From 309e39df6923bec415b3b88e013b280cc632103f Mon Sep 17 00:00:00 2001 From: Iris Date: Wed, 5 Jun 2024 12:06:33 +0200 Subject: [PATCH 1/3] feat: update admin --- src/interface/naming.cairo | 2 +- src/naming/main.cairo | 19 ++++++++---- src/tests/naming.cairo | 1 + src/tests/naming/test_abuses.cairo | 2 +- src/tests/naming/test_admin_update.cairo | 38 ++++++++++++++++++++++++ 5 files changed, 55 insertions(+), 7 deletions(-) create mode 100644 src/tests/naming/test_admin_update.cairo diff --git a/src/interface/naming.cairo b/src/interface/naming.cairo index 80a4244..3441026 100644 --- a/src/interface/naming.cairo +++ b/src/interface/naming.cairo @@ -102,7 +102,6 @@ trait INaming { ); // admin - fn set_admin(ref self: TContractState, new_admin: ContractAddress); fn set_expiry(ref self: TContractState, root_domain: felt252, expiry: u64); @@ -124,4 +123,5 @@ trait INaming { fn toggle_ar_discount_renew(ref self: TContractState); + fn update_admin(ref self: TContractState, new_admin: ContractAddress); } diff --git a/src/naming/main.cairo b/src/naming/main.cairo index 4df93a7..994ea20 100644 --- a/src/naming/main.cairo +++ b/src/naming/main.cairo @@ -21,8 +21,9 @@ mod Naming { } }; use identity::interface::identity::{IIdentity, IIdentityDispatcher, IIdentityDispatcherTrait}; - use openzeppelin::token::erc20::interface::{ - IERC20Camel, IERC20CamelDispatcher, IERC20CamelDispatcherTrait + use openzeppelin::{ + access::ownable::OwnableComponent, + token::erc20::interface::{IERC20Camel, IERC20CamelDispatcher, IERC20CamelDispatcherTrait} }; use storage_read::{main::storage_read_component, interface::IStorageRead}; @@ -38,7 +39,9 @@ mod Naming { DomainMigrated: DomainMigrated, SubdomainsReset: SubdomainsReset, SaleMetadata: SaleMetadata, - StorageReadEvent: storage_read_component::Event + StorageReadEvent: storage_read_component::Event, + #[flat] + OwnableEvent: OwnableComponent::Event, } #[derive(Drop, starknet::Event)] @@ -137,6 +140,8 @@ mod Naming { _ar_discount_renew_enabled: bool, #[substorage(v0)] storage_read: storage_read_component::Storage, + #[substorage(v0)] + ownable: OwnableComponent::Storage, } #[constructor] @@ -154,9 +159,13 @@ mod Naming { } component!(path: storage_read_component, storage: storage_read, event: StorageReadEvent); + component!(path: OwnableComponent, storage: ownable, event: OwnableEvent); #[abi(embed_v0)] impl StorageReadComponent = storage_read_component::StorageRead; + #[abi(embed_v0)] + impl OwnableTwoStepImpl = OwnableComponent::OwnableTwoStepImpl; + impl OwnableInternalImpl = OwnableComponent::InternalImpl; #[abi(embed_v0)] impl NamingImpl of INaming { @@ -699,9 +708,9 @@ mod Naming { // ADMIN - fn set_admin(ref self: ContractState, new_admin: ContractAddress) { + fn update_admin(ref self: ContractState, new_admin: ContractAddress) { assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); - self._admin_address.write(new_admin); + self.ownable.initializer(new_admin); } fn set_expiry( diff --git a/src/tests/naming.cairo b/src/tests/naming.cairo index a226146..4727a1f 100644 --- a/src/tests/naming.cairo +++ b/src/tests/naming.cairo @@ -5,3 +5,4 @@ mod test_usecases; mod test_features; mod test_altcoin; mod test_ar_discount; +mod test_admin_update; diff --git a/src/tests/naming/test_abuses.cairo b/src/tests/naming/test_abuses.cairo index 6f1547d..9385a1e 100644 --- a/src/tests/naming/test_abuses.cairo +++ b/src/tests/naming/test_abuses.cairo @@ -225,7 +225,7 @@ fn test_non_admin_cannot_set_admin() { // A non-admin tries to set a new admin let new_admin = contract_address_const::<0x789>(); - naming.set_admin(new_admin); + naming.update_admin(new_admin); } #[test] diff --git a/src/tests/naming/test_admin_update.cairo b/src/tests/naming/test_admin_update.cairo new file mode 100644 index 0000000..ac215b4 --- /dev/null +++ b/src/tests/naming/test_admin_update.cairo @@ -0,0 +1,38 @@ +use starknet::testing; +use starknet::ContractAddress; +use starknet::contract_address::ContractAddressZeroable; +use starknet::contract_address_const; +use starknet::testing::set_contract_address; +use super::super::utils; +use super::common::deploy; +use naming::naming::main::Naming; +use naming::interface::naming::{INamingDispatcher, INamingDispatcherTrait}; +use openzeppelin::{ + access::ownable::interface::{IOwnableTwoStep, IOwnableTwoStepDispatcher, IOwnableTwoStepDispatcherTrait}, + token::erc20::{ + interface::{IERC20Camel, IERC20CamelDispatcher, IERC20CamelDispatcherTrait} +}}; + +#[test] +#[available_gas(2000000000)] +fn test_update_admin() { + // setup + let (_, _, _, naming) = deploy(); + let admin = contract_address_const::<0x123>(); + let new_admin = contract_address_const::<0x456>(); + + let ownable2Step = IOwnableTwoStepDispatcher { contract_address: naming.contract_address }; + assert(ownable2Step.owner() == contract_address_const::<0>(), 'admin should be 0'); + + // we call the update_admin function with the new admin + set_contract_address(admin); + naming.update_admin(new_admin); + assert(ownable2Step.owner() == new_admin, 'change of admin failed'); + + // Now we go back to the first admin, this time using the ownable2Step + set_contract_address(new_admin); + ownable2Step.transfer_ownership(admin); + set_contract_address(admin); + ownable2Step.accept_ownership(); + assert(ownable2Step.owner() == admin, 'change of admin failed'); +} \ No newline at end of file From fcccbb2240ae3bd104bfb31ff15814b1bea76d35 Mon Sep 17 00:00:00 2001 From: Iris Date: Wed, 5 Jun 2024 12:14:26 +0200 Subject: [PATCH 2/3] feat: remove update_admin and finalize upgrade --- src/interface/naming.cairo | 2 -- src/naming/main.cairo | 26 +++++++++------------ src/tests/naming/test_abuses.cairo | 16 +------------ src/tests/naming/test_admin_update.cairo | 29 ++++++++++++++++-------- 4 files changed, 32 insertions(+), 41 deletions(-) diff --git a/src/interface/naming.cairo b/src/interface/naming.cairo index 3441026..e5caf55 100644 --- a/src/interface/naming.cairo +++ b/src/interface/naming.cairo @@ -122,6 +122,4 @@ trait INaming { fn blacklist_renewal_contract(ref self: TContractState, contract: ContractAddress); fn toggle_ar_discount_renew(ref self: TContractState); - - fn update_admin(ref self: TContractState, new_admin: ContractAddress); } diff --git a/src/naming/main.cairo b/src/naming/main.cairo index 994ea20..9e8fd4a 100644 --- a/src/naming/main.cairo +++ b/src/naming/main.cairo @@ -156,6 +156,7 @@ mod Naming { self._pricing_contract.write(pricing); self._referral_contract.write(referral); self._admin_address.write(admin); + self.ownable.initializer(admin); } component!(path: storage_read_component, storage: storage_read, event: StorageReadEvent); @@ -708,15 +709,10 @@ mod Naming { // ADMIN - fn update_admin(ref self: ContractState, new_admin: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); - self.ownable.initializer(new_admin); - } - fn set_expiry( ref self: ContractState, root_domain: felt252, expiry: u64 ) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); let hashed_domain = self.hash_domain(array![root_domain].span()); let domain_data = self._domain_data.read(hashed_domain); let data = DomainData { @@ -735,7 +731,7 @@ mod Naming { } fn claim_balance(ref self: ContractState, erc20: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); let balance = IERC20CamelDispatcher { contract_address: erc20 } .balanceOf(get_contract_address()); let has_claimed = IERC20CamelDispatcher { contract_address: erc20 } @@ -744,45 +740,45 @@ mod Naming { } fn set_discount(ref self: ContractState, discount_id: felt252, discount: Discount) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self.discounts.write(discount_id, discount); } fn set_pricing_contract(ref self: ContractState, pricing_contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._pricing_contract.write(pricing_contract); } fn set_referral_contract(ref self: ContractState, referral_contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._referral_contract.write(referral_contract); } fn upgrade(ref self: ContractState, new_class_hash: ClassHash) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); // todo: use components assert(!new_class_hash.is_zero(), 'Class hash cannot be zero'); starknet::replace_class_syscall(new_class_hash).unwrap(); } fn set_server_pub_key(ref self: ContractState, new_key: felt252) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._server_pub_key.write(new_key); } fn whitelist_renewal_contract(ref self: ContractState, contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._whitelisted_renewal_contracts.write(contract, true); } fn blacklist_renewal_contract(ref self: ContractState, contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._whitelisted_renewal_contracts.write(contract, false); } fn toggle_ar_discount_renew(ref self: ContractState) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._ar_discount_renew_enabled.write(!self._ar_discount_renew_enabled.read()); } } diff --git a/src/tests/naming/test_abuses.cairo b/src/tests/naming/test_abuses.cairo index 9385a1e..7b83f22 100644 --- a/src/tests/naming/test_abuses.cairo +++ b/src/tests/naming/test_abuses.cairo @@ -216,21 +216,7 @@ fn test_renewal_period_too_long() { #[test] #[available_gas(2000000000)] -#[should_panic(expected: ('you are not admin', 'ENTRYPOINT_FAILED'))] -fn test_non_admin_cannot_set_admin() { - // setup - let (_, _, _, naming) = deploy(); - let non_admin_address = contract_address_const::<0x456>(); - set_contract_address(non_admin_address); - - // A non-admin tries to set a new admin - let new_admin = contract_address_const::<0x789>(); - naming.update_admin(new_admin); -} - -#[test] -#[available_gas(2000000000)] -#[should_panic(expected: ('you are not admin', 'ENTRYPOINT_FAILED'))] +#[should_panic(expected: ('Caller is not the owner', 'ENTRYPOINT_FAILED'))] fn test_non_admin_cannot_claim_balance() { // setup let (eth, _, _, naming) = deploy(); diff --git a/src/tests/naming/test_admin_update.cairo b/src/tests/naming/test_admin_update.cairo index ac215b4..007bb0e 100644 --- a/src/tests/naming/test_admin_update.cairo +++ b/src/tests/naming/test_admin_update.cairo @@ -22,17 +22,28 @@ fn test_update_admin() { let new_admin = contract_address_const::<0x456>(); let ownable2Step = IOwnableTwoStepDispatcher { contract_address: naming.contract_address }; - assert(ownable2Step.owner() == contract_address_const::<0>(), 'admin should be 0'); - - // we call the update_admin function with the new admin - set_contract_address(admin); - naming.update_admin(new_admin); - assert(ownable2Step.owner() == new_admin, 'change of admin failed'); + assert(ownable2Step.owner() == admin, 'admin not initialized'); // Now we go back to the first admin, this time using the ownable2Step - set_contract_address(new_admin); - ownable2Step.transfer_ownership(admin); set_contract_address(admin); + ownable2Step.transfer_ownership(new_admin); + set_contract_address(new_admin); ownable2Step.accept_ownership(); - assert(ownable2Step.owner() == admin, 'change of admin failed'); + assert(ownable2Step.owner() == new_admin, 'change of admin failed'); +} + + +#[test] +#[available_gas(2000000000)] +#[should_panic(expected: ('Caller is not the owner', 'ENTRYPOINT_FAILED'))] +fn test_non_admin_cannot_set_admin() { + // setup + let (_, _, _, naming) = deploy(); + let ownable2Step = IOwnableTwoStepDispatcher { contract_address: naming.contract_address }; + let non_admin_address = contract_address_const::<0x456>(); + set_contract_address(non_admin_address); + + // A non-admin tries to set a new admin + let new_admin = contract_address_const::<0x789>(); + ownable2Step.transfer_ownership(new_admin); } \ No newline at end of file From a72c07865beb1fe4c7a9c7794bb1d91abb5ee70f Mon Sep 17 00:00:00 2001 From: Iris Date: Wed, 5 Jun 2024 15:00:19 +0200 Subject: [PATCH 3/3] fix: write admin_address to 0 and update is_admin checks --- src/naming/main.cairo | 22 ++++++++++++---------- src/tests/naming/test_abuses.cairo | 2 +- src/tests/naming/test_admin_update.cairo | 1 - 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/naming/main.cairo b/src/naming/main.cairo index 994ea20..4b6e953 100644 --- a/src/naming/main.cairo +++ b/src/naming/main.cairo @@ -156,6 +156,7 @@ mod Naming { self._pricing_contract.write(pricing); self._referral_contract.write(referral); self._admin_address.write(admin); + self.ownable.initializer(admin); } component!(path: storage_read_component, storage: storage_read, event: StorageReadEvent); @@ -711,12 +712,13 @@ mod Naming { fn update_admin(ref self: ContractState, new_admin: ContractAddress) { assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); self.ownable.initializer(new_admin); + self._admin_address.write(Zeroable::zero()); } fn set_expiry( ref self: ContractState, root_domain: felt252, expiry: u64 ) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); let hashed_domain = self.hash_domain(array![root_domain].span()); let domain_data = self._domain_data.read(hashed_domain); let data = DomainData { @@ -735,7 +737,7 @@ mod Naming { } fn claim_balance(ref self: ContractState, erc20: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); let balance = IERC20CamelDispatcher { contract_address: erc20 } .balanceOf(get_contract_address()); let has_claimed = IERC20CamelDispatcher { contract_address: erc20 } @@ -744,45 +746,45 @@ mod Naming { } fn set_discount(ref self: ContractState, discount_id: felt252, discount: Discount) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self.discounts.write(discount_id, discount); } fn set_pricing_contract(ref self: ContractState, pricing_contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._pricing_contract.write(pricing_contract); } fn set_referral_contract(ref self: ContractState, referral_contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._referral_contract.write(referral_contract); } fn upgrade(ref self: ContractState, new_class_hash: ClassHash) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); // todo: use components assert(!new_class_hash.is_zero(), 'Class hash cannot be zero'); starknet::replace_class_syscall(new_class_hash).unwrap(); } fn set_server_pub_key(ref self: ContractState, new_key: felt252) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._server_pub_key.write(new_key); } fn whitelist_renewal_contract(ref self: ContractState, contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._whitelisted_renewal_contracts.write(contract, true); } fn blacklist_renewal_contract(ref self: ContractState, contract: ContractAddress) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._whitelisted_renewal_contracts.write(contract, false); } fn toggle_ar_discount_renew(ref self: ContractState) { - assert(get_caller_address() == self._admin_address.read(), 'you are not admin'); + self.ownable.assert_only_owner(); self._ar_discount_renew_enabled.write(!self._ar_discount_renew_enabled.read()); } } diff --git a/src/tests/naming/test_abuses.cairo b/src/tests/naming/test_abuses.cairo index 9385a1e..e12c42f 100644 --- a/src/tests/naming/test_abuses.cairo +++ b/src/tests/naming/test_abuses.cairo @@ -230,7 +230,7 @@ fn test_non_admin_cannot_set_admin() { #[test] #[available_gas(2000000000)] -#[should_panic(expected: ('you are not admin', 'ENTRYPOINT_FAILED'))] +#[should_panic(expected: ('Caller is not the owner', 'ENTRYPOINT_FAILED'))] fn test_non_admin_cannot_claim_balance() { // setup let (eth, _, _, naming) = deploy(); diff --git a/src/tests/naming/test_admin_update.cairo b/src/tests/naming/test_admin_update.cairo index ac215b4..cbd9efe 100644 --- a/src/tests/naming/test_admin_update.cairo +++ b/src/tests/naming/test_admin_update.cairo @@ -22,7 +22,6 @@ fn test_update_admin() { let new_admin = contract_address_const::<0x456>(); let ownable2Step = IOwnableTwoStepDispatcher { contract_address: naming.contract_address }; - assert(ownable2Step.owner() == contract_address_const::<0>(), 'admin should be 0'); // we call the update_admin function with the new admin set_contract_address(admin);