NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs

Browse Source
This commit is contained in:
github-actions
2024-10-21 14:27:36 +00:00
parent 63bb51f17d
commit edf6031131
435 changed files with 42062 additions and 23945 deletions
Download Patch File Download Diff File Expand all files Collapse all files

456
test/access/manager/AccessManager.predicate.js Normal file
View File

@ -0,0 +1,456 @@
const { ethers } = require('hardhat');
const { expect } = require('chai');
const { setStorageAt } = require('@nomicfoundation/hardhat-network-helpers');
const { EXECUTION_ID_STORAGE_SLOT, EXPIRATION, prepareOperation } = require('../../helpers/access-manager');
const { impersonate } = require('../../helpers/account');
const time = require('../../helpers/time');
// ============ COMMON PREDICATES ============
const LIKE_COMMON_IS_EXECUTING = {
executing() {
it('succeeds', async function () {
await this.caller.sendTransaction({ to: this.target, data: this.calldata });
});
},
notExecuting() {
it('reverts as AccessManagerUnauthorizedAccount', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerUnauthorizedAccount')
.withArgs(this.caller, this.role.id);
});
},
};
const LIKE_COMMON_GET_ACCESS = {
requiredRoleIsGranted: {
roleGrantingIsDelayed: {
callerHasAnExecutionDelay: {
beforeGrantDelay() {
it('reverts as AccessManagerUnauthorizedAccount', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerUnauthorizedAccount')
.withArgs(this.caller, this.role.id);
});
},
afterGrantDelay: undefined, // Diverges if there's an operation delay or not
},
callerHasNoExecutionDelay: {
beforeGrantDelay() {
it('reverts as AccessManagerUnauthorizedAccount', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerUnauthorizedAccount')
.withArgs(this.caller, this.role.id);
});
},
afterGrantDelay() {
it('succeeds called directly', async function () {
await this.caller.sendTransaction({ to: this.target, data: this.calldata });
});
it('succeeds via execute', async function () {
await this.manager.connect(this.caller).execute(this.target, this.calldata);
});
},
},
},
roleGrantingIsNotDelayed: {
callerHasAnExecutionDelay: undefined, // Diverges if there's an operation to schedule or not
callerHasNoExecutionDelay() {
it('succeeds called directly', async function () {
await this.caller.sendTransaction({ to: this.target, data: this.calldata });
});
it('succeeds via execute', async function () {
await this.manager.connect(this.caller).execute(this.target, this.calldata);
});
},
},
},
requiredRoleIsNotGranted() {
it('reverts as AccessManagerUnauthorizedAccount', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerUnauthorizedAccount')
.withArgs(this.caller, this.role.id);
});
},
};
const LIKE_COMMON_SCHEDULABLE = {
scheduled: {
before() {
it('reverts as AccessManagerNotReady', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerNotReady')
.withArgs(this.operationId);
});
},
after() {
it('succeeds called directly', async function () {
await this.caller.sendTransaction({ to: this.target, data: this.calldata });
});
it('succeeds via execute', async function () {
await this.manager.connect(this.caller).execute(this.target, this.calldata);
});
},
expired() {
it('reverts as AccessManagerExpired', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerExpired')
.withArgs(this.operationId);
});
},
},
notScheduled() {
it('reverts as AccessManagerNotScheduled', async function () {
await expect(this.caller.sendTransaction({ to: this.target, data: this.calldata }))
.to.be.revertedWithCustomError(this.manager, 'AccessManagerNotScheduled')
.withArgs(this.operationId);
});
},
};
// ============ MODE ============
/**
* @requires this.{manager,target}
*/
function testAsClosable({ closed, open }) {
describe('when the manager is closed', function () {
beforeEach('close', async function () {
await this.manager.$_setTargetClosed(this.target, true);
});
closed();
});
describe('when the manager is open', function () {
beforeEach('open', async function () {
await this.manager.$_setTargetClosed(this.target, false);
});
open();
});
}
// ============ DELAY ============
/**
* @requires this.{delay}
*/
function testAsDelay(type, { before, after }) {
beforeEach('define timestamp when delay takes effect', async function () {
const timestamp = await time.clock.timestamp();
this.delayEffect = timestamp + this.delay;
});
describe(`when ${type} delay has not taken effect yet`, function () {
beforeEach(`set next block timestamp before ${type} takes effect`, async function () {
await time.increaseTo.timestamp(this.delayEffect - 1n, !!before.mineDelay);
});
before();
});
describe(`when ${type} delay has taken effect`, function () {
beforeEach(`set next block timestamp when ${type} takes effect`, async function () {
await time.increaseTo.timestamp(this.delayEffect, !!after.mineDelay);
});
after();
});
}
// ============ OPERATION ============
/**
* @requires this.{manager,scheduleIn,caller,target,calldata}
*/
function testAsSchedulableOperation({ scheduled: { before, after, expired }, notScheduled }) {
describe('when operation is scheduled', function () {
beforeEach('schedule operation', async function () {
if (this.caller.target) {
await impersonate(this.caller.target);
this.caller = await ethers.getSigner(this.caller.target);
}
const { operationId, schedule } = await prepareOperation(this.manager, {
caller: this.caller,
target: this.target,
calldata: this.calldata,
delay: this.scheduleIn,
});
await schedule();
this.operationId = operationId;
});
describe('when operation is not ready for execution', function () {
beforeEach('set next block time before operation is ready', async function () {
this.scheduledAt = await time.clock.timestamp();
const schedule = await this.manager.getSchedule(this.operationId);
await time.increaseTo.timestamp(schedule - 1n, !!before.mineDelay);
});
before();
});
describe('when operation is ready for execution', function () {
beforeEach('set next block time when operation is ready for execution', async function () {
this.scheduledAt = await time.clock.timestamp();
const schedule = await this.manager.getSchedule(this.operationId);
await time.increaseTo.timestamp(schedule, !!after.mineDelay);
});
after();
});
describe('when operation has expired', function () {
beforeEach('set next block time when operation expired', async function () {
this.scheduledAt = await time.clock.timestamp();
const schedule = await this.manager.getSchedule(this.operationId);
await time.increaseTo.timestamp(schedule + EXPIRATION, !!expired.mineDelay);
});
expired();
});
});
describe('when operation is not scheduled', function () {
beforeEach('set expected operationId', async function () {
this.operationId = await this.manager.hashOperation(this.caller, this.target, this.calldata);
// Assert operation is not scheduled
expect(await this.manager.getSchedule(this.operationId)).to.equal(0n);
});
notScheduled();
});
}
/**
* @requires this.{manager,roles,target,calldata}
*/
function testAsRestrictedOperation({ callerIsTheManager: { executing, notExecuting }, callerIsNotTheManager }) {
describe('when the call comes from the manager (msg.sender == manager)', function () {
beforeEach('define caller as manager', async function () {
this.caller = this.manager;
if (this.caller.target) {
await impersonate(this.caller.target);
this.caller = await ethers.getSigner(this.caller.target);
}
});
describe('when _executionId is in storage for target and selector', function () {
beforeEach('set _executionId flag from calldata and target', async function () {
const executionId = ethers.keccak256(
ethers.AbiCoder.defaultAbiCoder().encode(
['address', 'bytes4'],
[this.target.target, this.calldata.substring(0, 10)],
),
);
await setStorageAt(this.manager.target, EXECUTION_ID_STORAGE_SLOT, executionId);
});
executing();
});
describe('when _executionId does not match target and selector', notExecuting);
});
describe('when the call does not come from the manager (msg.sender != manager)', function () {
beforeEach('define non manager caller', function () {
this.caller = this.roles.SOME.members[0];
});
callerIsNotTheManager();
});
}
/**
* @requires this.{manager,scheduleIn,caller,target,calldata,executionDelay}
*/
function testAsDelayedOperation() {
describe('with operation delay', function () {
describe('when operation delay is greater than execution delay', function () {
beforeEach('set operation delay', async function () {
this.operationDelay = this.executionDelay + time.duration.hours(1);
await this.manager.$_setTargetAdminDelay(this.target, this.operationDelay);
this.scheduleIn = this.operationDelay; // For testAsSchedulableOperation
});
testAsSchedulableOperation(LIKE_COMMON_SCHEDULABLE);
});
describe('when operation delay is shorter than execution delay', function () {
beforeEach('set operation delay', async function () {
this.operationDelay = this.executionDelay - time.duration.hours(1);
await this.manager.$_setTargetAdminDelay(this.target, this.operationDelay);
this.scheduleIn = this.executionDelay; // For testAsSchedulableOperation
});
testAsSchedulableOperation(LIKE_COMMON_SCHEDULABLE);
});
});
describe('without operation delay', function () {
beforeEach('set operation delay', async function () {
this.operationDelay = 0n;
await this.manager.$_setTargetAdminDelay(this.target, this.operationDelay);
this.scheduleIn = this.executionDelay; // For testAsSchedulableOperation
});
testAsSchedulableOperation(LIKE_COMMON_SCHEDULABLE);
});
}
// ============ METHOD ============
/**
* @requires this.{manager,roles,role,target,calldata}
*/
function testAsCanCall({
closed,
open: {
callerIsTheManager,
callerIsNotTheManager: { publicRoleIsRequired, specificRoleIsRequired },
},
}) {
testAsClosable({
closed,
open() {
testAsRestrictedOperation({
callerIsTheManager,
callerIsNotTheManager() {
testAsHasRole({
publicRoleIsRequired,
specificRoleIsRequired,
});
},
});
},
});
}
/**
* @requires this.{target,calldata,roles,role}
*/
function testAsHasRole({ publicRoleIsRequired, specificRoleIsRequired }) {
describe('when the function requires the caller to be granted with the PUBLIC_ROLE', function () {
beforeEach('set target function role as PUBLIC_ROLE', async function () {
this.role = this.roles.PUBLIC;
await this.manager
.connect(this.roles.ADMIN.members[0])
.$_setTargetFunctionRole(this.target, this.calldata.substring(0, 10), this.role.id);
});
publicRoleIsRequired();
});
describe('when the function requires the caller to be granted with a role other than PUBLIC_ROLE', function () {
beforeEach('set target function role as PUBLIC_ROLE', async function () {
await this.manager
.connect(this.roles.ADMIN.members[0])
.$_setTargetFunctionRole(this.target, this.calldata.substring(0, 10), this.role.id);
});
testAsGetAccess(specificRoleIsRequired);
});
}
/**
* @requires this.{manager,role,caller}
*/
function testAsGetAccess({
requiredRoleIsGranted: {
roleGrantingIsDelayed: {
// Because both grant and execution delay are set within the same $_grantRole call
// it's not possible to create a set of tests that diverge between grant and execution delay.
// Therefore, the testAsDelay arguments are renamed for clarity:
// before => beforeGrantDelay
// after => afterGrantDelay
callerHasAnExecutionDelay: { beforeGrantDelay: case1, afterGrantDelay: case2 },
callerHasNoExecutionDelay: { beforeGrantDelay: case3, afterGrantDelay: case4 },
},
roleGrantingIsNotDelayed: { callerHasAnExecutionDelay: case5, callerHasNoExecutionDelay: case6 },
},
requiredRoleIsNotGranted,
}) {
describe('when the required role is granted to the caller', function () {
describe('when role granting is delayed', function () {
beforeEach('define delay', function () {
this.grantDelay = time.duration.minutes(3);
this.delay = this.grantDelay; // For testAsDelay
});
describe('when caller has an execution delay', function () {
beforeEach('set role and delay', async function () {
this.executionDelay = time.duration.hours(10);
this.delay = this.grantDelay;
await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
});
testAsDelay('grant', { before: case1, after: case2 });
});
describe('when caller has no execution delay', function () {
beforeEach('set role and delay', async function () {
this.executionDelay = 0n;
await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
});
testAsDelay('grant', { before: case3, after: case4 });
});
});
describe('when role granting is not delayed', function () {
beforeEach('define delay', function () {
this.grantDelay = 0n;
});
describe('when caller has an execution delay', function () {
beforeEach('set role and delay', async function () {
this.executionDelay = time.duration.hours(10);
await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
});
case5();
});
describe('when caller has no execution delay', function () {
beforeEach('set role and delay', async function () {
this.executionDelay = 0n;
await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
});
case6();
});
});
});
describe('when role is not granted', function () {
// Because this helper can be composed with other helpers, it's possible
// that role has been set already by another helper.
// Although this is highly unlikely, we check for it here to avoid false positives.
beforeEach('assert role is unset', async function () {
const { since } = await this.manager.getAccess(this.role.id, this.caller);
expect(since).to.equal(0n);
});
requiredRoleIsNotGranted();
});
}
module.exports = {
LIKE_COMMON_IS_EXECUTING,
LIKE_COMMON_GET_ACCESS,
LIKE_COMMON_SCHEDULABLE,
testAsClosable,
testAsDelay,
testAsSchedulableOperation,
testAsRestrictedOperation,
testAsDelayedOperation,
testAsCanCall,
testAsHasRole,
testAsGetAccess,
};