fix: tests for new acl

ensdomains · hiddentao · Feb 23, 2025 · Feb 23, 2025 · Feb 23, 2025 · Feb 23, 2025
commit 28c9213c7912807cfb3c413bf1c44bb552ab86ac
diff --git a/contracts/src/registry/Roles.sol b/contracts/src/registry/Roles.sol
@@ -7,6 +7,9 @@ pragma solidity >=0.8.13;
  * We define everything here so that we can (a) avoid accidental clashes, and (b) define globally unique roles.
  */
 abstract contract Roles {
+    /*
+    NOTE: DEFAULT_ADMIN_ROLE is 1, so all other roles are > 1
+    */
     uint8 public constant ROLE_SET_SUBREGISTRY = 2;
     uint8 public constant ROLE_SET_RESOLVER = 3;
     uint8 public constant ROLE_TLD_ISSUER = 4;

diff --git a/contracts/test/EnhancedAccessControl.t.sol b/contracts/test/EnhancedAccessControl.t.sol
@@ -34,6 +34,7 @@ contract EnhancedAccessControlTest is Test {
     uint8 public constant ROLE_A = 2;
     uint8 public constant ROLE_B = 3;
     uint8 public constant ROLE_C = 4;
+    uint8 public constant ROLE_D = 5;
     bytes32 public constant RESOURCE_1 = bytes32(keccak256("RESOURCE_1"));
     bytes32 public constant RESOURCE_2 = bytes32(keccak256("RESOURCE_2"));
 
@@ -109,7 +110,7 @@ contract EnhancedAccessControlTest is Test {
 
         // Test granting a mix of new and existing roles
         vm.recordLogs();
-        uint256 mixedRoleBitmap = (1 << ROLE_A) | (1 << 4); // ROLE_A already granted, role 4 is new
+        uint256 mixedRoleBitmap = (1 << ROLE_A) | (1 << ROLE_D); // ROLE_A already granted, ROLE_D is new
 
         access.grantRoles(RESOURCE_1, mixedRoleBitmap, user1);
 
@@ -223,15 +224,15 @@ contract EnhancedAccessControlTest is Test {
     }
 
     function test_Revert_unauthorized_grant() public {
-        vm.expectRevert(abi.encodeWithSelector(EnhancedAccessControl.EnhancedAccessControlUnauthorizedAccountRole.selector, RESOURCE_1, access.DEFAULT_ADMIN_ROLE(), user1));
+        vm.expectRevert(abi.encodeWithSelector(EnhancedAccessControl.EnhancedAccessControlUnauthorizedAccountAdminRole.selector, RESOURCE_1, ROLE_A, user1));
         vm.prank(user1);
         access.grantRole(RESOURCE_1, ROLE_A, user2);
     }
 
     function test_Revert_unauthorized_revoke() public {
         access.grantRole(RESOURCE_1, ROLE_A, user2);
 
-        vm.expectRevert(abi.encodeWithSelector(EnhancedAccessControl.EnhancedAccessControlUnauthorizedAccountRole.selector, RESOURCE_1, access.DEFAULT_ADMIN_ROLE(), user1));
+        vm.expectRevert(abi.encodeWithSelector(EnhancedAccessControl.EnhancedAccessControlUnauthorizedAccountAdminRole.selector, RESOURCE_1, ROLE_A, user1));
         vm.prank(user1);
         access.revokeRole(RESOURCE_1, ROLE_A, user2);
     }

diff --git a/contracts/test/RootRegistry.t.sol b/contracts/test/RootRegistry.t.sol
@@ -37,7 +37,7 @@ contract TestRootRegistry is Test, ERC1155Holder, Roles {
 
     function test_register_locked_resolver_and_subregistry() public {
         uint256 expectedId = uint256(keccak256("test2"));
-        uint256 tokenId = registry.mint("test2", address(this), registry, 0, lockedResolverRoleBitmap | lockedSubregistryRoleBitmap, "");
+        uint256 tokenId = registry.mint("test2", address(this), registry, 0, 0, "");
         vm.assertEq(tokenId, expectedId);
         assertEq(registry.hasRole(registry.tokenIdResource(tokenId), ROLE_SET_SUBREGISTRY, address(this)), false);
         assertEq(registry.hasRole(registry.tokenIdResource(tokenId), ROLE_SET_RESOLVER, address(this)), false);