diff --git a/solidity/contracts/AccessController.sol b/solidity/contracts/AccessController.sol deleted file mode 100644 index 5cf0458..0000000 --- a/solidity/contracts/AccessController.sol +++ /dev/null @@ -1,37 +0,0 @@ -// SPDX-License-Identifier: MIT -pragma solidity ^0.8.19; - -import {IAccessController} from '../interfaces/IAccessController.sol'; -import {IAccessControlModule} from '../interfaces/modules/accessControl/IAccessControlModule.sol'; - -abstract contract AccessController is IAccessController { - /** - * @notice Modifier to check if the caller has access to the user - * @param _accessControlModule The access control module - * @param _accessControl The access control struct - */ - modifier hasAccess( - address _accessControlModule, - bytes32 _typehash, - bytes memory _params, - AccessControl memory _accessControl - ) { - bool _hasAccess = msg.sender == _accessControl.user - || ( - _accessControlModule != address(0) - && IAccessControlModule(_accessControlModule).hasAccess( - abi.encode( - IAccessControlModule.AccessControlParameters({ - sender: msg.sender, - accessControl: _accessControl, - typehash: _typehash, - params: _params - }) - ) - ) - ); - - if (!_hasAccess) revert AccessController_NoAccess(); - _; - } -} diff --git a/solidity/contracts/CommonAccessController.sol b/solidity/contracts/CommonAccessController.sol new file mode 100644 index 0000000..b0e6499 --- /dev/null +++ b/solidity/contracts/CommonAccessController.sol @@ -0,0 +1,39 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import {IAccessController} from '../interfaces/IAccessController.sol'; +import {IAccessModule} from '../interfaces/modules/access/IAccessModule.sol'; + +abstract contract CommonAccessController is IAccessController { + /** + * @notice Check whether the caller is authorized for the given parameters. + * @param _accessModule The access module + * @param _typehash The typehash + * @param _typehashParams The params passed to the typehash + * @param _accessControl The access control struct + */ + function _hasAccess( + address _accessModule, + bytes32 _typehash, + bytes memory _typehashParams, + AccessControl memory _accessControl + ) internal { + // todo: if _accessModule == address(0) we should skip this check. + bool _granted = msg.sender == _accessControl.user + || ( + _accessModule != address(0) + && IAccessModule(_accessModule).hasAccess( + abi.encode( + IAccessModule.AccessControlParameters({ + sender: msg.sender, + accessControl: _accessControl, + typehash: _typehash, + typehashParams: _typehashParams + }) + ) + ) + ); + + if (!_granted) revert AccessController_NoAccess(); + } +} diff --git a/solidity/contracts/Oracle.sol b/solidity/contracts/Oracle.sol index fa978e7..f4719f2 100644 --- a/solidity/contracts/Oracle.sol +++ b/solidity/contracts/Oracle.sol @@ -5,15 +5,16 @@ import {IOracle} from '../interfaces/IOracle.sol'; import {IDisputeModule} from '../interfaces/modules/dispute/IDisputeModule.sol'; +import {IAccessModule} from '../interfaces/modules/access/IAccessModule.sol'; import {IFinalityModule} from '../interfaces/modules/finality/IFinalityModule.sol'; import {IRequestModule} from '../interfaces/modules/request/IRequestModule.sol'; import {IResolutionModule} from '../interfaces/modules/resolution/IResolutionModule.sol'; import {IResponseModule} from '../interfaces/modules/response/IResponseModule.sol'; import {ValidatorLib} from '../libraries/ValidatorLib.sol'; -import {AccessController} from './AccessController.sol'; +import {OracleAccessController} from './OracleAccessController.sol'; import {OracleTypehash} from './utils/OracleTypehash.sol'; -contract Oracle is IOracle, AccessController, OracleTypehash { +contract Oracle is IOracle, OracleAccessController, OracleTypehash { using ValidatorLib for *; /// @inheritdoc IOracle @@ -46,9 +47,6 @@ contract Oracle is IOracle, AccessController, OracleTypehash { /// @inheritdoc IOracle mapping(bytes32 _requestId => mapping(address _user => bool _isParticipant)) public isParticipant; - /// @inheritdoc IOracle - mapping(address _user => mapping(address _accessControlModule => bool _approved)) public isAccessControlApproved; - /// @inheritdoc IOracle uint256 public totalRequestCount; @@ -57,18 +55,6 @@ contract Oracle is IOracle, AccessController, OracleTypehash { */ mapping(bytes32 _requestId => bytes _responseIds) internal _responseIds; - /** - * @notice Modifier to check if the user approved to the access control module - * @param _user The address of the user - * @param _accessControlModule The access control module to check if approved - */ - modifier isApproved(address _user, address _accessControlModule) { - if (_accessControlModule != address(0) && !isAccessControlApproved[_user][_accessControlModule]) { - revert Oracle_AccessControlModuleNotApproved(); - } - _; - } - /// @inheritdoc IOracle function getResponseIds(bytes32 _requestId) public view returns (bytes32[] memory _ids) { bytes memory _responses = _responseIds[_requestId]; @@ -110,16 +96,6 @@ contract Oracle is IOracle, AccessController, OracleTypehash { } } - /// @inheritdoc IOracle - function setAccessControlModule(address _accessControlModule, bool _approved) external { - if (isAccessControlApproved[msg.sender][_accessControlModule] == _approved) { - revert Oracle_AccessControlModuleAlreadySet(); - } - isAccessControlApproved[msg.sender][_accessControlModule] = _approved; - - emit AccessControlModuleSet(msg.sender, _accessControlModule, _approved); - } - /// @inheritdoc IOracle function createRequest( Request calldata _request, @@ -153,8 +129,8 @@ contract Oracle is IOracle, AccessController, OracleTypehash { AccessControl calldata _accessControl ) external - isApproved(_accessControl.user, _request.accessControlModule) - hasAccess(_request.accessControlModule, PROPOSE_TYPEHASH, abi.encode(_request, _response), _accessControl) + isApproved(_accessControl.user, _request.accessModule) + hasAccess(_request.accessModule, PROPOSE_TYPEHASH, abi.encode(_request, _response), _accessControl) returns (bytes32 _responseId) { _responseId = ValidatorLib._validateResponse(_request, _response); @@ -194,8 +170,8 @@ contract Oracle is IOracle, AccessController, OracleTypehash { AccessControl calldata _accessControl ) external - isApproved(_accessControl.user, _request.accessControlModule) - hasAccess(_request.accessControlModule, DISPUTE_TYPEHASH, abi.encode(_request, _response, _dispute), _accessControl) + isApproved(_accessControl.user, _request.accessModule) + hasAccess(_request.accessModule, DISPUTE_TYPEHASH, abi.encode(_request, _response, _dispute), _accessControl) returns (bytes32 _disputeId) { bytes32 _responseId; @@ -240,8 +216,8 @@ contract Oracle is IOracle, AccessController, OracleTypehash { AccessControl calldata _accessControl ) external - isApproved(_accessControl.user, _request.accessControlModule) - hasAccess(_request.accessControlModule, ESCALATE_TYPEHASH, abi.encode(_request, _response, _dispute), _accessControl) + isApproved(_accessControl.user, _request.accessModule) + hasAccess(_request.accessModule, ESCALATE_TYPEHASH, abi.encode(_request, _response, _dispute), _accessControl) { (bytes32 _responseId, bytes32 _disputeId) = ValidatorLib._validateResponseAndDispute(_request, _response, _dispute); @@ -279,8 +255,8 @@ contract Oracle is IOracle, AccessController, OracleTypehash { AccessControl calldata _accessControl ) external - isApproved(_accessControl.user, _request.accessControlModule) - hasAccess(_request.accessControlModule, RESOLVE_TYPEHASH, abi.encode(_request, _response, _dispute), _accessControl) + isApproved(_accessControl.user, _request.accessModule) + hasAccess(_request.accessModule, RESOLVE_TYPEHASH, abi.encode(_request, _response, _dispute), _accessControl) { (bytes32 _responseId, bytes32 _disputeId) = ValidatorLib._validateResponseAndDispute(_request, _response, _dispute); @@ -347,8 +323,8 @@ contract Oracle is IOracle, AccessController, OracleTypehash { AccessControl calldata _accessControl ) external - isApproved(_accessControl.user, _request.accessControlModule) - hasAccess(_request.accessControlModule, FINALIZE_TYPEHASH, abi.encode(_request, _response), _accessControl) + isApproved(_accessControl.user, _request.accessModule) + hasAccess(_request.accessModule, FINALIZE_TYPEHASH, abi.encode(_request, _response), _accessControl) { bytes32 _requestId; bytes32 _responseId; @@ -378,6 +354,10 @@ contract Oracle is IOracle, AccessController, OracleTypehash { IResponseModule(_request.responseModule).finalizeRequest(_request, _response, _accessControl.user); IRequestModule(_request.requestModule).finalizeRequest(_request, _response, _accessControl.user); + if (_request.accessModule != address(0)) { + IAccessModule(_request.accessModule).finalizeRequest(_request, _response, _accessControl.user); + } + emit OracleRequestFinalized(_requestId, _responseId); } @@ -458,8 +438,8 @@ contract Oracle is IOracle, AccessController, OracleTypehash { AccessControl calldata _accessControl ) internal - isApproved(_accessControl.user, _request.accessControlModule) - hasAccess(_request.accessControlModule, CREATE_TYPEHASH, abi.encode(_request), _accessControl) + isApproved(_accessControl.user, _request.accessModule) + hasAccess(_request.accessModule, CREATE_TYPEHASH, abi.encode(_request), _accessControl) returns (bytes32 _requestId) { uint256 _requestNonce = totalRequestCount++; diff --git a/solidity/contracts/OracleAccessController.sol b/solidity/contracts/OracleAccessController.sol new file mode 100644 index 0000000..42ebfea --- /dev/null +++ b/solidity/contracts/OracleAccessController.sol @@ -0,0 +1,42 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import {IOracleAccessController} from '../interfaces/IOracleAccessController.sol'; +import {CommonAccessController} from './CommonAccessController.sol'; + +abstract contract OracleAccessController is IOracleAccessController, CommonAccessController { + /// @inheritdoc IOracleAccessController + mapping(address _user => mapping(address _accessModule => bool _approved)) public isAccessModuleApproved; + + modifier hasAccess( + address _accessModule, + bytes32 _typehash, + bytes memory _params, + AccessControl memory _accessControl + ) { + _hasAccess(_accessModule, _typehash, _params, _accessControl); + _; + } + + /** + * @notice Modifier to check if the user approved to the access module + * @param _user The address of setAccessModulethe user + * @param _accessModule The access module to check if approved + */ + modifier isApproved(address _user, address _accessModule) { + if (_accessModule != address(0) && !isAccessModuleApproved[_user][_accessModule]) { + revert OracleAccessController_AccessModuleNotApproved(); + } + _; + } + + /// @inheritdoc IOracleAccessController + function setAccessModule(address _accessModule, bool _approved) external { + if (isAccessModuleApproved[msg.sender][_accessModule] == _approved) { + revert OracleAccessController_AccessModuleAlreadySet(); + } + isAccessModuleApproved[msg.sender][_accessModule] = _approved; + + emit AccessModuleSet(msg.sender, _accessModule, _approved); + } +} diff --git a/solidity/interfaces/IAccessController.sol b/solidity/interfaces/IAccessController.sol index 944a5c9..dc29b44 100644 --- a/solidity/interfaces/IAccessController.sol +++ b/solidity/interfaces/IAccessController.sol @@ -10,9 +10,18 @@ interface IAccessController { EVENTS //////////////////////////////////////////////////////////////*/ + /*/////////////////////////////////////////////////////////////// + ERRORS + //////////////////////////////////////////////////////////////*/ + /** + * @notice Thrown when the caller has no access + */ + error AccessController_NoAccess(); + /*/////////////////////////////////////////////////////////////// STRUCTS //////////////////////////////////////////////////////////////*/ + /** * @notice The access control struct * @param user The address of the user @@ -23,14 +32,6 @@ interface IAccessController { bytes data; } - /*/////////////////////////////////////////////////////////////// - ERRORS - //////////////////////////////////////////////////////////////*/ - /** - * @notice Thrown when the caller has no access - */ - error AccessController_NoAccess(); - /*/////////////////////////////////////////////////////////////// VARIABLES //////////////////////////////////////////////////////////////*/ diff --git a/solidity/interfaces/IOracle.sol b/solidity/interfaces/IOracle.sol index b6d6b6f..a0085af 100644 --- a/solidity/interfaces/IOracle.sol +++ b/solidity/interfaces/IOracle.sol @@ -1,13 +1,13 @@ // SPDX-License-Identifier: MIT pragma solidity ^0.8.19; -import {IAccessController} from './IAccessController.sol'; +import {IAccessController, IOracleAccessController} from './IOracleAccessController.sol'; /** * @title Oracle * @notice The main contract storing requests, responses and disputes, and routing the calls to the modules. */ -interface IOracle is IAccessController { +interface IOracle is IOracleAccessController { /*/////////////////////////////////////////////////////////////// EVENTS //////////////////////////////////////////////////////////////*/ @@ -66,14 +66,6 @@ interface IOracle is IAccessController { */ event DisputeResolved(bytes32 indexed _disputeId, Dispute _dispute); - /** - * @notice Emitted when the access control module is set - * @param _user The address of the user - * @param _accessControlModule The address of the access control module - * @param _approved If the module is approved - */ - event AccessControlModuleSet(address indexed _user, address indexed _accessControlModule, bool _approved); - /*/////////////////////////////////////////////////////////////// ERRORS //////////////////////////////////////////////////////////////*/ @@ -176,16 +168,6 @@ interface IOracle is IAccessController { */ error Oracle_InvalidDisputer(); - /** - * @notice Thrown when user didn't approve the access control module - */ - error Oracle_AccessControlModuleNotApproved(); - - /** - * @notice Thrown when the access control module is already set - */ - error Oracle_AccessControlModuleAlreadySet(); - /*/////////////////////////////////////////////////////////////// ENUMS //////////////////////////////////////////////////////////////*/ @@ -214,7 +196,7 @@ interface IOracle is IAccessController { * @param disputeModule The address of the dispute module * @param resolutionModule The address of the resolution module * @param finalityModule The address of the finality module - * @param accessControlModule The address of the access control module + * @param accessModule The address of the access module * @param requestModuleData The parameters for the request module * @param responseModuleData The parameters for the response module * @param disputeModuleData The parameters for the dispute module @@ -231,7 +213,7 @@ interface IOracle is IAccessController { address disputeModule; address resolutionModule; address finalityModule; - address accessControlModule; + address accessModule; bytes requestModuleData; bytes responseModuleData; bytes disputeModuleData; @@ -375,15 +357,6 @@ interface IOracle is IAccessController { */ function getResponseIds(bytes32 _requestId) external view returns (bytes32[] memory _ids); - /** - * @notice Checks if the given address approved the access control module - * - * @param _user The address to check - * @param _accessControlModule The address of the access control module - * @return _approved If the user approved the access control module - */ - function isAccessControlApproved(address _user, address _accessControlModule) external view returns (bool _approved); - /*/////////////////////////////////////////////////////////////// LOGIC //////////////////////////////////////////////////////////////*/ @@ -505,12 +478,4 @@ interface IOracle is IAccessController { Response calldata _response, AccessControl calldata _accessControl ) external; - - /** - * @notice Sets the address of the access control module - * - * @param _accessControlModule The address of the access control module - * @param _approved If the module is approved - */ - function setAccessControlModule(address _accessControlModule, bool _approved) external; } diff --git a/solidity/interfaces/IOracleAccessController.sol b/solidity/interfaces/IOracleAccessController.sol new file mode 100644 index 0000000..50859a8 --- /dev/null +++ b/solidity/interfaces/IOracleAccessController.sol @@ -0,0 +1,65 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.19; + +import {IAccessController} from './IAccessController.sol'; + +/** + * @title Oracle Access Controller Interface + * @notice Interface for the oracle access controller + */ +interface IOracleAccessController is IAccessController { + /*/////////////////////////////////////////////////////////////// + EVENTS + //////////////////////////////////////////////////////////////*/ + + /** + * @notice Emitted when a access module is set or updated + * @param _user The address of the user + * @param _accessModule The address of the access module + * @param _approved True if approved, false otherwise + */ + event AccessModuleSet(address indexed _user, address indexed _accessModule, bool _approved); + + /*/////////////////////////////////////////////////////////////// + STRUCTS + //////////////////////////////////////////////////////////////*/ + + /*/////////////////////////////////////////////////////////////// + ERRORS + //////////////////////////////////////////////////////////////*/ + + /** + * @notice Thrown when user has not approved the access module + */ + error OracleAccessController_AccessModuleNotApproved(); + + /** + * @notice Thrown when the access module is already set + */ + error OracleAccessController_AccessModuleAlreadySet(); + + /*/////////////////////////////////////////////////////////////// + VARIABLES + //////////////////////////////////////////////////////////////*/ + + /** + * @notice Checks if the given address has approved the access module + * + * @param _user The address to check + * @param _accessModule The address of the access module + * @return _approved True if the user approved the access module, false otherwise + */ + function isAccessModuleApproved(address _user, address _accessModule) external view returns (bool _approved); + + /*/////////////////////////////////////////////////////////////// + LOGIC + //////////////////////////////////////////////////////////////*/ + + /** + * @notice Sets the approval of an the access module address. + * + * @param _accessModule The address of the access module + * @param _approved True to approve, false otherwise. + */ + function setAccessModule(address _accessModule, bool _approved) external; +} diff --git a/solidity/interfaces/modules/accessControl/IAccessControlModule.sol b/solidity/interfaces/modules/access/IAccessModule.sol similarity index 84% rename from solidity/interfaces/modules/accessControl/IAccessControlModule.sol rename to solidity/interfaces/modules/access/IAccessModule.sol index a29d49a..05c2592 100644 --- a/solidity/interfaces/modules/accessControl/IAccessControlModule.sol +++ b/solidity/interfaces/modules/access/IAccessModule.sol @@ -5,10 +5,10 @@ import {IAccessController} from '../../IAccessController.sol'; import {IModule} from '../../IModule.sol'; /** - * @title AccessControlModule - * @notice Common interface for all access control modules + * @title AccessModule + * @notice Common interface for all access modules */ -interface IAccessControlModule is IModule { +interface IAccessModule is IModule { /*/////////////////////////////////////////////////////////////// STRUCTS //////////////////////////////////////////////////////////////*/ @@ -25,14 +25,14 @@ interface IAccessControlModule is IModule { address sender; IAccessController.AccessControl accessControl; bytes32 typehash; - bytes params; + bytes typehashParams; } /*/////////////////////////////////////////////////////////////// LOGIC //////////////////////////////////////////////////////////////*/ /** - * @notice Checks if the caller has access to the user + * @notice Check whether the caller is authorized for the given parameters. * @param _data The data for access control validation * @return _hasAccess True if the caller has access to the user */ diff --git a/solidity/test/integration/EscalateDispute.t.sol b/solidity/test/integration/EscalateDispute.t.sol index ea80e01..8c3b140 100644 --- a/solidity/test/integration/EscalateDispute.t.sol +++ b/solidity/test/integration/EscalateDispute.t.sol @@ -19,7 +19,9 @@ contract Integration_EscalateDispute is IntegrationBase { mockAccessControl.user = _badDisputer; // Reverts because caller is not approved to dispute - vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_AccessControlModuleNotApproved.selector)); + vm.expectRevert( + abi.encodeWithSelector(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector) + ); oracle.disputeResponse(mockRequest, mockResponse, mockDispute, mockAccessControl); // Dispute reverts if caller is not approved diff --git a/solidity/test/integration/IntegrationBase.sol b/solidity/test/integration/IntegrationBase.sol index 4aedb45..425278f 100644 --- a/solidity/test/integration/IntegrationBase.sol +++ b/solidity/test/integration/IntegrationBase.sol @@ -7,21 +7,21 @@ import {console} from 'forge-std/console.sol'; import {IDisputeModule} from '../../interfaces/modules/dispute/IDisputeModule.sol'; -import {IAccessControlModule} from '../../interfaces/modules/accessControl/IAccessControlModule.sol'; +import {IAccessModule} from '../../interfaces/modules/access/IAccessModule.sol'; import {IFinalityModule} from '../../interfaces/modules/finality/IFinalityModule.sol'; import {IRequestModule} from '../../interfaces/modules/request/IRequestModule.sol'; import {IResolutionModule} from '../../interfaces/modules/resolution/IResolutionModule.sol'; import {IResponseModule} from '../../interfaces/modules/response/IResponseModule.sol'; import {IOracle, Oracle} from '../../contracts/Oracle.sol'; -import {IAccessController} from '../../interfaces/IAccessController.sol'; +import {IAccessController, IOracleAccessController} from '../../interfaces/IOracleAccessController.sol'; import {IMockAccounting, MockAccounting} from '../mocks/contracts/MockAccounting.sol'; import {MockCallback} from '../mocks/contracts/MockCallback.sol'; import {IMockDisputeModule, MockDisputeModule} from '../mocks/contracts/MockDisputeModule.sol'; -import {IMockAccessControlModule, MockAccessControlModule} from '../mocks/contracts/MockAccessControlModule.sol'; +import {IMockAccessModule, MockAccessModule} from '../mocks/contracts/MockAccessModule.sol'; import {IMockFinalityModule, MockFinalityModule} from '../mocks/contracts/MockFinalityModule.sol'; import {IMockRequestModule, MockRequestModule} from '../mocks/contracts/MockRequestModule.sol'; import {IMockResolutionModule, MockResolutionModule} from '../mocks/contracts/MockResolutionModule.sol'; @@ -51,7 +51,7 @@ contract IntegrationBase is TestConstants, Helpers { MockDisputeModule internal _disputeModule; MockResolutionModule internal _resolutionModule; MockFinalityModule internal _finalityModule; - MockAccessControlModule internal _accessControlModule; + MockAccessModule internal _accessModule; MockCallback internal _mockCallback; IERC20 public usdc = IERC20(_label(USDC_ADDRESS, 'USDC')); @@ -92,7 +92,7 @@ contract IntegrationBase is TestConstants, Helpers { _disputeModule = new MockDisputeModule(oracle); _resolutionModule = new MockResolutionModule(oracle); _finalityModule = new MockFinalityModule(oracle); - _accessControlModule = new MockAccessControlModule(oracle); + _accessModule = new MockAccessModule(oracle); vm.stopPrank(); @@ -138,7 +138,7 @@ contract IntegrationBase is TestConstants, Helpers { mockRequest.disputeModule = address(_disputeModule); mockRequest.resolutionModule = address(_resolutionModule); mockRequest.finalityModule = address(_finalityModule); - mockRequest.accessControlModule = address(_accessControlModule); + mockRequest.accessModule = address(_accessModule); mockRequest.requester = requester; // Configure the mock response @@ -148,7 +148,7 @@ contract IntegrationBase is TestConstants, Helpers { mockDispute.requestId = _getId(mockRequest); mockDispute.responseId = _getId(mockResponse); - // Add the allowed callers to the access control module + // Add the allowed callers to the access module _setAccessControlForACaller(requester, caller); _setAccessControlForACaller(proposer, caller); _setAccessControlForACaller(disputer, caller); @@ -170,8 +170,8 @@ contract IntegrationBase is TestConstants, Helpers { vm.startPrank(_delegator); address[] memory _allowedCallers = new address[](1); _allowedCallers[0] = _caller; - _accessControlModule.setHasAccess(_allowedCallers); - oracle.setAccessControlModule(address(_accessControlModule), true); + _accessModule.setHasAccess(_allowedCallers); + oracle.setAccessModule(address(_accessModule), true); vm.stopPrank(); } } diff --git a/solidity/test/integration/ResponseDispute.t.sol b/solidity/test/integration/ResponseDispute.t.sol index c2cab00..5e1b76b 100644 --- a/solidity/test/integration/ResponseDispute.t.sol +++ b/solidity/test/integration/ResponseDispute.t.sol @@ -46,7 +46,9 @@ contract Integration_ResponseDispute is IntegrationBase { mockAccessControl.user = _anotherDisputer; // Revert if the response is access control is not approved - vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_AccessControlModuleNotApproved.selector)); + vm.expectRevert( + abi.encodeWithSelector(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector) + ); oracle.disputeResponse(mockRequest, mockResponse, mockDispute, mockAccessControl); // Revert if the response is already disputed diff --git a/solidity/test/integration/ResponseProposal.t.sol b/solidity/test/integration/ResponseProposal.t.sol index e6311d0..34a67de 100644 --- a/solidity/test/integration/ResponseProposal.t.sol +++ b/solidity/test/integration/ResponseProposal.t.sol @@ -15,19 +15,32 @@ contract Integration_ResponseProposal is IntegrationBase { mockAccessControl.user = _badRequester; // Revert if not approved to create request - vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_AccessControlModuleNotApproved.selector)); + vm.expectRevert( + abi.encodeWithSelector(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector) + ); oracle.createRequest(mockRequest, _ipfsHash, mockAccessControl); vm.stopPrank(); // Revert if has no access to create request mockAccessControl.user = requester; + vm.expectRevert(abi.encodeWithSelector(IAccessController.AccessController_NoAccess.selector)); vm.prank(badCaller); oracle.createRequest(mockRequest, _ipfsHash, mockAccessControl); - // Create request + // Revert if access control is an EOA + address _eoaAccessModule = makeAddr('eoaAccessModule'); + vm.prank(requester); + oracle.setAccessModule(address(_eoaAccessModule), true); + vm.startPrank(caller); + mockRequest.accessModule = _eoaAccessModule; + vm.expectRevert(); + oracle.createRequest(mockRequest, _ipfsHash, mockAccessControl); + + // Create request + mockRequest.accessModule = address(_accessModule); _requestId = oracle.createRequest(mockRequest, _ipfsHash, mockAccessControl); } @@ -35,7 +48,9 @@ contract Integration_ResponseProposal is IntegrationBase { mockResponse.response = _response; // Revert if not approved to create request - vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_AccessControlModuleNotApproved.selector)); + vm.expectRevert( + abi.encodeWithSelector(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector) + ); address _badProposer = makeAddr('badProposer'); mockAccessControl.user = _badProposer; oracle.proposeResponse(mockRequest, mockResponse, mockAccessControl); diff --git a/solidity/test/mocks/contracts/MockAccessControlModule.sol b/solidity/test/mocks/contracts/MockAccessModule.sol similarity index 55% rename from solidity/test/mocks/contracts/MockAccessControlModule.sol rename to solidity/test/mocks/contracts/MockAccessModule.sol index 94dd219..8d77ccc 100644 --- a/solidity/test/mocks/contracts/MockAccessControlModule.sol +++ b/solidity/test/mocks/contracts/MockAccessModule.sol @@ -4,9 +4,9 @@ pragma solidity ^0.8.19; import {Module} from '../../../contracts/Module.sol'; import {IOracle} from '../../../interfaces/IOracle.sol'; -import {IAccessControlModule, IMockAccessControlModule} from '../interfaces/IMockAccessControlModule.sol'; +import {IAccessModule, IMockAccessModule} from '../interfaces/IMockAccessModule.sol'; -contract MockAccessControlModule is Module, IMockAccessControlModule { +contract MockAccessModule is Module, IMockAccessModule { mapping(address _caller => bool _hasAccess) public callerHasAccess; constructor(IOracle _oracle) Module(_oracle) {} @@ -19,8 +19,8 @@ contract MockAccessControlModule is Module, IMockAccessControlModule { function moduleName() external view returns (string memory _moduleName) {} - function hasAccess(bytes memory _data) external view override returns (bool _hasAccess) { - IAccessControlModule.AccessControlParameters memory _accessControlData = decodeAccesControlData(_data); + function hasAccess(bytes memory _data) external view returns (bool _hasAccess) { + IAccessModule.AccessControlParameters memory _accessControlData = decodeAccesControlData(_data); _hasAccess = callerHasAccess[_accessControlData.sender]; } @@ -28,8 +28,8 @@ contract MockAccessControlModule is Module, IMockAccessControlModule { public pure override - returns (IAccessControlModule.AccessControlParameters memory _accessControlData) + returns (IAccessModule.AccessControlParameters memory _accessControlData) { - _accessControlData = abi.decode(_data, (IAccessControlModule.AccessControlParameters)); + _accessControlData = abi.decode(_data, (IAccessModule.AccessControlParameters)); } } diff --git a/solidity/test/mocks/interfaces/IMockAccessControlModule.sol b/solidity/test/mocks/interfaces/IMockAccessModule.sol similarity index 55% rename from solidity/test/mocks/interfaces/IMockAccessControlModule.sol rename to solidity/test/mocks/interfaces/IMockAccessModule.sol index fb59a5c..e3ff836 100644 --- a/solidity/test/mocks/interfaces/IMockAccessControlModule.sol +++ b/solidity/test/mocks/interfaces/IMockAccessModule.sol @@ -1,9 +1,9 @@ // SPDX-License-Identifier: MIT pragma solidity ^0.8.19; -import {IAccessControlModule} from '../../../interfaces/modules/accessControl/IAccessControlModule.sol'; +import {IAccessModule} from '../../../interfaces/modules/access/IAccessModule.sol'; -interface IMockAccessControlModule is IAccessControlModule { +interface IMockAccessModule is IAccessModule { function decodeAccesControlData(bytes calldata _data) external view diff --git a/solidity/test/unit/AccessController.t.sol b/solidity/test/unit/AccessController.t.sol index 8dcb01a..e226b33 100644 --- a/solidity/test/unit/AccessController.t.sol +++ b/solidity/test/unit/AccessController.t.sol @@ -3,18 +3,19 @@ pragma solidity ^0.8.19; import 'forge-std/Test.sol'; -import {AccessController, IAccessControlModule, IAccessController} from '../../contracts/AccessController.sol'; +import {CommonAccessController, OracleAccessController} from '../../contracts/OracleAccessController.sol'; +import {IAccessController, IAccessModule} from '../../interfaces/modules/access/IAccessModule.sol'; import {Helpers} from '../utils/Helpers.sol'; -contract MockAccessControl is AccessController { - constructor() AccessController() {} +contract MockAccessControl is OracleAccessController { + constructor() OracleAccessController() {} function hasAccessForTest( - address _accessControlModule, + address _accessModule, bytes32 _typehash, bytes memory _params, AccessControl memory _accessControl - ) public hasAccess(_accessControlModule, _typehash, _params, _accessControl) {} + ) public hasAccess(_accessModule, _typehash, _params, _accessControl) {} } /** @@ -37,13 +38,13 @@ contract BaseTest is Test, Helpers { contract AccessController_Unit_HasAccess is BaseTest { modifier happyPath( - address _accessControlModule, + address _accessModule, bytes32 _typehash, bytes memory _params, IAccessController.AccessControl memory _accessControl ) { vm.assume(_accessControl.user != caller); - vm.assume(_accessControlModule != address(0) && _accessControlModule != caller); + vm.assume(_accessModule != address(0) && _accessModule != caller); vm.assume(_params.length < 32); vm.startPrank(caller); @@ -51,22 +52,22 @@ contract AccessController_Unit_HasAccess is BaseTest { } function test_revertIfNoHasAccess( - address _accessControlModule, + address _accessModule, bytes32 _typehash, bytes memory _params, IAccessController.AccessControl memory _accessControl - ) public happyPath(_accessControlModule, _typehash, _params, _accessControl) { - IAccessControlModule.AccessControlParameters memory _expectedParams = IAccessControlModule.AccessControlParameters({ + ) public happyPath(_accessModule, _typehash, _params, _accessControl) { + IAccessModule.AccessControlParameters memory _expectedParams = IAccessModule.AccessControlParameters({ sender: caller, accessControl: _accessControl, typehash: _typehash, - params: _params + typehashParams: _params }); // Expect the hasAccess function to not be called _mockAndExpect( - _accessControlModule, - abi.encodeWithSelector(IAccessControlModule.hasAccess.selector, abi.encode(_expectedParams)), + _accessModule, + abi.encodeWithSelector(IAccessModule.hasAccess.selector, abi.encode(_expectedParams)), abi.encode(false) ); @@ -74,15 +75,15 @@ contract AccessController_Unit_HasAccess is BaseTest { vm.expectRevert(abi.encodeWithSelector(IAccessController.AccessController_NoAccess.selector)); // Call the hasAccess function - accessController.hasAccessForTest(_accessControlModule, _typehash, _params, _accessControl); + accessController.hasAccessForTest(_accessModule, _typehash, _params, _accessControl); } function test_revertIfAddressZero( - address _accessControlModule, + address _accessModule, bytes32 _typehash, bytes memory _params, IAccessController.AccessControl memory _accessControl - ) public happyPath(_accessControlModule, _typehash, _params, _accessControl) { + ) public happyPath(_accessModule, _typehash, _params, _accessControl) { // Expect the revert vm.expectRevert(abi.encodeWithSelector(IAccessController.AccessController_NoAccess.selector)); @@ -91,37 +92,37 @@ contract AccessController_Unit_HasAccess is BaseTest { } function test_hasAccessSenderIsNotUser( - address _accessControlModule, + address _accessModule, bytes32 _typehash, bytes memory _params, IAccessController.AccessControl memory _accessControl - ) public happyPath(_accessControlModule, _typehash, _params, _accessControl) { - IAccessControlModule.AccessControlParameters memory _expectedParams = IAccessControlModule.AccessControlParameters({ + ) public happyPath(_accessModule, _typehash, _params, _accessControl) { + IAccessModule.AccessControlParameters memory _expectedParams = IAccessModule.AccessControlParameters({ sender: caller, accessControl: _accessControl, typehash: _typehash, - params: _params + typehashParams: _params }); // Expect the hasAccess function to be called _mockAndExpect( - _accessControlModule, - abi.encodeWithSelector(IAccessControlModule.hasAccess.selector, abi.encode(_expectedParams)), + _accessModule, + abi.encodeWithSelector(IAccessModule.hasAccess.selector, abi.encode(_expectedParams)), abi.encode(true) ); // Call the hasAccess function - accessController.hasAccessForTest(_accessControlModule, _typehash, _params, _accessControl); + accessController.hasAccessForTest(_accessModule, _typehash, _params, _accessControl); } function test_hasAccessSenderIsUser( - address _accessControlModule, + address _accessModule, bytes32 _typehash, bytes memory _params, IAccessController.AccessControl memory _accessControl - ) public happyPath(_accessControlModule, _typehash, _params, _accessControl) { + ) public happyPath(_accessModule, _typehash, _params, _accessControl) { _accessControl.user = caller; // Call the hasAccess function - accessController.hasAccessForTest(_accessControlModule, _typehash, _params, _accessControl); + accessController.hasAccessForTest(_accessModule, _typehash, _params, _accessControl); } } diff --git a/solidity/test/unit/Oracle.t.sol b/solidity/test/unit/Oracle.t.sol index 216f3a2..6b7084b 100644 --- a/solidity/test/unit/Oracle.t.sol +++ b/solidity/test/unit/Oracle.t.sol @@ -8,8 +8,8 @@ import {IOracle} from '../../interfaces/IOracle.sol'; import {IDisputeModule} from '../../interfaces/modules/dispute/IDisputeModule.sol'; -import {IAccessController} from '../../interfaces/IAccessController.sol'; -import {IAccessControlModule} from '../../interfaces/modules/accessControl/IAccessControlModule.sol'; +import {IAccessController, IOracleAccessController} from '../../interfaces/IOracleAccessController.sol'; +import {IAccessModule} from '../../interfaces/modules/access/IAccessModule.sol'; import {IFinalityModule} from '../../interfaces/modules/finality/IFinalityModule.sol'; import {IRequestModule} from '../../interfaces/modules/request/IRequestModule.sol'; import {IResolutionModule} from '../../interfaces/modules/resolution/IResolutionModule.sol'; @@ -74,8 +74,8 @@ contract MockOracle is Oracle { _responseIds[_requestId] = abi.encodePacked(_responseIds[_requestId], _responseId); } - function mock_setAccessControlApproved(address _user, address _accessControlModule, bool _approved) external { - isAccessControlApproved[_user][_accessControlModule] = _approved; + function mock_setAccessModuleApproved(address _user, address _accessModule, bool _approved) external { + isAccessModuleApproved[_user][_accessModule] = _approved; } } @@ -92,7 +92,7 @@ contract BaseTest is Test, Helpers { IDisputeModule public disputeModule = IDisputeModule(_mockContract('disputeModule')); IResolutionModule public resolutionModule = IResolutionModule(_mockContract('resolutionModule')); IFinalityModule public finalityModule = IFinalityModule(_mockContract('finalityModule')); - IAccessControlModule public accessControlModule = IAccessControlModule(_mockContract('accessControlModule')); + IAccessModule public accessModule = IAccessModule(_mockContract('accessModule')); // Mock IPFS hash bytes32 internal _ipfsHash = bytes32('QmR4uiJH654k3Ta2uLLQ8r'); @@ -105,7 +105,9 @@ contract BaseTest is Test, Helpers { event DisputeEscalated(address indexed _caller, bytes32 indexed _disputeId, IOracle.Dispute _dispute); event DisputeStatusUpdated(bytes32 indexed _disputeId, IOracle.Dispute _dispute, IOracle.DisputeStatus _status); event DisputeResolved(bytes32 indexed _disputeId, IOracle.Dispute _dispute); - event AccessControlModuleSet(address indexed _user, address indexed _accessControlModule, bool _approved); + event AccessModuleSet(address indexed _user, address indexed _accessModule, bool _approved); + + address public anyone = makeAddr('anyone'); function setUp() public virtual { oracle = new MockOracle(); @@ -115,7 +117,7 @@ contract BaseTest is Test, Helpers { mockRequest.disputeModule = address(disputeModule); mockRequest.resolutionModule = address(resolutionModule); mockRequest.finalityModule = address(finalityModule); - mockRequest.accessControlModule = address(accessControlModule); + mockRequest.accessModule = address(accessModule); mockResponse.requestId = _getId(mockRequest); mockDispute.requestId = mockResponse.requestId; @@ -138,7 +140,7 @@ contract Oracle_Unit_CreateRequest is BaseTest { modifier happyPath() { mockAccessControl.user = requester; vm.startPrank(requester); - oracle.mock_setAccessControlApproved(requester, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(requester, address(accessModule), true); _; } /** @@ -202,23 +204,23 @@ contract Oracle_Unit_CreateRequest is BaseTest { } /** - * @notice Check that creating a request with a non-approved access control module reverts + * @notice Check that creating a request with a non-approved access module reverts */ function test_createRequest_revertsIfNotApproved() public { // Check: revert? - vm.expectRevert(IOracle.Oracle_AccessControlModuleNotApproved.selector); + vm.expectRevert(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector); // Test: try to create the request oracle.createRequest(mockRequest, _ipfsHash, mockAccessControl); } /** - * @notice Check that reverts if the access control module returns false + * @notice Check that reverts if the access module returns false */ function test_createRequest_revertsIfInvalidAccessControlData(address _caller) public { vm.assume(_caller != requester); - mockRequest.accessControlModule = address(0); + mockRequest.accessModule = address(0); mockAccessControl.user = requester; // Check: revert? @@ -280,7 +282,7 @@ contract Oracle_Unit_CreateRequests is BaseTest { IAccessController.AccessControl[] memory _accessControls = new IAccessController.AccessControl[](_requestsAmount); vm.startPrank(requester); - oracle.mock_setAccessControlApproved(requester, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(requester, address(accessModule), true); // Generate requests batch for (uint256 _i = 0; _i < _requestsAmount; _i++) { @@ -364,7 +366,7 @@ contract Oracle_Unit_CreateRequests is BaseTest { } vm.startPrank(requester); - oracle.mock_setAccessControlApproved(requester, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(requester, address(accessModule), true); oracle.createRequests(_requests, _ipfsHashes, _accessControls); uint256 _newNonce = oracle.totalRequestCount(); @@ -453,7 +455,7 @@ contract Oracle_Unit_ProposeResponse is BaseTest { modifier happyPath() { mockAccessControl.user = proposer; vm.startPrank(proposer); - oracle.mock_setAccessControlApproved(proposer, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(proposer, address(accessModule), true); _; } /** @@ -508,11 +510,11 @@ contract Oracle_Unit_ProposeResponse is BaseTest { } /** - * @notice Check that proposing a response with a non-approved access control module reverts + * @notice Check that proposing a response with a non-approved access module reverts */ function test_proposeResponse_revertsIfNotApproved() public { // Check: revert? - vm.expectRevert(IOracle.Oracle_AccessControlModuleNotApproved.selector); + vm.expectRevert(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector); // Test: try to create the request oracle.proposeResponse(mockRequest, mockResponse, mockAccessControl); @@ -527,12 +529,12 @@ contract Oracle_Unit_ProposeResponse is BaseTest { } /** - * @notice Revert if the access control module returns false + * @notice Revert if the access module returns false */ function test_proposeResponse_revertsIfInvalidAccessControlData(address _caller) public { vm.assume(_caller != proposer); - mockRequest.accessControlModule = address(0); + mockRequest.accessModule = address(0); mockAccessControl.user = proposer; // Check: revert? @@ -551,7 +553,7 @@ contract Oracle_Unit_ProposeResponse is BaseTest { oracle.mock_setRequestCreatedAt(_getId(mockRequest), block.timestamp); - oracle.mock_setAccessControlApproved(_caller, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(_caller, address(accessModule), true); mockAccessControl.user = _caller; // Check: revert? @@ -612,7 +614,7 @@ contract Oracle_Unit_DisputeResponse is BaseTest { modifier happyPath() { mockAccessControl.user = disputer; vm.startPrank(disputer); - oracle.mock_setAccessControlApproved(disputer, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(disputer, address(accessModule), true); _; } @@ -646,11 +648,11 @@ contract Oracle_Unit_DisputeResponse is BaseTest { } /** - * @notice Check that dispute a response with a non-approved access control module reverts + * @notice Check that dispute a response with a non-approved access module reverts */ function test_disputeResponse_revertsIfNotApproved() public { // Check: revert? - vm.expectRevert(IOracle.Oracle_AccessControlModuleNotApproved.selector); + vm.expectRevert(IOracleAccessController.OracleAccessController_AccessModuleNotApproved.selector); // Test: try to create the request oracle.disputeResponse(mockRequest, mockResponse, mockDispute, mockAccessControl); @@ -686,11 +688,11 @@ contract Oracle_Unit_DisputeResponse is BaseTest { } /** - * @notice Revert if the access control module returns false + * @notice Revert if the access module returns false */ function test_disputeResponse_revertsIfInvalidAccessControlData(address _caller) public { vm.assume(_caller != disputer); - mockRequest.accessControlModule = address(0); + mockRequest.accessModule = address(0); mockAccessControl.user = disputer; // Check: revert? @@ -707,7 +709,7 @@ contract Oracle_Unit_DisputeResponse is BaseTest { function test_disputeResponse_revertIfWrongDisputer(address _caller) public { vm.assume(_caller != disputer); - oracle.mock_setAccessControlApproved(_caller, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(_caller, address(accessModule), true); mockAccessControl.user = _caller; // Check: revert? @@ -809,11 +811,9 @@ contract Oracle_Unit_UpdateDisputeStatus is BaseTest { // Mock the dispute oracle.mock_setDisputeOf(_responseId, _disputeId); oracle.mock_setDisputeCreatedAt(_disputeId, block.timestamp); - oracle.mock_setAccessControlApproved(proposer, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(proposer, address(accessModule), true); - vm.mockCall( - address(accessControlModule), abi.encodeWithSelector(IAccessControlModule.hasAccess.selector), abi.encode(true) - ); + vm.mockCall(address(accessModule), abi.encodeWithSelector(IAccessModule.hasAccess.selector), abi.encode(true)); // Check: revert? vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_NotDisputeOrResolutionModule.selector, proposer)); @@ -830,7 +830,7 @@ contract Oracle_Unit_UpdateDisputeStatus is BaseTest { bytes32 _disputeId = _getId(mockDispute); oracle.mock_setDisputeCreatedAt(_disputeId, 0); - oracle.mock_setAccessControlApproved(address(resolutionModule), address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(address(resolutionModule), address(accessModule), true); // Check: revert? vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_InvalidDispute.selector)); @@ -844,7 +844,7 @@ contract Oracle_Unit_UpdateDisputeStatus is BaseTest { contract Oracle_Unit_ResolveDispute is BaseTest { modifier happyPath() { mockAccessControl.user = address(resolutionModule); - oracle.mock_setAccessControlApproved(address(resolutionModule), address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(address(resolutionModule), address(accessModule), true); vm.startPrank(address(resolutionModule)); _; } @@ -1022,7 +1022,7 @@ contract Oracle_Unit_Finalize is BaseTest { modifier happyPath() { mockAccessControl.user = address(requester); - oracle.mock_setAccessControlApproved(mockAccessControl.user, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(mockAccessControl.user, address(accessModule), true); vm.startPrank(address(requester)); _; } @@ -1040,7 +1040,7 @@ contract Oracle_Unit_Finalize is BaseTest { bytes32 _responseId = _getId(mockResponse); mockAccessControl.user = _caller; - oracle.mock_setAccessControlApproved(mockAccessControl.user, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(mockAccessControl.user, address(accessModule), true); oracle.mock_addResponseId(_requestId, _responseId); oracle.mock_setRequestCreatedAt(_requestId, block.timestamp); @@ -1081,7 +1081,7 @@ contract Oracle_Unit_Finalize is BaseTest { function test_finalize_revertsIfInvalidAccessControlData(address _caller) public { vm.assume(_caller != address(requester)); - mockRequest.accessControlModule = address(0); + mockRequest.accessModule = address(0); mockAccessControl.user = address(requester); // Check: revert? @@ -1183,7 +1183,7 @@ contract Oracle_Unit_Finalize is BaseTest { oracle.mock_setRequestCreatedAt(_requestId, block.timestamp); mockResponse.requestId = bytes32(0); mockAccessControl.user = _caller; - oracle.mock_setAccessControlApproved(mockAccessControl.user, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(mockAccessControl.user, address(accessModule), true); // Create mock request and store it bytes memory _calldata = abi.encodeCall(IModule.finalizeRequest, (mockRequest, mockResponse, _caller)); @@ -1227,7 +1227,7 @@ contract Oracle_Unit_Finalize is BaseTest { oracle.mock_setRequestCreatedAt(_requestId, block.timestamp); mockAccessControl.user = _caller; - oracle.mock_setAccessControlApproved(mockAccessControl.user, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(mockAccessControl.user, address(accessModule), true); IOracle.DisputeStatus _disputeStatus = IOracle.DisputeStatus(_status); @@ -1268,7 +1268,7 @@ contract Oracle_Unit_Finalize is BaseTest { oracle.mock_setRequestCreatedAt(_getId(mockRequest), block.timestamp); mockAccessControl.user = _caller; - oracle.mock_setAccessControlApproved(mockAccessControl.user, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(mockAccessControl.user, address(accessModule), true); // Test: finalize a finalized request vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_AlreadyFinalized.selector, _requestId)); @@ -1304,7 +1304,7 @@ contract Oracle_Unit_EscalateDispute is BaseTest { modifier happyPath(address _caller) { mockAccessControl.user = _caller; vm.startPrank(_caller); - oracle.mock_setAccessControlApproved(_caller, address(accessControlModule), true); + oracle.mock_setAccessModuleApproved(_caller, address(accessModule), true); _; } /** @@ -1426,30 +1426,34 @@ contract Oracle_Unit_EscalateDispute is BaseTest { } } -contract Oracle_Unit_SetAccessControlModule is BaseTest { - function test_revertIfAccessControlModuleAlreadySet(address _accessControlModule, bool _approved) public { +contract Oracle_Unit_SetAccessModule is BaseTest { + function test_revertIfAccessModuleAlreadySet(address _accessModule, bool _approved) public { vm.assume(_approved == true); - // Set the access control module - oracle.mock_setAccessControlApproved(address(this), _accessControlModule, _approved); + // Set the access module + oracle.mock_setAccessModuleApproved(address(this), _accessModule, _approved); - vm.expectRevert(abi.encodeWithSelector(IOracle.Oracle_AccessControlModuleAlreadySet.selector)); + vm.expectRevert( + abi.encodeWithSelector(IOracleAccessController.OracleAccessController_AccessModuleAlreadySet.selector) + ); - // Test: set the access control module - oracle.setAccessControlModule(address(_accessControlModule), _approved); + // Test: set the access module + oracle.setAccessModule(address(_accessModule), _approved); } - function test_setAccessControlModuleTrue(address _accessControlModule, bool _approved) public { + function test_setAccessModuleTrue(address _accessModule, bool _approved) public { vm.assume(_approved == true); - // Check: emits AccessControlModuleSet event? + vm.startPrank(anyone); + + // Check: emits AccessModuleSet event? _expectEmit(address(oracle)); - emit AccessControlModuleSet(address(this), address(_accessControlModule), _approved); + emit AccessModuleSet(anyone, address(_accessModule), _approved); - // Test: set the access control module - oracle.setAccessControlModule(address(_accessControlModule), _approved); + // Test: set the access module + oracle.setAccessModule(address(_accessModule), _approved); - // Check: correct access control module set? - assertEq(oracle.isAccessControlApproved(address(this), address(_accessControlModule)), _approved); + // Check: correct access module set? + assertEq(oracle.isAccessModuleApproved(anyone, address(_accessModule)), _approved); } } diff --git a/solidity/test/utils/Helpers.sol b/solidity/test/utils/Helpers.sol index 171e1ef..0e79edb 100644 --- a/solidity/test/utils/Helpers.sol +++ b/solidity/test/utils/Helpers.sol @@ -1,8 +1,8 @@ // SPDX-License-Identifier: MIT pragma solidity ^0.8.19; -import {IAccessController} from '../../contracts/AccessController.sol'; import {IOracle} from '../../contracts/Oracle.sol'; +import {IAccessController} from '../../interfaces/IAccessController.sol'; import {Test} from 'forge-std/Test.sol'; contract Helpers is Test {