Remove role system

Author: telome

deploy/NFATInit.sol

@@ -22,25 +22,20 @@ interface NFATFacilityLike {
     function gem() external view returns (address);
     function almProxy() external view returns (address);
     function file(bytes32, address) external;
-    function setUserRole(address, uint8, bool) external;
-    function setRoleAction(uint8, bytes4, bool) external;
-    function stop() external;
-    function claim(address, uint256) external;
+    function kiss(address) external;
+    function addFreezer(address) external;
 }
 
 struct NFATConfig {
     bytes32   facilityKey;
     address   almProxy;
     address   identityNetwork;
-    address   lpha;
-    address[] pausers;
+    address   operator;
+    address[] freezers;
 }
 
 library NFATInit {
 
-    uint8 constant PAUSER = 1;
-    uint8 constant LPHA   = 2;
-
     function init(
         DssInstance memory dss,
         address     facility_,
@@ -57,18 +52,15 @@ library NFATInit {
 
         facility.file("identityNetwork", cfg.identityNetwork);
 
-        // --- Configure pauser role ---
-
-        facility.setRoleAction(PAUSER, NFATFacilityLike.stop.selector, true);
+        // --- Configure freezers ---
 
-        for (uint256 i = 0; i < cfg.pausers.length; ++i) {
-            facility.setUserRole(cfg.pausers[i], PAUSER, true);
+        for (uint256 i = 0; i < cfg.freezers.length; ++i) {
+            facility.addFreezer(cfg.freezers[i]);
         }
 
-        // --- Configure lpha role ---
+        // --- Configure operator ---
 
-        facility.setRoleAction(LPHA, NFATFacilityLike.claim.selector, true);
-        facility.setUserRole(cfg.lpha, LPHA, true);
+        facility.kiss(cfg.operator);
 
         // --- Chainlog ---
 

src/NFATFacility.sol

@@ -46,9 +46,9 @@ contract NFATFacility {
 
     // --- Access Control Storage ---
 
-    mapping(address usr => uint256 allowed)   public wards;
-    mapping(address usr => bytes32 rolesData) public userRoles;
-    mapping(bytes4  sig => bytes32 rolesData) public actionsRoles;
+    mapping(address usr => uint256 allowed) public wards;
+    mapping(address usr => uint256 allowed) public buds;  // Operator(s) (lpha-nfat beacon)
+    mapping(address usr => uint256 allowed) public cops;  // Freezers
     bool    public stopped;
     address public identityNetwork;
 
@@ -74,8 +74,10 @@ contract NFATFacility {
 
     event Rely(address indexed usr);
     event Deny(address indexed usr);
-    event SetUserRole(address indexed who, uint8 indexed role, bool enabled);
-    event SetRoleAction(uint8 indexed role, bytes4 sig, bool enabled);
+    event Kiss(address indexed usr);
+    event Diss(address indexed usr);
+    event AddFreezer(address indexed usr);
+    event RemoveFreezer(address indexed usr);
     event Stop();
     event Start();
     event File(bytes32 indexed what, address data);
@@ -104,12 +106,13 @@ contract NFATFacility {
         _;
     }
 
-    modifier roleAuth() {
-        require(
-            userRoles[msg.sender] & actionsRoles[msg.sig] != bytes32(0) ||
-            wards[msg.sender] == 1,
-            "NFATFacility/role-not-authorized"
-        );
+    modifier toll() {
+        require(buds[msg.sender] == 1 || wards[msg.sender] == 1, "NFATFacility/not-operator");
+        _;
+    }
+
+    modifier cop() {
+        require(cops[msg.sender] == 1 || wards[msg.sender] == 1, "NFATFacility/not-freezer");
         _;
     }
 
@@ -141,27 +144,27 @@ contract NFATFacility {
         emit Deny(usr);
     }
 
-    function setUserRole(address who, uint8 role, bool enabled) external auth {
-        bytes32 mask = bytes32(uint256(1) << role);
-        if (enabled) {
-            userRoles[who] |= mask;
-        } else {
-            userRoles[who] &= ~mask;
-        }
-        emit SetUserRole(who, role, enabled);
+    function kiss(address usr) external auth {
+        buds[usr] = 1;
+        emit Kiss(usr);
     }
 
-    function setRoleAction(uint8 role, bytes4 sig, bool enabled) external auth {
-        bytes32 mask = bytes32(uint256(1) << role);
-        if (enabled) {
-            actionsRoles[sig] |= mask;
-        } else {
-            actionsRoles[sig] &= ~mask;
-        }
-        emit SetRoleAction(role, sig, enabled);
+    function diss(address usr) external auth {
+        buds[usr] = 0;
+        emit Diss(usr);
+    }
+
+    function addFreezer(address usr) external auth {
+        cops[usr] = 1;
+        emit AddFreezer(usr);
     }
 
-    function stop() external roleAuth {
+    function removeFreezer(address usr) external auth {
+        cops[usr] = 0;
+        emit RemoveFreezer(usr);
+    }
+
+    function stop() external cop {
         stopped = true;
         emit Stop();
     }
@@ -177,22 +180,6 @@ contract NFATFacility {
         emit File(what, data);
     }
 
-    /// @notice Check if a user has a specific role
-    /// @param usr The address to check
-    /// @param role The role ID
-    /// @return has Whether the user has the role
-    function hasUserRole(address usr, uint8 role) external view returns (bool has) {
-        has = userRoles[usr] & bytes32(uint256(1) << role) != bytes32(0);
-    }
-
-    /// @notice Check if an action is assigned to a role
-    /// @param sig The function signature
-    /// @param role The role ID
-    /// @return has Whether the action is in the role
-    function isActionInRole(bytes4 sig, uint8 role) external view returns (bool has) {
-        has = actionsRoles[sig] & bytes32(uint256(1) << role) != bytes32(0);
-    }
-
     // --- Queue Functions ---
 
     /// @notice Prime deposits gem into the queue
@@ -227,7 +214,7 @@ contract NFATFacility {
     /// @notice Sentinel claims from queue, mints NFAT to target
     /// @param target The Prime address to mint the NFAT to
     /// @param amount The amount of gem to claim
-    function claim(address target, uint256 amount) external roleAuth notStopped {
+    function claim(address target, uint256 amount) external toll notStopped {
         require(amount > 0, "NFATFacility/zero-amount");
         require(deposits[target] >= amount, "NFATFacility/insufficient-deposits");
 

test/NFATFacility.t.sol

@@ -39,13 +39,15 @@ contract NFATFacilityTest is DssTest {
 
     address almProxy   = address(0xA1);
     address pauseProxy;
-    address lpha       = address(0xC1);
-    address pauser     = address(0xC2);
+    address operator   = address(0xC1);
+    address freezer    = address(0xC2);
     address prime1     = address(0xB1);
     address prime2     = address(0xB2);
 
-    event SetUserRole(address indexed who, uint8 indexed role, bool enabled);
-    event SetRoleAction(uint8 indexed role, bytes4 sig, bool enabled);
+    event Kiss(address indexed usr);
+    event Diss(address indexed usr);
+    event AddFreezer(address indexed usr);
+    event RemoveFreezer(address indexed usr);
     event Stop();
     event Start();
     event Subscribe(address indexed depositor, uint256 amount);
@@ -73,14 +75,14 @@ contract NFATFacilityTest is DssTest {
         susds    = SUsdsLike(address(facility.gem()));
 
         // Init via NFATInit as pauseProxy
-        address[] memory pausers = new address[](1);
-        pausers[0] = pauser;
+        address[] memory _freezers = new address[](1);
+        _freezers[0] = freezer;
         NFATConfig memory cfg = NFATConfig({
             facilityKey:     "NFAT_FAC_HALO1",
             almProxy:        almProxy,
             identityNetwork: address(0),
-            lpha:            lpha,
-            pausers:         pausers
+            operator:        operator,
+            freezers:        _freezers
         });
         vm.startPrank(pauseProxy);
         NFATInit.init(dss, facility_, cfg);
@@ -101,7 +103,7 @@ contract NFATFacilityTest is DssTest {
 
     function _claim(address target, uint256 amount) internal returns (uint256 tokenId) {
         tokenId = facility.nextTokenId();
-        vm.prank(lpha); facility.claim(target, amount);
+        vm.prank(operator); facility.claim(target, amount);
     }
 
     function _fundToken(uint256 tokenId, uint256 amount) internal {
@@ -115,13 +117,11 @@ contract NFATFacilityTest is DssTest {
     function testDeployAndInit() public view {
         assertEq(facility.wards(pauseProxy), 1);
 
-        // Pauser role configured by init
-        assertTrue(facility.hasUserRole(pauser, NFATInit.PAUSER));
-        assertTrue(facility.isActionInRole(facility.stop.selector, NFATInit.PAUSER));
+        // Freezer configured by init
+        assertEq(facility.cops(freezer), 1);
 
-        // Lpha role configured by init
-        assertTrue(facility.hasUserRole(lpha, NFATInit.LPHA));
-        assertTrue(facility.isActionInRole(facility.claim.selector, NFATInit.LPHA));
+        // Operator configured by init
+        assertEq(facility.buds(operator), 1);
 
         // Chainlog entry
         assertEq(dss.chainlog.getAddress("NFAT_FAC_HALO1"), address(facility));
@@ -140,57 +140,67 @@ contract NFATFacilityTest is DssTest {
     function testModifiers() public {
         vm.startPrank(address(0xBEEF));
         checkModifier(address(facility), "NFATFacility/not-authorized", [
-            facility.setUserRole.selector,
-            facility.setRoleAction.selector,
+            facility.kiss.selector,
+            facility.diss.selector,
+            facility.addFreezer.selector,
+            facility.removeFreezer.selector,
             facility.start.selector
         ]);
-        checkModifier(address(facility), "NFATFacility/role-not-authorized", [
-            facility.stop.selector,
+        vm.stopPrank();
+
+        checkModifier(address(facility), "NFATFacility/not-operator", [
             facility.claim.selector
         ]);
-        vm.stopPrank();
+        checkModifier(address(facility), "NFATFacility/not-freezer", [
+            facility.stop.selector
+        ]);
     }
 
-    function testSetUserRole() public {
-        vm.startPrank(pauseProxy);
+    function testKissDiss() public {
+        address who = address(0xb0b);
+        assertEq(facility.buds(who), 0);
+
         vm.expectEmit(true, true, true, true);
-        emit SetUserRole(prime1, 1, true);
-        facility.setUserRole(prime1, 1, true);
-        assertTrue(facility.hasUserRole(prime1, 1));
+        emit Kiss(who);
+        vm.prank(pauseProxy); facility.kiss(who);
+        assertEq(facility.buds(who), 1);
 
-        facility.setUserRole(prime1, 1, false);
-        assertTrue(!facility.hasUserRole(prime1, 1));
-        vm.stopPrank();
+        vm.expectEmit(true, true, true, true);
+        emit Diss(who);
+        vm.prank(pauseProxy); facility.diss(who);
+        assertEq(facility.buds(who), 0);
     }
 
-    function testSetRoleAction() public {
-        bytes4 sig = facility.claim.selector;
-        vm.startPrank(pauseProxy);
+    function testAddRemoveFreezer() public {
+        address who = address(0xb0b);
+        assertEq(facility.cops(who), 0);
+
         vm.expectEmit(true, true, true, true);
-        emit SetRoleAction(1, sig, true);
-        facility.setRoleAction(1, sig, true);
-        assertTrue(facility.isActionInRole(sig, 1));
+        emit AddFreezer(who);
+        vm.prank(pauseProxy); facility.addFreezer(who);
+        assertEq(facility.cops(who), 1);
 
-        facility.setRoleAction(1, sig, false);
-        assertTrue(!facility.isActionInRole(sig, 1));
-        vm.stopPrank();
+        vm.expectEmit(true, true, true, true);
+        emit RemoveFreezer(who);
+        vm.prank(pauseProxy); facility.removeFreezer(who);
+        assertEq(facility.cops(who), 0);
     }
 
     function testStopStart() public {
         _subscribe(prime1, 100 ether);
 
         // claim works before stop
-        vm.prank(lpha); facility.claim(prime1, 25 ether);
+        vm.prank(operator); facility.claim(prime1, 25 ether);
 
         // stop
         vm.expectEmit(true, true, true, true);
         emit Stop();
-        vm.prank(pauser); facility.stop();
+        vm.prank(freezer); facility.stop();
         assertTrue(facility.stopped());
 
         // claim reverts while stopped
         vm.expectRevert("NFATFacility/stopped");
-        vm.prank(lpha); facility.claim(prime1, 25 ether);
+        vm.prank(operator); facility.claim(prime1, 25 ether);
 
         // start
         vm.expectEmit(true, true, true, true);
@@ -199,7 +209,7 @@ contract NFATFacilityTest is DssTest {
         assertTrue(!facility.stopped());
 
         // claim works again after start
-        vm.prank(lpha); facility.claim(prime1, 25 ether);
+        vm.prank(operator); facility.claim(prime1, 25 ether);
     }
 
     // --- Queue ---
@@ -279,22 +289,22 @@ contract NFATFacilityTest is DssTest {
         _subscribe(prime1, 100 ether);
 
         vm.expectRevert("NFATFacility/zero-amount");
-        vm.prank(lpha); facility.claim(prime1, 0);
+        vm.prank(operator); facility.claim(prime1, 0);
     }
 
     function testRevertClaimInsufficientDeposits() public {
         _subscribe(prime1, 100 ether);
 
         vm.expectRevert("NFATFacility/insufficient-deposits");
-        vm.prank(lpha); facility.claim(prime1, 101 ether);
+        vm.prank(operator); facility.claim(prime1, 101 ether);
     }
 
     function testRevertClaimStopped() public {
         _subscribe(prime1, 100 ether);
         vm.prank(pauseProxy); facility.stop();
 
         vm.expectRevert("NFATFacility/stopped");
-        vm.prank(lpha); facility.claim(prime1, 50 ether);
+        vm.prank(operator); facility.claim(prime1, 50 ether);
     }
 
     function testClaimWithIdentityNetwork() public {
@@ -313,7 +323,7 @@ contract NFATFacilityTest is DssTest {
         _subscribe(prime1, 100 ether);
 
         vm.expectRevert("NFATFacility/target-not-member");
-        vm.prank(lpha); facility.claim(prime1, 50 ether);
+        vm.prank(operator); facility.claim(prime1, 50 ether);
     }
 
     // --- Fund ---
@@ -524,8 +534,8 @@ contract NFATFacilityTest is DssTest {
 
         // Operator approves
         vm.prank(prime1); facility.setApprovalForAll(prime2, true);
-        vm.prank(prime2); facility.approve(lpha, tokenId);
-        assertEq(facility.getApproved(tokenId), lpha);
+        vm.prank(prime2); facility.approve(operator, tokenId);
+        assertEq(facility.getApproved(tokenId), operator);
     }
 
     function testRevertApproveNotAuthorized() public {