From b849906ce430059a768842674b48ff53ab3a1218 Mon Sep 17 00:00:00 2001 From: Francisco Date: Mon, 2 Oct 2023 16:43:12 -0300 Subject: [PATCH] Make AccessManager.execute/schedule more conservative when delay is 0 (#4644) --- .changeset/thirty-drinks-happen.md | 5 +++++ contracts/access/manager/AccessManager.sol | 11 ++++++----- test/access/manager/AccessManager.test.js | 2 ++ 3 files changed, 13 insertions(+), 5 deletions(-) create mode 100644 .changeset/thirty-drinks-happen.md diff --git a/.changeset/thirty-drinks-happen.md b/.changeset/thirty-drinks-happen.md new file mode 100644 index 00000000000..85be9732ef4 --- /dev/null +++ b/.changeset/thirty-drinks-happen.md @@ -0,0 +1,5 @@ +--- +'openzeppelin-solidity': major +--- + +`AccessManager`: Make `schedule` and `execute` more conservative when delay is 0. diff --git a/contracts/access/manager/AccessManager.sol b/contracts/access/manager/AccessManager.sol index 31ef86c3f11..234164f219d 100644 --- a/contracts/access/manager/AccessManager.sol +++ b/contracts/access/manager/AccessManager.sol @@ -582,12 +582,12 @@ contract AccessManager is Context, Multicall, IAccessManager { address caller = _msgSender(); // Fetch restrictions that apply to the caller on the targeted function - (bool immediate, uint32 setback) = _canCallExtended(caller, target, data); + (, uint32 setback) = _canCallExtended(caller, target, data); uint48 minWhen = Time.timestamp() + setback; - // if call is not authorized, or if requested timing is too soon - if ((!immediate && setback == 0) || (when > 0 && when < minWhen)) { + // if call with delay is not authorized, or if requested timing is too soon + if (setback == 0 || (when > 0 && when < minWhen)) { revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data)); } @@ -644,11 +644,12 @@ contract AccessManager is Context, Multicall, IAccessManager { revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data)); } - // If caller is authorised, check operation was scheduled early enough bytes32 operationId = hashOperation(caller, target, data); uint32 nonce; - if (setback != 0) { + // If caller is authorised, check operation was scheduled early enough + // Consume an available schedule even if there is no currently enforced delay + if (setback != 0 || getSchedule(operationId) != 0) { nonce = _consumeScheduledOp(operationId); } diff --git a/test/access/manager/AccessManager.test.js b/test/access/manager/AccessManager.test.js index 1da7b3ced62..5d8ed5de907 100644 --- a/test/access/manager/AccessManager.test.js +++ b/test/access/manager/AccessManager.test.js @@ -636,6 +636,8 @@ contract('AccessManager', function (accounts) { describe(description, function () { beforeEach(async function () { + if (!delay || fnRole === ROLES.PUBLIC) this.skip(); // TODO: Fixed in #4613 + // setup await Promise.all([ this.manager.$_setTargetClosed(this.target.address, closed),