Document AccessManager functions and events in IAccessManager (#4660)

Co-authored-by: Francisco <fg@frang.io> Co-authored-by: Ernesto García <ernestognw@gmail.com>
2023-10-05 17:55:11 +02:00
parent 0f89a7e5f8
commit e78628bfcf
6 changed files with 378 additions and 306 deletions
--- a/certora/diff/access_manager_AccessManager.sol.patch
+++ b/certora/diff/access_manager_AccessManager.sol.patch
@ -1,5 +1,5 @@
--- access/manager/AccessManager.sol	2023-10-04 11:20:52.802378968 +0200
-+++ access/manager/AccessManager.sol	2023-10-04 14:49:43.126279234 +0200
+--- access/manager/AccessManager.sol	2023-10-05 12:17:09.694051809 -0300
+++ access/manager/AccessManager.sol	2023-10-05 12:26:18.498688718 -0300
@@ -6,7 +6,6 @@
 import {IAccessManaged} from "./IAccessManaged.sol";
 import {Address} from "../../utils/Address.sol";
@ -8,7 +8,7 @@
 import {Math} from "../../utils/math/Math.sol";
 import {Time} from "../../utils/types/Time.sol";
 
-@@ -48,7 +47,8 @@
+@@ -57,7 +56,8 @@
  * mindful of the danger associated with functions such as {{Ownable-renounceOwnership}} or
  * {{AccessControl-renounceRole}}.
  */
@ -18,17 +18,17 @@
     using Time for *;
 
     // Structure that stores the details for a target contract.
-@@ -93,7 +93,7 @@
-     mapping(bytes32 operationId => Schedule) private _schedules;
+@@ -105,7 +105,7 @@
 
+     // Used to identify operations that are currently being executed via {execute}.
     // This should be transient storage when supported by the EVM.
 -    bytes32 private _executionId;
 +    bytes32 internal _executionId; // private → internal for FV
 
     /**
      * @dev Check that the caller is authorized to perform the operation, following the restrictions encoded in
-@@ -185,6 +185,11 @@
-         return _targets[target].adminDelay.get();
+@@ -253,6 +253,11 @@
+         _setGrantDelay(roleId, newDelay);
     }
 
 +    // Exposed for FV
@ -37,10 +37,10 @@
 +    }
 +
     /**
-      * @dev Get the id of the role that acts as an admin for given role.
+      * @dev Internal version of {grantRole} without access control. Returns true if the role was newly granted.
      *
-@@ -213,6 +218,11 @@
-         return _roles[roleId].grantDelay.get();
+@@ -287,6 +292,11 @@
+         return newMember;
     }
 
 +    // Exposed for FV
@ -49,18 +49,9 @@
 +    }
 +
     /**
-      * @dev Get the access details for a given account for a given role. These details include the timepoint at which
-      * membership becomes active, and the delay applied to all operation by this user that requires this permission
-@@ -749,7 +759,7 @@
-     /**
-      * @dev Hashing function for execute protection
-      */
-    function _hashExecutionId(address target, bytes4 selector) private pure returns (bytes32) {
-+    function _hashExecutionId(address target, bytes4 selector) internal pure returns (bytes32) { // private → internal for FV
-         return keccak256(abi.encode(target, selector));
-     }
- 
-@@ -769,7 +779,7 @@
+      * @dev Internal version of {revokeRole} without access control. This logic is also used by {renounceRole}.
+      * Returns true if the role was previously granted.
+@@ -586,7 +596,7 @@
     /**
      * @dev Check if the current call is authorized according to admin logic.
      */
@ -69,7 +60,7 @@
         address caller = _msgSender();
         (bool immediate, uint32 delay) = _canCallSelf(caller, _msgData());
         if (!immediate) {
-@@ -792,7 +802,7 @@
+@@ -609,7 +619,7 @@
      */
     function _getAdminRestrictions(
         bytes calldata data
@ -78,7 +69,7 @@
         if (data.length < 4) {
             return (false, 0, 0);
         }
-@@ -847,7 +857,7 @@
+@@ -662,7 +672,7 @@
         address caller,
         address target,
         bytes calldata data
@ -87,7 +78,7 @@
         if (target == address(this)) {
             return _canCallSelf(caller, data);
         } else {
-@@ -901,7 +911,7 @@
+@@ -716,14 +726,14 @@
     /**
      * @dev Extracts the selector from calldata. Panics if data is not at least 4 bytes
      */
@ -95,4 +86,12 @@
 +    function _checkSelector(bytes calldata data) internal pure returns (bytes4) { // private → internal for FV
         return bytes4(data[0:4]);
     }
+ 
+     /**
+      * @dev Hashing function for execute protection
+      */
+-    function _hashExecutionId(address target, bytes4 selector) private pure returns (bytes32) {
+    function _hashExecutionId(address target, bytes4 selector) internal pure returns (bytes32) { // private → internal for FV
+         return keccak256(abi.encode(target, selector));
+     }
 }