GitBross Kezdőlap Felfedezés Súgó
Regisztráció Bejelentkezés
sol_Bo8des9o
/
openzeppelin-contracts
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: baf0e91279
Branch-ok Tag-ek
openzeppelin-co...
/
test
/
access
/
manager
/
AccessManager.behavior.js

AccessManager.behavior.js 25 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711 
  1. const { time } = require('@openzeppelin/test-helpers');
    2. 

  2. const {
    3. 

  3.   time: { setNextBlockTimestamp },
    4. 

  4.   setStorageAt,
    5. 

  5.   mine,
    6. 

  6. } = require('@nomicfoundation/hardhat-network-helpers');
    7. 

  7. const { impersonate } = require('../../helpers/account');
    8. 

  8. const { expectRevertCustomError } = require('../../helpers/customError');
    9. 

  9. const { EXPIRATION, EXECUTION_ID_STORAGE_SLOT } = require('../../helpers/access-manager');
    10. 

  10. 

  11. // ============ COMMON PATHS ============
    12. 

  12. 

  13. const COMMON_IS_EXECUTING_PATH = {
    14. 

  14.   executing() {
    15. 

  15.     it('succeeds', async function () {
    16. 

  16.       await web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller });
    17. 

  17.     });
    18. 

  18.   },
    19. 

  19.   notExecuting() {
    20. 

  20.     it('reverts as AccessManagerUnauthorizedAccount', async function () {
    21. 

  21.       await expectRevertCustomError(
    22. 

  22.         web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    23. 

  23.         'AccessManagerUnauthorizedAccount',
    24. 

  24.         [this.caller, this.role.id],
    25. 

  25.       );
    26. 

  26.     });
    27. 

  27.   },
    28. 

  28. };
    29. 

  29. 

  30. const COMMON_GET_ACCESS_PATH = {
    31. 

  31.   requiredRoleIsGranted: {
    32. 

  32.     roleGrantingIsDelayed: {
    33. 

  33.       callerHasAnExecutionDelay: {
    34. 

  34.         beforeGrantDelay() {
    35. 

  35.           it('reverts as AccessManagerUnauthorizedAccount', async function () {
    36. 

  36.             await expectRevertCustomError(
    37. 

  37.               web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    38. 

  38.               'AccessManagerUnauthorizedAccount',
    39. 

  39.               [this.caller, this.role.id],
    40. 

  40.             );
    41. 

  41.           });
    42. 

  42.         },
    43. 

  43.         afterGrantDelay: undefined, // Diverges if there's an operation delay or not
    44. 

  44.       },
    45. 

  45.       callerHasNoExecutionDelay: {
    46. 

  46.         beforeGrantDelay() {
    47. 

  47.           it('reverts as AccessManagerUnauthorizedAccount', async function () {
    48. 

  48.             await expectRevertCustomError(
    49. 

  49.               web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    50. 

  50.               'AccessManagerUnauthorizedAccount',
    51. 

  51.               [this.caller, this.role.id],
    52. 

  52.             );
    53. 

  53.           });
    54. 

  54.         },
    55. 

  55.         afterGrantDelay() {
    56. 

  56.           it('succeeds called directly', async function () {
    57. 

  57.             await web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller });
    58. 

  58.           });
    59. 

  59. 

  60.           it('succeeds via execute', async function () {
    61. 

  61.             await this.manager.execute(this.target.address, this.calldata, { from: this.caller });
    62. 

  62.           });
    63. 

  63.         },
    64. 

  64.       },
    65. 

  65.     },
    66. 

  66.     roleGrantingIsNotDelayed: {
    67. 

  67.       callerHasAnExecutionDelay: undefined, // Diverges if there's an operation to schedule or not
    68. 

  68.       callerHasNoExecutionDelay() {
    69. 

  69.         it('succeeds called directly', async function () {
    70. 

  70.           await web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller });
    71. 

  71.         });
    72. 

  72. 

  73.         it('succeeds via execute', async function () {
    74. 

  74.           await this.manager.execute(this.target.address, this.calldata, { from: this.caller });
    75. 

  75.         });
    76. 

  76.       },
    77. 

  77.     },
    78. 

  78.   },
    79. 

  79.   requiredRoleIsNotGranted() {
    80. 

  80.     it('reverts as AccessManagerUnauthorizedAccount', async function () {
    81. 

  81.       await expectRevertCustomError(
    82. 

  82.         web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    83. 

  83.         'AccessManagerUnauthorizedAccount',
    84. 

  84.         [this.caller, this.role.id],
    85. 

  85.       );
    86. 

  86.     });
    87. 

  87.   },
    88. 

  88. };
    89. 

  89. 

  90. const COMMON_SCHEDULABLE_PATH = {
    91. 

  91.   scheduled: {
    92. 

  92.     before() {
    93. 

  93.       it('reverts as AccessManagerNotReady', async function () {
    94. 

  94.         await expectRevertCustomError(
    95. 

  95.           web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    96. 

  96.           'AccessManagerNotReady',
    97. 

  97.           [this.operationId],
    98. 

  98.         );
    99. 

  99.       });
    100. 

  100.     },
    101. 

  101.     after() {
    102. 

  102.       it('succeeds called directly', async function () {
    103. 

  103.         await web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller });
    104. 

  104.       });
    105. 

  105. 

  106.       it('succeeds via execute', async function () {
    107. 

  107.         await this.manager.execute(this.target.address, this.calldata, { from: this.caller });
    108. 

  108.       });
    109. 

  109.     },
    110. 

  110.     expired() {
    111. 

  111.       it('reverts as AccessManagerExpired', async function () {
    112. 

  112.         await expectRevertCustomError(
    113. 

  113.           web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    114. 

  114.           'AccessManagerExpired',
    115. 

  115.           [this.operationId],
    116. 

  116.         );
    117. 

  117.       });
    118. 

  118.     },
    119. 

  119.   },
    120. 

  120.   notScheduled() {
    121. 

  121.     it('reverts as AccessManagerNotScheduled', async function () {
    122. 

  122.       await expectRevertCustomError(
    123. 

  123.         web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    124. 

  124.         'AccessManagerNotScheduled',
    125. 

  125.         [this.operationId],
    126. 

  126.       );
    127. 

  127.     });
    128. 

  128.   },
    129. 

  129. };
    130. 

  130. 

  131. const COMMON_SCHEDULABLE_PATH_IF_ZERO_DELAY = {
    132. 

  132.   scheduled: {
    133. 

  133.     before() {
    134. 

  134.       it.skip('is not reachable without a delay');
    135. 

  135.     },
    136. 

  136.     after() {
    137. 

  137.       it.skip('is not reachable without a delay');
    138. 

  138.     },
    139. 

  139.     expired() {
    140. 

  140.       it.skip('is not reachable without a delay');
    141. 

  141.     },
    142. 

  142.   },
    143. 

  143.   notScheduled() {
    144. 

  144.     it('succeeds', async function () {
    145. 

  145.       await this.manager.execute(this.target.address, this.calldata, { from: this.caller });
    146. 

  146.     });
    147. 

  147.   },
    148. 

  148. };
    149. 

  149. 

  150. // ============ MODE HELPERS ============
    151. 

  151. 

  152. /**
    153. 

  153.  * @requires this.{manager,target}
    154. 

  154.  */
    155. 

  155. function shouldBehaveLikeClosable({ closed, open }) {
    156. 

  156.   describe('when the manager is closed', function () {
    157. 

  157.     beforeEach('close', async function () {
    158. 

  158.       await this.manager.$_setTargetClosed(this.target.address, true);
    159. 

  159.     });
    160. 

  160. 

  161.     closed();
    162. 

  162.   });
    163. 

  163. 

  164.   describe('when the manager is open', function () {
    165. 

  165.     beforeEach('open', async function () {
    166. 

  166.       await this.manager.$_setTargetClosed(this.target.address, false);
    167. 

  167.     });
    168. 

  168. 

  169.     open();
    170. 

  170.   });
    171. 

  171. }
    172. 

  172. 

  173. // ============ DELAY HELPERS ============
    174. 

  174. 

  175. /**
    176. 

  176.  * @requires this.{delay}
    177. 

  177.  */
    178. 

  178. function shouldBehaveLikeDelay(type, { before, after }) {
    179. 

  179.   beforeEach('define timestamp when delay takes effect', async function () {
    180. 

  180.     const timestamp = await time.latest();
    181. 

  181.     this.delayEffect = timestamp.add(this.delay);
    182. 

  182.   });
    183. 

  183. 

  184.   describe(`when ${type} delay has not taken effect yet`, function () {
    185. 

  185.     beforeEach(`set next block timestamp before ${type} takes effect`, async function () {
    186. 

  186.       await setNextBlockTimestamp(this.delayEffect.subn(1));
    187. 

  187.     });
    188. 

  188. 

  189.     before();
    190. 

  190.   });
    191. 

  191. 

  192.   describe(`when ${type} delay has taken effect`, function () {
    193. 

  193.     beforeEach(`set next block timestamp when ${type} takes effect`, async function () {
    194. 

  194.       await setNextBlockTimestamp(this.delayEffect);
    195. 

  195.     });
    196. 

  196. 

  197.     after();
    198. 

  198.   });
    199. 

  199. }
    200. 

  200. 

  201. // ============ OPERATION HELPERS ============
    202. 

  202. 

  203. /**
    204. 

  204.  * @requires this.{manager,scheduleIn,caller,target,calldata}
    205. 

  205.  */
    206. 

  206. function shouldBehaveLikeSchedulableOperation({ scheduled: { before, after, expired }, notScheduled }) {
    207. 

  207.   describe('when operation is scheduled', function () {
    208. 

  208.     beforeEach('schedule operation', async function () {
    209. 

  209.       await impersonate(this.caller); // May be a contract
    210. 

  210.       const { operationId } = await scheduleOperation(this.manager, {
    211. 

  211.         caller: this.caller,
    212. 

  212.         target: this.target.address,
    213. 

  213.         calldata: this.calldata,
    214. 

  214.         delay: this.scheduleIn,
    215. 

  215.       });
    216. 

  216.       this.operationId = operationId;
    217. 

  217.     });
    218. 

  218. 

  219.     describe('when operation is not ready for execution', function () {
    220. 

  220.       beforeEach('set next block time before operation is ready', async function () {
    221. 

  221.         this.scheduledAt = await time.latest();
    222. 

  222.         const schedule = await this.manager.getSchedule(this.operationId);
    223. 

  223.         await setNextBlockTimestamp(schedule.subn(1));
    224. 

  224.       });
    225. 

  225. 

  226.       before();
    227. 

  227.     });
    228. 

  228. 

  229.     describe('when operation is ready for execution', function () {
    230. 

  230.       beforeEach('set next block time when operation is ready for execution', async function () {
    231. 

  231.         this.scheduledAt = await time.latest();
    232. 

  232.         const schedule = await this.manager.getSchedule(this.operationId);
    233. 

  233.         await setNextBlockTimestamp(schedule);
    234. 

  234.       });
    235. 

  235. 

  236.       after();
    237. 

  237.     });
    238. 

  238. 

  239.     describe('when operation has expired', function () {
    240. 

  240.       beforeEach('set next block time when operation expired', async function () {
    241. 

  241.         this.scheduledAt = await time.latest();
    242. 

  242.         const schedule = await this.manager.getSchedule(this.operationId);
    243. 

  243.         await setNextBlockTimestamp(schedule.add(EXPIRATION));
    244. 

  244.       });
    245. 

  245. 

  246.       expired();
    247. 

  247.     });
    248. 

  248.   });
    249. 

  249. 

  250.   describe('when operation is not scheduled', function () {
    251. 

  251.     beforeEach('set expected operationId', async function () {
    252. 

  252.       this.operationId = await this.manager.hashOperation(this.caller, this.target.address, this.calldata);
    253. 

  253. 

  254.       // Assert operation is not scheduled
    255. 

  255.       expect(await this.manager.getSchedule(this.operationId)).to.be.bignumber.equal(web3.utils.toBN(0));
    256. 

  256.     });
    257. 

  257. 

  258.     notScheduled();
    259. 

  259.   });
    260. 

  260. }
    261. 

  261. 

  262. /**
    263. 

  263.  * @requires this.{manager,roles,target,calldata}
    264. 

  264.  */
    265. 

  265. function shouldBehaveLikeARestrictedOperation({ callerIsNotTheManager, callerIsTheManager }) {
    266. 

  266.   describe('when the call comes from the manager (msg.sender == manager)', function () {
    267. 

  267.     beforeEach('define caller as manager', async function () {
    268. 

  268.       this.caller = this.manager.address;
    269. 

  269.       await impersonate(this.caller);
    270. 

  270.     });
    271. 

  271. 

  272.     shouldBehaveLikeCanCallExecuting(callerIsTheManager);
    273. 

  273.   });
    274. 

  274. 

  275.   describe('when the call does not come from the manager (msg.sender != manager)', function () {
    276. 

  276.     beforeEach('define non manager caller', function () {
    277. 

  277.       this.caller = this.roles.SOME.members[0];
    278. 

  278.     });
    279. 

  279. 

  280.     callerIsNotTheManager();
    281. 

  281.   });
    282. 

  282. }
    283. 

  283. 

  284. /**
    285. 

  285.  * @requires this.{manager,roles,executionDelay,operationDelay,target}
    286. 

  286.  */
    287. 

  287. function shouldBehaveLikeDelayedOperation() {
    288. 

  288.   describe('with operation delay', function () {
    289. 

  289.     describe('when operation delay is greater than execution delay', function () {
    290. 

  290.       beforeEach('set operation delay', async function () {
    291. 

  291.         this.operationDelay = this.executionDelay.add(time.duration.hours(1));
    292. 

  292.         await this.manager.$_setTargetAdminDelay(this.target.address, this.operationDelay);
    293. 

  293.         this.scheduleIn = this.operationDelay; // For shouldBehaveLikeSchedulableOperation
    294. 

  294.       });
    295. 

  295. 

  296.       shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    297. 

  297.     });
    298. 

  298. 

  299.     describe('when operation delay is shorter than execution delay', function () {
    300. 

  300.       beforeEach('set operation delay', async function () {
    301. 

  301.         this.operationDelay = this.executionDelay.sub(time.duration.hours(1));
    302. 

  302.         await this.manager.$_setTargetAdminDelay(this.target.address, this.operationDelay);
    303. 

  303.         this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    304. 

  304.       });
    305. 

  305. 

  306.       shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    307. 

  307.     });
    308. 

  308.   });
    309. 

  309. 

  310.   describe('without operation delay', function () {
    311. 

  311.     beforeEach('set operation delay', async function () {
    312. 

  312.       this.operationDelay = web3.utils.toBN(0);
    313. 

  313.       await this.manager.$_setTargetAdminDelay(this.target.address, this.operationDelay);
    314. 

  314.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    315. 

  315.     });
    316. 

  316. 

  317.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    318. 

  318.   });
    319. 

  319. }
    320. 

  320. 

  321. // ============ METHOD HELPERS ============
    322. 

  322. 

  323. /**
    324. 

  324.  * @requires this.{manager,roles,role,target,calldata}
    325. 

  325.  */
    326. 

  326. function shouldBehaveLikeCanCall({
    327. 

  327.   closed,
    328. 

  328.   open: {
    329. 

  329.     callerIsTheManager,
    330. 

  330.     callerIsNotTheManager: { publicRoleIsRequired, specificRoleIsRequired },
    331. 

  331.   },
    332. 

  332. }) {
    333. 

  333.   shouldBehaveLikeClosable({
    334. 

  334.     closed,
    335. 

  335.     open() {
    336. 

  336.       shouldBehaveLikeARestrictedOperation({
    337. 

  337.         callerIsTheManager,
    338. 

  338.         callerIsNotTheManager() {
    339. 

  339.           shouldBehaveLikeHasRole({
    340. 

  340.             publicRoleIsRequired,
    341. 

  341.             specificRoleIsRequired,
    342. 

  342.           });
    343. 

  343.         },
    344. 

  344.       });
    345. 

  345.     },
    346. 

  346.   });
    347. 

  347. }
    348. 

  348. 

  349. /**
    350. 

  350.  * @requires this.{target,calldata}
    351. 

  351.  */
    352. 

  352. function shouldBehaveLikeCanCallExecuting({ executing, notExecuting }) {
    353. 

  353.   describe('when _executionId is in storage for target and selector', function () {
    354. 

  354.     beforeEach('set _executionId flag from calldata and target', async function () {
    355. 

  355.       const executionId = await web3.utils.keccak256(
    356. 

  356.         web3.eth.abi.encodeParameters(['address', 'bytes4'], [this.target.address, this.calldata.substring(0, 10)]),
    357. 

  357.       );
    358. 

  358.       await setStorageAt(this.manager.address, EXECUTION_ID_STORAGE_SLOT, executionId);
    359. 

  359.     });
    360. 

  360. 

  361.     executing();
    362. 

  362.   });
    363. 

  363. 

  364.   describe('when _executionId does not match target and selector', notExecuting);
    365. 

  365. }
    366. 

  366. 

  367. /**
    368. 

  368.  * @requires this.{target,calldata,roles,role}
    369. 

  369.  */
    370. 

  370. function shouldBehaveLikeHasRole({ publicRoleIsRequired, specificRoleIsRequired }) {
    371. 

  371.   describe('when the function requires the caller to be granted with the PUBLIC_ROLE', function () {
    372. 

  372.     beforeEach('set target function role as PUBLIC_ROLE', async function () {
    373. 

  373.       this.role = this.roles.PUBLIC;
    374. 

  374.       await this.manager.$_setTargetFunctionRole(this.target.address, this.calldata.substring(0, 10), this.role.id, {
    375. 

  375.         from: this.roles.ADMIN.members[0],
    376. 

  376.       });
    377. 

  377.     });
    378. 

  378. 

  379.     publicRoleIsRequired();
    380. 

  380.   });
    381. 

  381. 

  382.   describe('when the function requires the caller to be granted with a role other than PUBLIC_ROLE', function () {
    383. 

  383.     beforeEach('set target function role as PUBLIC_ROLE', async function () {
    384. 

  384.       await this.manager.$_setTargetFunctionRole(this.target.address, this.calldata.substring(0, 10), this.role.id, {
    385. 

  385.         from: this.roles.ADMIN.members[0],
    386. 

  386.       });
    387. 

  387.     });
    388. 

  388. 

  389.     shouldBehaveLikeGetAccess(specificRoleIsRequired);
    390. 

  390.   });
    391. 

  391. }
    392. 

  392. 

  393. /**
    394. 

  394.  * @requires this.{manager,role,caller}
    395. 

  395.  */
    396. 

  396. function shouldBehaveLikeGetAccess({
    397. 

  397.   requiredRoleIsGranted: {
    398. 

  398.     roleGrantingIsDelayed: {
    399. 

  399.       // Because both grant and execution delay are set within the same $_grantRole call
    400. 

  400.       // it's not possible to create a set of tests that diverge between grant and execution delay.
    401. 

  401.       // Therefore, the shouldBehaveLikeDelay arguments are renamed for clarity:
    402. 

  402.       // before => beforeGrantDelay
    403. 

  403.       // after => afterGrantDelay
    404. 

  404.       callerHasAnExecutionDelay: { beforeGrantDelay: case1, afterGrantDelay: case2 },
    405. 

  405.       callerHasNoExecutionDelay: { beforeGrantDelay: case3, afterGrantDelay: case4 },
    406. 

  406.     },
    407. 

  407.     roleGrantingIsNotDelayed: { callerHasAnExecutionDelay: case5, callerHasNoExecutionDelay: case6 },
    408. 

  408.   },
    409. 

  409.   requiredRoleIsNotGranted,
    410. 

  410. }) {
    411. 

  411.   describe('when the required role is granted to the caller', function () {
    412. 

  412.     describe('when role granting is delayed', function () {
    413. 

  413.       beforeEach('define delay', function () {
    414. 

  414.         this.grantDelay = time.duration.minutes(3);
    415. 

  415.         this.delay = this.grantDelay; // For shouldBehaveLikeDelay
    416. 

  416.       });
    417. 

  417. 

  418.       describe('when caller has an execution delay', function () {
    419. 

  419.         beforeEach('set role and delay', async function () {
    420. 

  420.           this.executionDelay = time.duration.hours(10);
    421. 

  421.           this.delay = this.grantDelay;
    422. 

  422.           await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
    423. 

  423.         });
    424. 

  424. 

  425.         shouldBehaveLikeDelay('grant', { before: case1, after: case2 });
    426. 

  426.       });
    427. 

  427. 

  428.       describe('when caller has no execution delay', function () {
    429. 

  429.         beforeEach('set role and delay', async function () {
    430. 

  430.           this.executionDelay = web3.utils.toBN(0);
    431. 

  431.           await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
    432. 

  432.         });
    433. 

  433. 

  434.         shouldBehaveLikeDelay('grant', { before: case3, after: case4 });
    435. 

  435.       });
    436. 

  436.     });
    437. 

  437. 

  438.     describe('when role granting is not delayed', function () {
    439. 

  439.       beforeEach('define delay', function () {
    440. 

  440.         this.grantDelay = web3.utils.toBN(0);
    441. 

  441.       });
    442. 

  442. 

  443.       describe('when caller has an execution delay', function () {
    444. 

  444.         beforeEach('set role and delay', async function () {
    445. 

  445.           this.executionDelay = time.duration.hours(10);
    446. 

  446.           await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
    447. 

  447.         });
    448. 

  448. 

  449.         case5();
    450. 

  450.       });
    451. 

  451. 

  452.       describe('when caller has no execution delay', function () {
    453. 

  453.         beforeEach('set role and delay', async function () {
    454. 

  454.           this.executionDelay = web3.utils.toBN(0);
    455. 

  455.           await this.manager.$_grantRole(this.role.id, this.caller, this.grantDelay, this.executionDelay);
    456. 

  456.         });
    457. 

  457. 

  458.         case6();
    459. 

  459.       });
    460. 

  460.     });
    461. 

  461.   });
    462. 

  462. 

  463.   describe('when role is not granted', function () {
    464. 

  464.     // Because this helper can be composed with other helpers, it's possible
    465. 

  465.     // that role has been set already by another helper.
    466. 

  466.     // Although this is highly unlikely, we check for it here to avoid false positives.
    467. 

  467.     beforeEach('assert role is unset', async function () {
    468. 

  468.       const { since } = await this.manager.getAccess(this.role.id, this.caller);
    469. 

  469.       expect(since).to.be.bignumber.equal(web3.utils.toBN(0));
    470. 

  470.     });
    471. 

  471. 

  472.     requiredRoleIsNotGranted();
    473. 

  473.   });
    474. 

  474. }
    475. 

  475. 

  476. // ============ ADMIN OPERATION HELPERS ============
    477. 

  477. 

  478. /**
    479. 

  479.  * @requires this.{manager,roles,calldata,role}
    480. 

  480.  */
    481. 

  481. function shouldBehaveLikeDelayedAdminOperation() {
    482. 

  482.   const getAccessPath = COMMON_GET_ACCESS_PATH;
    483. 

  483.   getAccessPath.requiredRoleIsGranted.roleGrantingIsDelayed.callerHasAnExecutionDelay.afterGrantDelay = function () {
    484. 

  484.     beforeEach('consume previously set grant delay', async function () {
    485. 

  485.       // Consume previously set delay
    486. 

  486.       await mine();
    487. 

  487.     });
    488. 

  488.     shouldBehaveLikeDelayedOperation();
    489. 

  489.   };
    490. 

  490.   getAccessPath.requiredRoleIsGranted.roleGrantingIsNotDelayed.callerHasAnExecutionDelay = function () {
    491. 

  491.     beforeEach('set execution delay', async function () {
    492. 

  492.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeDelayedOperation
    493. 

  493.     });
    494. 

  494.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    495. 

  495.   };
    496. 

  496. 

  497.   beforeEach('set target as manager', function () {
    498. 

  498.     this.target = this.manager;
    499. 

  499.   });
    500. 

  500. 

  501.   shouldBehaveLikeARestrictedOperation({
    502. 

  502.     callerIsTheManager: COMMON_IS_EXECUTING_PATH,
    503. 

  503.     callerIsNotTheManager() {
    504. 

  504.       shouldBehaveLikeHasRole({
    505. 

  505.         publicRoleIsRequired() {
    506. 

  506.           it('reverts as AccessManagerUnauthorizedAccount', async function () {
    507. 

  507.             await expectRevertCustomError(
    508. 

  508.               web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    509. 

  509.               'AccessManagerUnauthorizedAccount',
    510. 

  510.               [
    511. 

  511.                 this.caller,
    512. 

  512.                 this.roles.ADMIN.id, // Although PUBLIC is required, target function role doesn't apply to admin ops
    513. 

  513.               ],
    514. 

  514.             );
    515. 

  515.           });
    516. 

  516.         },
    517. 

  517.         specificRoleIsRequired: getAccessPath,
    518. 

  518.       });
    519. 

  519.     },
    520. 

  520.   });
    521. 

  521. }
    522. 

  522. 

  523. /**
    524. 

  524.  * @requires this.{manager,roles,calldata,role}
    525. 

  525.  */
    526. 

  526. function shouldBehaveLikeNotDelayedAdminOperation() {
    527. 

  527.   const getAccessPath = COMMON_GET_ACCESS_PATH;
    528. 

  528.   getAccessPath.requiredRoleIsGranted.roleGrantingIsDelayed.callerHasAnExecutionDelay.afterGrantDelay = function () {
    529. 

  529.     beforeEach('set execution delay', async function () {
    530. 

  530.       await mine();
    531. 

  531.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    532. 

  532.     });
    533. 

  533.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    534. 

  534.   };
    535. 

  535.   getAccessPath.requiredRoleIsGranted.roleGrantingIsNotDelayed.callerHasAnExecutionDelay = function () {
    536. 

  536.     beforeEach('set execution delay', async function () {
    537. 

  537.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    538. 

  538.     });
    539. 

  539.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    540. 

  540.   };
    541. 

  541. 

  542.   beforeEach('set target as manager', function () {
    543. 

  543.     this.target = this.manager;
    544. 

  544.   });
    545. 

  545. 

  546.   shouldBehaveLikeARestrictedOperation({
    547. 

  547.     callerIsTheManager: COMMON_IS_EXECUTING_PATH,
    548. 

  548.     callerIsNotTheManager() {
    549. 

  549.       shouldBehaveLikeHasRole({
    550. 

  550.         publicRoleIsRequired() {
    551. 

  551.           it('reverts as AccessManagerUnauthorizedAccount', async function () {
    552. 

  552.             await expectRevertCustomError(
    553. 

  553.               web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    554. 

  554.               'AccessManagerUnauthorizedAccount',
    555. 

  555.               [this.caller, this.roles.ADMIN.id], // Although PUBLIC_ROLE is required, admin ops are not subject to target function roles
    556. 

  556.             );
    557. 

  557.           });
    558. 

  558.         },
    559. 

  559.         specificRoleIsRequired: getAccessPath,
    560. 

  560.       });
    561. 

  561.     },
    562. 

  562.   });
    563. 

  563. }
    564. 

  564. 

  565. /**
    566. 

  566.  * @requires this.{manager,roles,calldata,role}
    567. 

  567.  */
    568. 

  568. function shouldBehaveLikeRoleAdminOperation(roleAdmin) {
    569. 

  569.   const getAccessPath = COMMON_GET_ACCESS_PATH;
    570. 

  570.   getAccessPath.requiredRoleIsGranted.roleGrantingIsDelayed.callerHasAnExecutionDelay.afterGrantDelay = function () {
    571. 

  571.     beforeEach('set operation delay', async function () {
    572. 

  572.       await mine();
    573. 

  573.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    574. 

  574.     });
    575. 

  575.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    576. 

  576.   };
    577. 

  577.   getAccessPath.requiredRoleIsGranted.roleGrantingIsNotDelayed.callerHasAnExecutionDelay = function () {
    578. 

  578.     beforeEach('set execution delay', async function () {
    579. 

  579.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    580. 

  580.     });
    581. 

  581.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    582. 

  582.   };
    583. 

  583. 

  584.   beforeEach('set target as manager', function () {
    585. 

  585.     this.target = this.manager;
    586. 

  586.   });
    587. 

  587. 

  588.   shouldBehaveLikeARestrictedOperation({
    589. 

  589.     callerIsTheManager: COMMON_IS_EXECUTING_PATH,
    590. 

  590.     callerIsNotTheManager() {
    591. 

  591.       shouldBehaveLikeHasRole({
    592. 

  592.         publicRoleIsRequired() {
    593. 

  593.           it('reverts as AccessManagerUnauthorizedAccount', async function () {
    594. 

  594.             await expectRevertCustomError(
    595. 

  595.               web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    596. 

  596.               'AccessManagerUnauthorizedAccount',
    597. 

  597.               [this.caller, roleAdmin], // Role admin ops require the role's admin
    598. 

  598.             );
    599. 

  599.           });
    600. 

  600.         },
    601. 

  601.         specificRoleIsRequired: getAccessPath,
    602. 

  602.       });
    603. 

  603.     },
    604. 

  604.   });
    605. 

  605. }
    606. 

  606. 

  607. // ============ RESTRICTED OPERATION HELPERS ============
    608. 

  608. 

  609. /**
    610. 

  610.  * @requires this.{manager,roles,calldata,role}
    611. 

  611.  */
    612. 

  612. function shouldBehaveLikeAManagedRestrictedOperation() {
    613. 

  613.   function revertUnauthorized() {
    614. 

  614.     it('reverts as AccessManagedUnauthorized', async function () {
    615. 

  615.       await expectRevertCustomError(
    616. 

  616.         web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller }),
    617. 

  617.         'AccessManagedUnauthorized',
    618. 

  618.         [this.caller],
    619. 

  619.       );
    620. 

  620.     });
    621. 

  621.   }
    622. 

  622. 

  623.   const getAccessPath = COMMON_GET_ACCESS_PATH;
    624. 

  624. 

  625.   getAccessPath.requiredRoleIsGranted.roleGrantingIsDelayed.callerHasAnExecutionDelay.beforeGrantDelay =
    626. 

  626.     revertUnauthorized;
    627. 

  627.   getAccessPath.requiredRoleIsGranted.roleGrantingIsDelayed.callerHasNoExecutionDelay.beforeGrantDelay =
    628. 

  628.     revertUnauthorized;
    629. 

  629.   getAccessPath.requiredRoleIsNotGranted = revertUnauthorized;
    630. 

  630. 

  631.   getAccessPath.requiredRoleIsGranted.roleGrantingIsDelayed.callerHasAnExecutionDelay.afterGrantDelay = function () {
    632. 

  632.     beforeEach('consume previously set grant delay', async function () {
    633. 

  633.       // Consume previously set delay
    634. 

  634.       await mine();
    635. 

  635.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    636. 

  636.     });
    637. 

  637.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    638. 

  638.   };
    639. 

  639.   getAccessPath.requiredRoleIsGranted.roleGrantingIsNotDelayed.callerHasAnExecutionDelay = function () {
    640. 

  640.     beforeEach('consume previously set grant delay', async function () {
    641. 

  641.       this.scheduleIn = this.executionDelay; // For shouldBehaveLikeSchedulableOperation
    642. 

  642.     });
    643. 

  643.     shouldBehaveLikeSchedulableOperation(COMMON_SCHEDULABLE_PATH);
    644. 

  644.   };
    645. 

  645. 

  646.   const isExecutingPath = COMMON_IS_EXECUTING_PATH;
    647. 

  647.   isExecutingPath.notExecuting = revertUnauthorized;
    648. 

  648. 

  649.   shouldBehaveLikeCanCall({
    650. 

  650.     closed: revertUnauthorized,
    651. 

  651.     open: {
    652. 

  652.       callerIsTheManager: isExecutingPath,
    653. 

  653.       callerIsNotTheManager: {
    654. 

  654.         publicRoleIsRequired() {
    655. 

  655.           it('succeeds called directly', async function () {
    656. 

  656.             await web3.eth.sendTransaction({ to: this.target.address, data: this.calldata, from: this.caller });
    657. 

  657.           });
    658. 

  658. 

  659.           it('succeeds via execute', async function () {
    660. 

  660.             await this.manager.execute(this.target.address, this.calldata, { from: this.caller });
    661. 

  661.           });
    662. 

  662.         },
    663. 

  663.         specificRoleIsRequired: getAccessPath,
    664. 

  664.       },
    665. 

  665.     },
    666. 

  666.   });
    667. 

  667. }
    668. 

  668. 

  669. // ============ HELPERS ============
    670. 

  670. 

  671. /**
    672. 

  672.  * @requires this.{manager, caller, target, calldata}
    673. 

  673.  */
    674. 

  674. async function scheduleOperation(manager, { caller, target, calldata, delay }) {
    675. 

  675.   const timestamp = await time.latest();
    676. 

  676.   const scheduledAt = timestamp.addn(1);
    677. 

  677.   await setNextBlockTimestamp(scheduledAt); // Fix next block timestamp for predictability
    678. 

  678.   const { receipt } = await manager.schedule(target, calldata, scheduledAt.add(delay), {
    679. 

  679.     from: caller,
    680. 

  680.   });
    681. 

  681. 

  682.   return {
    683. 

  683.     receipt,
    684. 

  684.     scheduledAt,
    685. 

  685.     operationId: await manager.hashOperation(caller, target, calldata),
    686. 

  686.   };
    687. 

  687. }
    688. 

  688. 

  689. module.exports = {
    690. 

  690.   // COMMON PATHS
    691. 

  691.   COMMON_SCHEDULABLE_PATH,
    692. 

  692.   COMMON_SCHEDULABLE_PATH_IF_ZERO_DELAY,
    693. 

  693.   // MODE HELPERS
    694. 

  694.   shouldBehaveLikeClosable,
    695. 

  695.   // DELAY HELPERS
    696. 

  696.   shouldBehaveLikeDelay,
    697. 

  697.   // OPERATION HELPERS
    698. 

  698.   shouldBehaveLikeSchedulableOperation,
    699. 

  699.   // METHOD HELPERS
    700. 

  700.   shouldBehaveLikeCanCall,
    701. 

  701.   shouldBehaveLikeGetAccess,
    702. 

  702.   shouldBehaveLikeHasRole,
    703. 

  703.   // ADMIN OPERATION HELPERS
    704. 

  704.   shouldBehaveLikeDelayedAdminOperation,
    705. 

  705.   shouldBehaveLikeNotDelayedAdminOperation,
    706. 

  706.   shouldBehaveLikeRoleAdminOperation,
    707. 

  707.   // RESTRICTED OPERATION HELPERS
    708. 

  708.   shouldBehaveLikeAManagedRestrictedOperation,
    709. 

  709.   // HELPERS
    710. 

  710.   scheduleOperation,
    711. 

  711. };
    712.