ENCODED, account.address, instaMaster.address);
expect(
await masterInstaMapping[keys.has](TEST_CONTRACT, account.address)
).to.eq(false);
});
it("should renounce role only with the account not master", async () => {
// add a role first
await masterInstaMapping[keys.grant](TEST_CONTRACT, account.address);
expect(
await masterInstaMapping[keys.has](TEST_CONTRACT, account.address)
).to.eq(true);
// then renounce the the role
await expect(
masterInstaMapping[keys.renounce](TEST_CONTRACT, account.address)
).to.rejectedWith(/AccessControl: can only renounce roles for self/);
const selfInstaMapping = await getInstaMappings(
instaMappingAddress,
account
);
expect(
await selfInstaMapping[keys.renounce](TEST_CONTRACT, account.address)
)
.to.emit(masterInstaMapping, "RoleRevoked")
.withArgs(TEST_CONTRACT_ENCODED, account.address, account.address);
expect(
await masterInstaMapping[keys.has](TEST_CONTRACT, account.address)
).to.eq(false);
});
});