feat: copy module access controller from the modules repo

defi-wonderland · Nov 14, 2024 · c80cc1e · c80cc1e
1 parent f4dde9e
commit c80cc1e
Show file tree

Hide file tree

Showing 2 changed files with 65 additions and 0 deletions.
diff --git a/solidity/contracts/access/ModuleAccessController.sol b/solidity/contracts/access/ModuleAccessController.sol
@@ -0,0 +1,50 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.19;
+
+import {IOracle} from '../../interfaces/IOracle.sol';
+import {IModuleAccessController} from '../../interfaces/access/IModuleAccessController.sol';
+import {Module} from '../Module.sol';
+import {CommonAccessController} from './CommonAccessController.sol';
+
+abstract contract ModuleAccessController is IModuleAccessController, CommonAccessController, Module {
+  constructor(IOracle _oracle) Module(_oracle) {}
+
+  /**
+   * @notice Returns an access control object using the contract address as user and the given data
+   * @dev should only be used by modules as the self-access-control object
+   * @param _data Arbitrary data
+   * @return _accessControl The self access control for this contract.
+   */
+  function _defaultAccessControl(bytes memory _data) internal view returns (AccessControl memory _accessControl) {
+    _accessControl = AccessControl({user: address(this), data: _data});
+  }
+
+  /**
+   * @notice Returns an access control object using the contract address as user, and empty data
+   *
+   * @dev should only be used by modules as the self-access-control object
+   * @return _accessControl The self access control for this contract.
+   */
+  function _defaultAccessControl() internal view returns (AccessControl memory _accessControl) {
+    _accessControl = _defaultAccessControl(bytes(''));
+  }
+
+  modifier hasAccess(
+    address _accessModule,
+    bytes32 _typehash,
+    bytes memory _params,
+    AccessControl memory _accessControl
+  ) {
+    if (_accessControl.user != msg.sender) {
+      if (_accessModule == address(0)) {
+        revert AccessController_NoAccess();
+      } else {
+        if (!ORACLE.isAccessModuleApproved(_accessControl.user, _accessModule)) {
+          revert ModuleAccessController_AccessModuleNotApproved();
+        }
+        _hasAccess(_accessModule, _typehash, _params, _accessControl);
+      }
+    }
+    _;
+  }
+}
diff --git a/solidity/interfaces/access/IModuleAccessController.sol b/solidity/interfaces/access/IModuleAccessController.sol
@@ -0,0 +1,15 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.19;
+
+import {IAccessController} from './IAccessController.sol';
+
+/**
+ * @title Module Access Controller Interface
+ * @notice Interface for the module access controller
+ */
+interface IModuleAccessController is IAccessController {
+  /**
+   * @notice Thrown when user has not approved the access module
+   */
+  error ModuleAccessController_AccessModuleNotApproved();
+}