From a28dfa009f9afcc69ead686d0030735b71975ef8 Mon Sep 17 00:00:00 2001 From: Matthias Zimmermann Date: Tue, 3 Sep 2024 18:38:36 +0000 Subject: [PATCH] amend function (un)authorization tests --- .../authorization/InstanceAuthzTargets.t.sol | 50 ++++++++++++++----- 1 file changed, 37 insertions(+), 13 deletions(-) diff --git a/test/instance/authorization/InstanceAuthzTargets.t.sol b/test/instance/authorization/InstanceAuthzTargets.t.sol index 3d4dc7e68..6a7c05cb0 100644 --- a/test/instance/authorization/InstanceAuthzTargets.t.sol +++ b/test/instance/authorization/InstanceAuthzTargets.t.sol @@ -11,6 +11,7 @@ import {IInstance} from "../../../contracts/instance/IInstance.sol"; import {AccessManagedMock} from "../../mock/AccessManagedMock.sol"; import {InstanceAuthzBaseTest} from "./InstanceAuthzBase.t.sol"; import {RoleId, RoleIdLib} from "../../../contracts/type/RoleId.sol"; +import {StrLib} from "../../../contracts/type/String.sol"; import {TimestampLib} from "../../../contracts/type/Timestamp.sol"; @@ -109,7 +110,7 @@ contract InstanceAuthzTargetsTest is InstanceAuthzBaseTest { assertTrue(instanceReader.isLocked(address(target)), "target not locked after locking instance"); } - function test_instanceAuthzTargetsAuthorizeFunctionsHappyCase() public { + function test_instanceAuthzFunctionsAuthorizeFunctionsHappyCase() public { // GIVEN AccessManagedMock target = _deployAccessManagedMock(); string memory targetName = "MyTarget"; @@ -119,6 +120,7 @@ contract InstanceAuthzTargetsTest is InstanceAuthzBaseTest { assertTrue(instanceReader.targetExists(address(target)), "target not existing after create"); assertFalse(instanceReader.isLocked(address(target)), "target locked"); + assertEq(instanceReader.authorizedFunctions(address(target)), 0, "unexpected number of authorized functions (before)"); assertEq(target.counter1(), 0, "unexpected initial counter value"); // WHEN + THEN attempt to call unauthorized function @@ -134,28 +136,44 @@ contract InstanceAuthzTargetsTest is InstanceAuthzBaseTest { // WHEN - add function authz RoleId publicRoleId = instance.getInstanceAdmin().getPublicRole(); - IAccess.FunctionInfo[] memory functions = new IAccess.FunctionInfo[](1); + IAccess.FunctionInfo[] memory functions = new IAccess.FunctionInfo[](2); functions[0] = instanceReader.toFunction(AccessManagedMock.increaseCounter1.selector, "increaseCounter1"); + functions[1] = instanceReader.toFunction(AccessManagedMock.increaseCounter2.selector, "increaseCounter2"); vm.prank(instanceOwner); instance.authorizeFunctions(address(target), publicRoleId, functions); + // THEN + assertEq(instanceReader.authorizedFunctions(address(target)), 2, "unexpected number of authorized functions (after)"); + + (IAccess.FunctionInfo memory func, RoleId authorizedRole) = instanceReader.getAuthorizedFunction(address(target), 0); + assertTrue(StrLib.eq(func.name.toString(), "increaseCounter1"), "unexpected function name"); + assertEq(func.selector.toBytes4(), AccessManagedMock.increaseCounter1.selector, "unexpected function selector"); + assertEq(func.createdAt.toInt(), TimestampLib.blockTimestamp().toInt(), "unexpected function creation time"); + assertEq(authorizedRole.toInt(), publicRoleId.toInt(), "unexpected authorized role"); + + (func, authorizedRole) = instanceReader.getAuthorizedFunction(address(target), 1); + assertTrue(StrLib.eq(func.name.toString(), "increaseCounter2"), "unexpected function name"); + assertEq(func.selector.toBytes4(), AccessManagedMock.increaseCounter2.selector, "unexpected function selector"); + assertEq(func.createdAt.toInt(), TimestampLib.blockTimestamp().toInt(), "unexpected function creation time"); + assertEq(authorizedRole.toInt(), publicRoleId.toInt(), "unexpected authorized role"); + // must not revert now vm.prank(outsider); target.increaseCounter1(); - // THEN assertEq(target.counter1(), 1, "unexpected counter value after increaseCounter1"); } - function test_instanceAuthzTargetsUnauthorizeFunctionsHappyCase() public { + function test_instanceAuthzFunctionsUnauthorizeFunctionsHappyCase() public { // GIVEN AccessManagedMock target = _deployAccessManagedMock(); string memory targetName = "MyTarget"; RoleId publicRoleId = instance.getInstanceAdmin().getPublicRole(); - IAccess.FunctionInfo[] memory functions = new IAccess.FunctionInfo[](1); + IAccess.FunctionInfo[] memory functions = new IAccess.FunctionInfo[](2); functions[0] = instanceReader.toFunction(AccessManagedMock.increaseCounter1.selector, "increaseCounter1"); + functions[1] = instanceReader.toFunction(AccessManagedMock.increaseCounter2.selector, "increaseCounter2"); vm.startPrank(instanceOwner); instance.createTarget(address(target), targetName); @@ -166,13 +184,24 @@ contract InstanceAuthzTargetsTest is InstanceAuthzBaseTest { vm.prank(outsider); target.increaseCounter1(); - assertEq(target.counter1(), 1, "unexpected counter value after increaseCounter1"); + assertEq(instanceReader.authorizedFunctions(address(target)), 2, "unexpected number of authorized functions (before)"); + + // WHEN - unauthorize 1st function + functions = new IAccess.FunctionInfo[](1); + functions[0] = instanceReader.toFunction(AccessManagedMock.increaseCounter1.selector, "increaseCounter1"); - // WHEN - unauthorize function vm.prank(instanceOwner); instance.unauthorizeFunctions(address(target), functions); // THEN + assertEq(instanceReader.authorizedFunctions(address(target)), 1, "unexpected number of authorized functions (after)"); + + (IAccess.FunctionInfo memory func, RoleId authorizedRole) = instanceReader.getAuthorizedFunction(address(target), 0); + assertTrue(StrLib.eq(func.name.toString(), "increaseCounter2"), "unexpected function name"); + assertEq(func.selector.toBytes4(), AccessManagedMock.increaseCounter2.selector, "unexpected function selector"); + assertEq(func.createdAt.toInt(), TimestampLib.blockTimestamp().toInt(), "unexpected function creation time"); + assertEq(authorizedRole.toInt(), publicRoleId.toInt(), "unexpected authorized role"); + vm.expectRevert( abi.encodeWithSelector( IAccessManaged.AccessManagedUnauthorized.selector, @@ -185,7 +214,7 @@ contract InstanceAuthzTargetsTest is InstanceAuthzBaseTest { } - function test_instanceAuthzToTargetAll() public { + function test_instanceAuthzFunctionsToFunction() public { bytes4 signature = AccessManagedMock.increaseCounter1.selector; string memory name = "increaseCounter1"; @@ -212,11 +241,6 @@ contract InstanceAuthzTargetsTest is InstanceAuthzBaseTest { //--- helper functions ----------------------------------------------------// - // TODO cleanup - // function _deployAccessManagedMock() internal returns (AccessManagedMock accessManagedMock) { - // return _deployAccessManagedMock(); - // } - function _deployAccessManagedMock() internal returns (AccessManagedMock accessManagedMock) { accessManagedMock = new AccessManagedMock(instance.authority()); }