GitBross Home Explore Help
Register Sign In
sol_Bo8des9o
/
openzeppelin-contracts
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: audit/2023-08-07
Branches Tags
openzeppelin-co...
/
contracts
/
access
/
manager
/
AccessManaged.sol

AccessManaged.sol 4.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. // SPDX-License-Identifier: MIT
    2. 

  2. 

  3. pragma solidity ^0.8.20;
    4. 

  4. 

  5. import {IAuthority, safeCanCall} from "./IAuthority.sol";
    6. 

  6. import {IManaged} from "./IManaged.sol";
    7. 

  7. import {Context} from "../../utils/Context.sol";
    8. 

  8. 

  9. /**
    10. 

  10.  * @dev This contract module makes available a {restricted} modifier. Functions decorated with this modifier will be
    11. 

  11.  * permissioned according to an "authority": a contract like {AccessManager} that follows the {IAuthority} interface,
    12. 

  12.  * implementing a policy that allows certain callers to access certain functions.
    13. 

  13.  *
    14. 

  14.  * IMPORTANT: The `restricted` modifier should never be used on `internal` functions, judiciously used in `public`
    15. 

  15.  * functions, and ideally only used in `external` functions. See {restricted}.
    16. 

  16.  */
    17. 

  17. abstract contract AccessManaged is Context, IManaged {
    18. 

  18.     address private _authority;
    19. 

  19. 

  20.     /**
    21. 

  21.      * @dev Initializes the contract connected to an initial authority.
    22. 

  22.      */
    23. 

  23.     constructor(address initialAuthority) {
    24. 

  24.         _setAuthority(initialAuthority);
    25. 

  25.     }
    26. 

  26. 

  27.     /**
    28. 

  28.      * @dev Restricts access to a function as defined by the connected Authority for this contract and the
    29. 

  29.      * caller and selector of the function that entered the contract.
    30. 

  30.      *
    31. 

  31.      * [IMPORTANT]
    32. 

  32.      * ====
    33. 

  33.      * In general, this modifier should only be used on `external` functions. It is okay to use it on `public` functions
    34. 

  34.      * that are used as external entry points and are not called internally. Unless you know what you're doing, it
    35. 

  35.      * should never be used on `internal` functions. Failure to follow these rules can have critical security
    36. 

  36.      * implications! This is because the permissions are determined by the function that entered the contract, i.e. the
    37. 

  37.      * function at the bottom of the call stack, and not the function where the modifier is visible in the source code.
    38. 

  38.      * ====
    39. 

  39.      *
    40. 

  40.      * [NOTE]
    41. 

  41.      * ====
    42. 

  42.      * Selector collisions are mitigated by scoping permissions per contract, but some edge cases must be considered:
    43. 

  43.      *
    44. 

  44.      * * If the https://docs.soliditylang.org/en/latest/contracts.html#receive-ether-function[`receive()`] function is restricted,
    45. 

  45.      * any other function with a `0x00000000` selector will share permissions with `receive()`.
    46. 

  46.      * * Similarly, if there's no `receive()` function but a `fallback()` instead, the fallback might be called with empty `calldata`,
    47. 

  47.      * sharing the `0x00000000` selector permissions as well.
    48. 

  48.      * * For any other selector, if the restricted function is set on an upgradeable contract, an upgrade may remove the restricted
    49. 

  49.      * function and replace it with a new method whose selector replaces the last one, keeping the previous permissions.
    50. 

  50.      * ====
    51. 

  51.      */
    52. 

  52.     modifier restricted() {
    53. 

  53.         _checkCanCall(_msgSender(), address(this), msg.sig);
    54. 

  54.         _;
    55. 

  55.     }
    56. 

  56. 

  57.     /**
    58. 

  58.      * @dev Returns the current authority.
    59. 

  59.      */
    60. 

  60.     function authority() public view virtual returns (address) {
    61. 

  61.         return _authority;
    62. 

  62.     }
    63. 

  63. 

  64.     /**
    65. 

  65.      * @dev Transfers control to a new authority. The caller must be the current authority.
    66. 

  66.      */
    67. 

  67.     function setAuthority(address newAuthority) public virtual {
    68. 

  68.         address caller = _msgSender();
    69. 

  69.         if (caller != authority()) {
    70. 

  70.             revert AccessManagedUnauthorized(caller);
    71. 

  71.         }
    72. 

  72.         if (newAuthority.code.length == 0) {
    73. 

  73.             revert AccessManagedInvalidAuthority(newAuthority);
    74. 

  74.         }
    75. 

  75.         _setAuthority(newAuthority);
    76. 

  76.     }
    77. 

  77. 

  78.     /**
    79. 

  79.      * @dev Transfers control to a new authority. Internal function with no access restriction.
    80. 

  80.      */
    81. 

  81.     function _setAuthority(address newAuthority) internal virtual {
    82. 

  82.         _authority = newAuthority;
    83. 

  83.         emit AuthorityUpdated(newAuthority);
    84. 

  84.     }
    85. 

  85. 

  86.     /**
    87. 

  87.      * @dev Reverts if the caller is not allowed to call the function identified by a selector.
    88. 

  88.      */
    89. 

  89.     function _checkCanCall(address caller, address target, bytes4 selector) internal view virtual {
    90. 

  90.         (bool allowed, uint32 delay) = safeCanCall(authority(), caller, target, selector);
    91. 

  91.         if (!allowed) {
    92. 

  92.             if (delay > 0) {
    93. 

  93.                 revert AccessManagedRequiredDelay(caller, delay);
    94. 

  94.             } else {
    95. 

  95.                 revert AccessManagedUnauthorized(caller);
    96. 

  96.             }
    97. 

  97.         }
    98. 

  98.     }
    99. 

  99. }
    100.