@lazy-sol/access-control-upgradeable 1.1.1 → 1.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. package/CHANGELOG.md +2 -0
  2. package/contracts/InitializableAccessControlCore.sol +5 -2
  3. package/package.json +2 -2
  4. package/test/include/rbac.behaviour.js +18 -9
package/CHANGELOG.md CHANGED
@@ -1,3 +1,5 @@
1
+ v1.1.2: do not enable full privileges to zero address on contract initialization
2
+
1
3
  v1.1.0: Contact Size Optimizations
2
4
 
3
5
  - __Breaking Change:__ Solidity 0.8.4 is now required to compile the contracts (previously was 0.8.2).
package/contracts/InitializableAccessControlCore.sol CHANGED
@@ -174,8 +174,11 @@ abstract contract InitializableAccessControlCore is Initializable {
174
174
  * @param _features initial features mask of the contract, can be zero
175
175
  */
176
176
  function _postConstruct(address _owner, uint256 _features) internal virtual onlyInitializing {
177
- // grant owner full privileges
178
- __setRole(_owner, FULL_PRIVILEGES_MASK, FULL_PRIVILEGES_MASK);
177
+ // if there is a request to set owner (zero address owner means no owner)
178
+ if(_owner != address(0)) {
179
+ // grant owner full privileges
180
+ __setRole(_owner, FULL_PRIVILEGES_MASK, FULL_PRIVILEGES_MASK);
181
+ }
179
182
  // update initial features bitmask
180
183
  __setRole(address(this), _features, _features);
181
184
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lazy-sol/access-control-upgradeable",
3
- "version": "1.1.1",
3
+ "version": "1.1.2",
4
4
  "description": "Enable the modular plug and play (PnP) architecture for your dapp by incorporating the role-based access control (RBAC) into the smart contracts",
5
5
  "main": "index.js",
6
6
  "scripts": {
@@ -25,7 +25,7 @@
25
25
  "@openzeppelin/contracts-upgradeable": "4.9.6"
26
26
  },
27
27
  "devDependencies": {
28
- "@lazy-sol/a-missing-gem": "^1.0.10",
28
+ "@lazy-sol/a-missing-gem": "^1.0.11",
29
29
  "@lazy-sol/zeppelin-test-helpers": "^1.0.5",
30
30
  "@nomiclabs/hardhat-truffle5": "^2.0.7",
31
31
  "@openzeppelin/contracts": "4.9.6",
package/test/include/rbac.behaviour.js CHANGED
@@ -59,13 +59,15 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
59
59
  beforeEach(async function() {
60
60
  access_control = await deployment_fn.call(this, a0, owner, features);
61
61
  });
62
- it('"RoleUpdated(owner)" event is emitted correctly', async function() {
63
- await expectEvent.inConstruction(access_control, "RoleUpdated", {
64
- operator: owner,
65
- requested: FULL_PRIVILEGES_MASK,
66
- assigned: FULL_PRIVILEGES_MASK,
62
+ if(owner !== ZERO_ADDRESS) {
63
+ it('"RoleUpdated(owner)" event is emitted correctly', async function() {
64
+ await expectEvent.inConstruction(access_control, "RoleUpdated", {
65
+ operator: owner,
66
+ requested: FULL_PRIVILEGES_MASK,
67
+ assigned: FULL_PRIVILEGES_MASK,
68
+ });
67
69
  });
68
- });
70
+ }
69
71
  it('"RoleUpdated(this)" event is emitted correctly', async function() {
70
72
  await expectEvent.inConstruction(access_control, "RoleUpdated", {
71
73
  operator: access_control.address,
@@ -73,9 +75,16 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
73
75
  assigned: features,
74
76
  });
75
77
  });
76
- it("owners' role is set correctly", async function() {
77
- expect(await access_control.getRole(owner)).to.be.bignumber.that.equals(FULL_PRIVILEGES_MASK);
78
- });
78
+ if(owner !== ZERO_ADDRESS) {
79
+ it("owners' role is set correctly", async function() {
80
+ expect(await access_control.getRole(owner)).to.be.bignumber.that.equals(FULL_PRIVILEGES_MASK);
81
+ });
82
+ }
83
+ else {
84
+ it("owners' role is not set", async function() {
85
+ expect(await access_control.getRole(owner)).to.be.bignumber.that.equals("0");
86
+ });
87
+ }
79
88
  it("features are set correctly", async function() {
80
89
  expect(await access_control.features()).to.be.bignumber.that.equals(features);
81
90
  });