From 5da4ecd87d159ea79f802aa018af19d8d4bc5a63 Mon Sep 17 00:00:00 2001 From: sirpy Date: Sun, 20 Oct 2024 17:21:23 +0300 Subject: [PATCH] fix: directpool permissoins before release --- .../contracts/DirectPayments/DirectPaymentsFactory.sol | 2 +- .../contracts/DirectPayments/DirectPaymentsPool.sol | 10 ++++++---- packages/contracts/contracts/UBI/UBIPool.sol | 4 ++-- .../DirectPayments/DirectPayments.superapp.test.ts | 2 +- .../test/DirectPayments/DirectPaymentsFactory.test.ts | 7 ++++--- 5 files changed, 14 insertions(+), 11 deletions(-) diff --git a/packages/contracts/contracts/DirectPayments/DirectPaymentsFactory.sol b/packages/contracts/contracts/DirectPayments/DirectPaymentsFactory.sol index c142370f..cdb07bf3 100644 --- a/packages/contracts/contracts/DirectPayments/DirectPaymentsFactory.sol +++ b/packages/contracts/contracts/DirectPayments/DirectPaymentsFactory.sol @@ -132,7 +132,6 @@ contract DirectPaymentsFactory is AccessControlUpgradeable, UUPSUpgradeable { nft.grantRole(nft.getManagerRole(nextNftType), _settings.manager); nft.grantRole(nft.getManagerRole(nextNftType), address(pool)); - pool.grantRole(pool.MINTER_ROLE(), _settings.manager); //access control to project is determinted by the first pool access control rules if (address(projectIdToControlPool[keccak256(bytes(_projectId))]) == address(0)) @@ -140,6 +139,7 @@ contract DirectPaymentsFactory is AccessControlUpgradeable, UUPSUpgradeable { registry[address(pool)].ipfs = _ipfs; registry[address(pool)].projectId = _projectId; + pool.grantRole(DEFAULT_ADMIN_ROLE, msg.sender); pool.renounceRole(DEFAULT_ADMIN_ROLE, address(this)); pools.push(address(pool)); diff --git a/packages/contracts/contracts/DirectPayments/DirectPaymentsPool.sol b/packages/contracts/contracts/DirectPayments/DirectPaymentsPool.sol index 37f8e48f..da3a9a24 100644 --- a/packages/contracts/contracts/DirectPayments/DirectPaymentsPool.sol +++ b/packages/contracts/contracts/DirectPayments/DirectPaymentsPool.sol @@ -140,8 +140,10 @@ contract DirectPaymentsPool is settings = _settings; limits = _limits; nft = _nft; - _setupRole(DEFAULT_ADMIN_ROLE, msg.sender); - _setupRole(DEFAULT_ADMIN_ROLE, _settings.manager); + _setupRole(DEFAULT_ADMIN_ROLE, msg.sender); // when using factory this gives factory role which then set role to the real msg.sender + _setupRole(MANAGER_ROLE, _settings.manager); + _setupRole(MINTER_ROLE, _settings.manager); + setSuperToken(ISuperToken(address(settings.rewardToken))); } @@ -398,7 +400,7 @@ contract DirectPaymentsPool is * @dev Sets the safety limits for the pool. * @param _limits The new safety limits. */ - function setPoolLimits(SafetyLimits memory _limits) public onlyRole(DEFAULT_ADMIN_ROLE) { + function setPoolLimits(SafetyLimits memory _limits) public onlyRole(MANAGER_ROLE) { limits = _limits; emit PoolLimitsChanged(_limits); } @@ -407,7 +409,7 @@ contract DirectPaymentsPool is * @dev Sets the settings for the pool. * @param _settings The new pool settings. */ - function setPoolSettings(PoolSettings memory _settings) public onlyRole(DEFAULT_ADMIN_ROLE) { + function setPoolSettings(PoolSettings memory _settings) public onlyRole(MANAGER_ROLE) { if (_settings.nftType != settings.nftType) revert NFTTYPE_CHANGED(); if (_settings.manager == address(0)) revert EMPTY_MANAGER(); diff --git a/packages/contracts/contracts/UBI/UBIPool.sol b/packages/contracts/contracts/UBI/UBIPool.sol index 4baaea58..507a6b79 100644 --- a/packages/contracts/contracts/UBI/UBIPool.sol +++ b/packages/contracts/contracts/UBI/UBIPool.sol @@ -126,7 +126,7 @@ contract UBIPool is AccessControlUpgradeable, GoodCollectiveSuperApp, UUPSUpgrad ubiSettings = _ubiSettings; _verifyPoolSettings(_settings); _verifyUBISettings(_ubiSettings); - _setupRole(DEFAULT_ADMIN_ROLE, msg.sender); + _setupRole(DEFAULT_ADMIN_ROLE, msg.sender); // when using factory this gives factory role which then set role to the real msg.sender _setupRole(MANAGER_ROLE, _settings.manager); setSuperToken(ISuperToken(address(settings.rewardToken))); } @@ -394,6 +394,6 @@ contract UBIPool is AccessControlUpgradeable, GoodCollectiveSuperApp, UUPSUpgrad } function nextClaimTime() public view returns (uint256) { - return (getCurrentDay() + 1) * (1 days); + return (getCurrentDay() + ubiSettings.claimPeriodDays) * (1 days) + 12 hours; } } diff --git a/packages/contracts/test/DirectPayments/DirectPayments.superapp.test.ts b/packages/contracts/test/DirectPayments/DirectPayments.superapp.test.ts index f9cc9383..4c480320 100644 --- a/packages/contracts/test/DirectPayments/DirectPayments.superapp.test.ts +++ b/packages/contracts/test/DirectPayments/DirectPayments.superapp.test.ts @@ -281,7 +281,7 @@ describe('DirectPaymentsPool Superapp', () => { path: '0x', }, '0x') - console.log((await tx.wait()).events) + // console.log((await tx.wait()).events) expect(await mockToken.balanceOf(signer.address)).eq(0); expect(await gdframework.GoodDollar.balanceOf(signer.address)).eq(0); diff --git a/packages/contracts/test/DirectPayments/DirectPaymentsFactory.test.ts b/packages/contracts/test/DirectPayments/DirectPaymentsFactory.test.ts index b46ca249..e2e0dca4 100644 --- a/packages/contracts/test/DirectPayments/DirectPaymentsFactory.test.ts +++ b/packages/contracts/test/DirectPayments/DirectPaymentsFactory.test.ts @@ -102,8 +102,9 @@ describe('DirectPaymentsFactory', () => { expect(await nft.hasRole(await nft.getManagerRole('1'), signers[1].address)).to.be.true; expect(await nft.hasRole(await nft.getManagerRole('1'), pool.address)).to.be.true; - expect(await pool.hasRole(nft.DEFAULT_ADMIN_ROLE(), signers[1].address)).to.be.true; - expect(await pool.hasRole(nft.DEFAULT_ADMIN_ROLE(), factory.address)).to.be.false; + expect(await pool.hasRole(pool.DEFAULT_ADMIN_ROLE(), signer.address)).to.be.true; + expect(await pool.hasRole(pool.MANAGER_ROLE(), signers[1].address)).to.be.true; + expect(await pool.hasRole(pool.DEFAULT_ADMIN_ROLE(), factory.address)).to.be.false; // datastructures expect(await factory.projectIdToControlPool(ethers.utils.keccak256(ethers.utils.toUtf8Bytes('test')))).to.be.equal( @@ -119,7 +120,7 @@ describe('DirectPaymentsFactory', () => { }); it("should not be able to create pool if not project's manager", async () => { - const tx = await factory.createPool('test', 'pool1', poolSettings, poolLimits); + const tx = await factory.connect(signers[1]).createPool('test', 'pool1', poolSettings, poolLimits); // signer 1 is the pool manager so it should not revert await expect(factory.connect(signers[1]).createPool('test', 'pool2', poolSettings, poolLimits)).not.reverted;