Skip to content

Commit

Permalink
Merge pull request #220 from CMTA/add-admin-rule
Browse files Browse the repository at this point in the history 
Add AccessControlDefaultAdminRules
  • Loading branch information
@rya-sge
rya-sge authored Sep 1, 2023
2 parents bc082bb + f76b445 commit 41edba6
Show file tree
Hide file tree
Showing 30 changed files with 173 additions and 121 deletions.
2 changes: 2 additions & 0 deletions contracts/CMTAT_STANDALONE.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ contract CMTAT_STANDALONE is CMTAT_BASE {
constructor(
address forwarderIrrevocable,
address admin,
uint48 initialDelay,
string memory nameIrrevocable,
string memory symbolIrrevocable,
uint8 decimalsIrrevocable,
Expand All @@ -35,6 +36,7 @@ contract CMTAT_STANDALONE is CMTAT_BASE {
// Warning : do not initialize the proxy
initialize(
admin,
initialDelay,
nameIrrevocable,
symbolIrrevocable,
decimalsIrrevocable,
Expand Down
6 changes: 5 additions & 1 deletion contracts/modules/CMTAT_BASE.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ abstract contract CMTAT_BASE is
*/
function initialize(
address admin,
uint48 initialDelayToAcceptAdminRole,
string memory nameIrrevocable,
string memory symbolIrrevocable,
uint8 decimalsIrrevocable,
Expand All @@ -68,6 +69,7 @@ abstract contract CMTAT_BASE is
) public initializer {
__CMTAT_init(
admin,
initialDelayToAcceptAdminRole,
nameIrrevocable,
symbolIrrevocable,
decimalsIrrevocable,
Expand All @@ -84,6 +86,7 @@ abstract contract CMTAT_BASE is
*/
function __CMTAT_init(
address admin,
uint48 initialDelayToAcceptAdminRole,
string memory nameIrrevocable,
string memory symbolIrrevocable,
uint8 decimalsIrrevocable,
Expand All @@ -101,6 +104,7 @@ abstract contract CMTAT_BASE is
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();
__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
__Pausable_init_unchained();

/* Internal Modules */
Expand All @@ -114,7 +118,7 @@ abstract contract CMTAT_BASE is

/* Wrapper */
// AuthorizationModule_init_unchained is called firstly due to inheritance
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();
__BurnModule_init_unchained();
__MintModule_init_unchained();
// EnforcementModule_init_unchained is called before ValidationModule_init_unchained due to inheritance
Expand Down
25 changes: 12 additions & 13 deletions contracts/modules/security/AuthorizationModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@

pragma solidity ^0.8.20;

import "../../../openzeppelin-contracts-upgradeable/contracts/access/AccessControlUpgradeable.sol";
import "../../../openzeppelin-contracts-upgradeable/contracts/access/extensions/AccessControlDefaultAdminRulesUpgradeable.sol";
import "../../../openzeppelin-contracts-upgradeable/contracts/proxy/utils/Initializable.sol";

import "../../libraries/Errors.sol";

abstract contract AuthorizationModule is AccessControlUpgradeable {
abstract contract AuthorizationModule is AccessControlDefaultAdminRulesUpgradeable {
// BurnModule
bytes32 public constant BURNER_ROLE = keccak256("BURNER_ROLE");
// EnforcementModule
Expand All @@ -25,30 +25,29 @@ abstract contract AuthorizationModule is AccessControlUpgradeable {
keccak256("DEBT_CREDIT_EVENT_ROLE");

function __AuthorizationModule_init(
address admin
address admin,
uint48 initialDelay
) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
__AccessControl_init_unchained();
__AccessControlDefaultAdminRules_init_unchained(initialDelay, admin);

/* own function */
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();
}

/**
* @dev Grants the different roles to the
* account that deploys the contract.
* @dev
*
* - The grant to the admin role is done by AccessControlDefaultAdminRules
* - The control of the zero address is done by AccessControlDefaultAdminRules
*
*/
function __AuthorizationModule_init_unchained(
address admin
) internal onlyInitializing {
if (admin == address(0)) {
revert Errors.CMTAT_AuthorizationModule_AddressZeroNotAllowed();
}
_grantRole(DEFAULT_ADMIN_ROLE, admin);
) internal view onlyInitializing {
}

/*
Expand All @@ -57,7 +56,7 @@ abstract contract AuthorizationModule is AccessControlUpgradeable {
function hasRole(
bytes32 role,
address account
) public view virtual override returns (bool) {
) public view virtual override( IAccessControlUpgradeable, AccessControlUpgradeable) returns (bool) {
// The Default Admin has all roles
if (AccessControlUpgradeable.hasRole(DEFAULT_ADMIN_ROLE, account)) {
return true;
Expand Down
8 changes: 4 additions & 4 deletions contracts/modules/wrapper/mandatory/BaseModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,19 +39,19 @@ abstract contract BaseModule is AuthorizationModule, OnlyDelegateCallModule {
string memory terms_,
string memory information_,
uint256 flag_,
address admin
address admin,
uint48 initialDelayToAcceptAdminRole
) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Security
__AuthorizationModule_init_unchained(admin);

__AuthorizationModule_init_unchained();
// own function
__Base_init_unchained(tokenId_, terms_, information_, flag_);
}
Expand Down
7 changes: 4 additions & 3 deletions contracts/modules/wrapper/mandatory/BurnModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,8 @@ abstract contract BurnModule is ERC20Upgradeable, AuthorizationModule {
function __BurnModule_init(
string memory name_,
string memory symbol_,
address admin
address admin,
uint48 initialDelayToAcceptAdminRole
) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
Expand All @@ -24,10 +25,10 @@ abstract contract BurnModule is ERC20Upgradeable, AuthorizationModule {
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained( initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__BurnModule_init_unchained();
Expand Down
6 changes: 3 additions & 3 deletions contracts/modules/wrapper/mandatory/EnforcementModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,20 +22,20 @@ abstract contract EnforcementModule is
string internal constant TEXT_TRANSFER_REJECTED_TO_FROZEN =
"The address TO is frozen";

function __EnforcementModule_init(address admin) internal onlyInitializing {
function __EnforcementModule_init(address admin, uint48 initialDelayToAcceptAdminRole) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Internal
__Enforcement_init_unchained();

// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__EnforcementModule_init_unchained();
Expand Down
7 changes: 4 additions & 3 deletions contracts/modules/wrapper/mandatory/MintModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ abstract contract MintModule is ERC20Upgradeable, AuthorizationModule {
function __MintModule_init(
string memory name_,
string memory symbol_,
address admin
address admin,
uint48 initialDelayToAcceptAdminRole
) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
Expand All @@ -25,10 +26,10 @@ abstract contract MintModule is ERC20Upgradeable, AuthorizationModule {
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__MintModule_init_unchained();
Expand Down
6 changes: 3 additions & 3 deletions contracts/modules/wrapper/mandatory/PauseModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,18 +17,18 @@ abstract contract PauseModule is PausableUpgradeable, AuthorizationModule {
string internal constant TEXT_TRANSFER_REJECTED_PAUSED =
"All transfers paused";

function __PauseModule_init(address admin) internal onlyInitializing {
function __PauseModule_init(address admin, uint48 initialDelayToAcceptAdminRole) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
__Pausable_init_unchained();
// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__PauseModule_init_unchained();
Expand Down
8 changes: 5 additions & 3 deletions contracts/modules/wrapper/optional/DebtModule/CreditEventsModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,20 @@ abstract contract CreditEventsModule is
event FlagRedeemed(bool indexed newFlagRedeemed);
event Rating(string indexed newRatingIndexed, string newRating);

function __CreditEvents_init(address admin) internal onlyInitializing {
function __CreditEvents_init(
address admin,
uint48 initialDelayToAcceptAdminRole) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();

// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__CreditEvents_init_unchained();
Expand Down
8 changes: 5 additions & 3 deletions contracts/modules/wrapper/optional/DebtModule/DebtBaseModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,18 +55,20 @@ abstract contract DebtBaseModule is
string newCouponFrequency
);

function __DebtBaseModule_init(address admin) internal onlyInitializing {
function __DebtBaseModule_init(
address admin,
uint48 initialDelayToAcceptAdminRole) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();

// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__DebtBaseModule_init_unchained();
Expand Down
7 changes: 4 additions & 3 deletions contracts/modules/wrapper/optional/SnapshotModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ abstract contract SnapshotModule is
function __SnasphotModule_init(
string memory name_,
string memory symbol_,
address admin
address admin,
uint48 initialDelayToAcceptAdminRole
) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
Expand All @@ -29,13 +30,13 @@ abstract contract SnapshotModule is
__ERC165_init_unchained();
// AuthorizationModule inherits from AccessControlUpgradeable
__AccessControl_init_unchained();

__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
/* CMTAT modules */
// Internal
__Snapshot_init_unchained();

// Security
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();

// own function
__SnasphotModule_init_unchained();
Expand Down
9 changes: 6 additions & 3 deletions contracts/modules/wrapper/optional/ValidationModule.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,22 +26,25 @@ abstract contract ValidationModule is

function __ValidationModule_init(
IEIP1404Wrapper ruleEngine_,
address admin
address admin,
uint48 initialDelayToAcceptAdminRole
) internal onlyInitializing {
/* OpenZeppelin */
__Context_init_unchained();
// AccessControlUpgradeable inherits from ERC165Upgradeable
__ERC165_init_unchained();
__AccessControl_init_unchained();
__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);

__Pausable_init_unchained();

/* CMTAT modules */
// Internal
__Validation_init_unchained(ruleEngine_);

// Security
__AuthorizationModule_init_unchained(admin);

__AuthorizationModule_init_unchained();
// Wrapper
__PauseModule_init_unchained();
__EnforcementModule_init_unchained();
Expand Down
2 changes: 2 additions & 0 deletions contracts/test/CMTATSnapshot/CMTATSnapshotStandaloneTest.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ contract CMTATSnapshotStandaloneTest is CMTAT_BASE_SnapshotTest {
constructor(
address forwarderIrrevocable,
address admin,
uint48 initialDelayToAcceptAdminRole,
string memory nameIrrevocable,
string memory symbolIrrevocable,
uint8 decimalsIrrevocable,
Expand All @@ -34,6 +35,7 @@ contract CMTATSnapshotStandaloneTest is CMTAT_BASE_SnapshotTest {
// Warning : do not initialize the proxy
initialize(
admin,
initialDelayToAcceptAdminRole,
nameIrrevocable,
symbolIrrevocable,
decimalsIrrevocable,
Expand Down
9 changes: 7 additions & 2 deletions contracts/test/CMTATSnapshot/CMTAT_BASE_SnapshotTest.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ abstract contract CMTAT_BASE_SnapshotTest is
*/
function initialize(
address admin,
uint48 initialDelayToAcceptAdminRole,
string memory nameIrrevocable,
string memory symbolIrrevocable,
uint8 decimalsIrrevocable,
Expand All @@ -59,6 +60,7 @@ abstract contract CMTAT_BASE_SnapshotTest is
) public initializer {
__CMTAT_init(
admin,
initialDelayToAcceptAdminRole,
nameIrrevocable,
symbolIrrevocable,
decimalsIrrevocable,
Expand All @@ -75,6 +77,7 @@ abstract contract CMTAT_BASE_SnapshotTest is
*/
function __CMTAT_init(
address admin,
uint48 initialDelayToAcceptAdminRole,
string memory nameIrrevocable,
string memory symbolIrrevocable,
uint8 decimalsIrrevocable,
Expand All @@ -99,13 +102,15 @@ abstract contract CMTAT_BASE_SnapshotTest is
/*
SnapshotModule:
Add this call in case you add the SnapshotModule
__Snapshot_init_unchained();
*/
__Snapshot_init_unchained();

__Validation_init_unchained(ruleEngine_);

/* Wrapper */
// AuthorizationModule_init_unchained is called firstly due to inheritance
__AuthorizationModule_init_unchained(admin);
__AuthorizationModule_init_unchained();
__AccessControlDefaultAdminRules_init_unchained(initialDelayToAcceptAdminRole, admin);
__BurnModule_init_unchained();
__MintModule_init_unchained();
// EnforcementModule_init_unchained is called before ValidationModule_init_unchained due to inheritance
Expand Down
Loading

0 comments on commit 41edba6

Please sign in to comment.