From 3f63ca6a3aed80ae693e3c12e024fae08f3d9232 Mon Sep 17 00:00:00 2001
From: Augustus <14297860+augustbleeds@users.noreply.github.com>
Date: Sun, 1 Dec 2024 18:59:58 -0500
Subject: [PATCH] disable proxy check (#560)

* disable proxy access check by default

* remove
---
 contracts/src/access_control/access_controller.cairo |  2 +-
 contracts/src/emergency/sequencer_uptime_feed.cairo  |  2 +-
 contracts/src/libraries/access_control.cairo         |  4 ++--
 contracts/src/ocr2/aggregator.cairo                  |  2 +-
 contracts/src/ocr2/aggregator_proxy.cairo            |  2 +-
 contracts/src/tests/test_aggregator_proxy.cairo      | 10 +++++++---
 6 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/contracts/src/access_control/access_controller.cairo b/contracts/src/access_control/access_controller.cairo
index 37d9ef909..66e945fb3 100644
--- a/contracts/src/access_control/access_controller.cairo
+++ b/contracts/src/access_control/access_controller.cairo
@@ -41,7 +41,7 @@ mod AccessController {
     #[constructor]
     fn constructor(ref self: ContractState, owner_address: ContractAddress) {
         self.ownable.initializer(owner_address);
-        self.access_control.initializer();
+        self.access_control.initializer(true);
     }
 
     #[abi(embed_v0)]
diff --git a/contracts/src/emergency/sequencer_uptime_feed.cairo b/contracts/src/emergency/sequencer_uptime_feed.cairo
index eacde6f95..b70739336 100644
--- a/contracts/src/emergency/sequencer_uptime_feed.cairo
+++ b/contracts/src/emergency/sequencer_uptime_feed.cairo
@@ -260,7 +260,7 @@ mod SequencerUptimeFeed {
             ref self: ContractState, initial_status: u128, owner_address: ContractAddress
         ) {
             self.ownable.initializer(owner_address);
-            self.access_control.initializer();
+            self.access_control.initializer(true);
             let round_id = 1_u128;
             let timestamp = starknet::info::get_block_timestamp();
             let from_address = EthAddress {
diff --git a/contracts/src/libraries/access_control.cairo b/contracts/src/libraries/access_control.cairo
index e971e4067..2d9e248eb 100644
--- a/contracts/src/libraries/access_control.cairo
+++ b/contracts/src/libraries/access_control.cairo
@@ -137,8 +137,8 @@ mod AccessControlComponent {
         impl Ownable: OwnableComponent::HasComponent<TContractState>,
         +Drop<TContractState>,
     > of InternalTrait<TContractState> {
-        fn initializer(ref self: ComponentState<TContractState>) {
-            self._check_enabled.write(true);
+        fn initializer(ref self: ComponentState<TContractState>, check_enabled: bool) {
+            self._check_enabled.write(check_enabled);
             self.emit(Event::AccessControlEnabled(AccessControlEnabled {}));
         }
 
diff --git a/contracts/src/ocr2/aggregator.cairo b/contracts/src/ocr2/aggregator.cairo
index e01c127b5..dedc7727b 100644
--- a/contracts/src/ocr2/aggregator.cairo
+++ b/contracts/src/ocr2/aggregator.cairo
@@ -397,7 +397,7 @@ mod Aggregator {
         description: felt252
     ) {
         self.ownable.initializer(owner);
-        self.access_control.initializer();
+        self.access_control.initializer(true);
         self._link_token.write(link);
         self._billing_access_controller.write(billing_access_controller);
 
diff --git a/contracts/src/ocr2/aggregator_proxy.cairo b/contracts/src/ocr2/aggregator_proxy.cairo
index 16cf20264..e14752da2 100644
--- a/contracts/src/ocr2/aggregator_proxy.cairo
+++ b/contracts/src/ocr2/aggregator_proxy.cairo
@@ -175,7 +175,7 @@ mod AggregatorProxy {
     #[constructor]
     fn constructor(ref self: ContractState, owner: ContractAddress, address: ContractAddress) {
         self.ownable.initializer(owner);
-        self.access_control.initializer();
+        self.access_control.initializer(false);
         self._set_aggregator(address);
     }
 
diff --git a/contracts/src/tests/test_aggregator_proxy.cairo b/contracts/src/tests/test_aggregator_proxy.cairo
index 3a586dc44..ac8bd13f7 100644
--- a/contracts/src/tests/test_aggregator_proxy.cairo
+++ b/contracts/src/tests/test_aggregator_proxy.cairo
@@ -18,7 +18,10 @@ use chainlink::ocr2::aggregator_proxy::AggregatorProxy;
 use chainlink::ocr2::aggregator_proxy::AggregatorProxy::{
     AggregatorProxyImpl, AggregatorProxyInternal, UpgradeableImpl
 };
-use chainlink::libraries::access_control::AccessControlComponent::AccessControlImpl;
+use chainlink::libraries::access_control::{
+    IAccessControllerDispatcher, IAccessControllerDispatcherTrait,
+    AccessControlComponent::AccessControlImpl
+};
 use chainlink::ocr2::aggregator::Round;
 use chainlink::utils::split_felt;
 use chainlink::tests::test_ownable::should_implement_ownable;
@@ -99,6 +102,9 @@ fn test_access_control() {
         .deploy(@calldata)
         .unwrap();
 
+    // proxy by default disables the access check, so we re-enable for testing purposes
+    IAccessControllerDispatcher { contract_address: aggregatorProxyAddr }.enable_access_check();
+
     should_implement_access_control(aggregatorProxyAddr, account);
 }
 
@@ -134,7 +140,6 @@ fn test_query_latest_round_data() {
 }
 
 #[test]
-#[should_panic(expected: ('user does not have read access',))]
 fn test_query_latest_round_data_without_access() {
     let (owner, mockAggregatorAddr, mockAggregator, _, _) = setup();
     let mut state = STATE();
@@ -150,7 +155,6 @@ fn test_query_latest_round_data_without_access() {
 }
 
 #[test]
-#[should_panic(expected: ('user does not have read access',))]
 fn test_query_latest_answer_without_access() {
     let (owner, mockAggregatorAddr, mockAggregator, _, _) = setup();
     let mut state = STATE();