Skip to content

Commit 7a4064d

Browse files
frangiofrangio
committed
Make AccessManager.execute/schedule more conservative when delay is 0 (#4644)
(cherry picked from commit b849906)
1 parent bf629d4 commit 7a4064d

File tree

3 files changed

+13
-5
lines changed

3 files changed

+13
-5
lines changed

.changeset/thirty-drinks-happen.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
---
2+
'openzeppelin-solidity': major
3+
---
4+
5+
`AccessManager`: Make `schedule` and `execute` more conservative when delay is 0.

contracts/access/manager/AccessManager.sol

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -583,12 +583,12 @@ contract AccessManager is Context, Multicall, IAccessManager {
583583
address caller = _msgSender();
584584

585585
// Fetch restrictions that apply to the caller on the targeted function
586-
(bool immediate, uint32 setback) = _canCallExtended(caller, target, data);
586+
(, uint32 setback) = _canCallExtended(caller, target, data);
587587

588588
uint48 minWhen = Time.timestamp() + setback;
589589

590-
// if call is not authorized, or if requested timing is too soon
591-
if ((!immediate && setback == 0) || (when > 0 && when < minWhen)) {
590+
// if call with delay is not authorized, or if requested timing is too soon
591+
if (setback == 0 || (when > 0 && when < minWhen)) {
592592
revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
593593
}
594594

@@ -645,11 +645,12 @@ contract AccessManager is Context, Multicall, IAccessManager {
645645
revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
646646
}
647647

648-
// If caller is authorised, check operation was scheduled early enough
649648
bytes32 operationId = hashOperation(caller, target, data);
650649
uint32 nonce;
651650

652-
if (setback != 0) {
651+
// If caller is authorised, check operation was scheduled early enough
652+
// Consume an available schedule even if there is no currently enforced delay
653+
if (setback != 0 || getSchedule(operationId) != 0) {
653654
nonce = _consumeScheduledOp(operationId);
654655
}
655656

test/access/manager/AccessManager.test.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -636,6 +636,8 @@ contract('AccessManager', function (accounts) {
636636

637637
describe(description, function () {
638638
beforeEach(async function () {
639+
if (!delay || fnRole === ROLES.PUBLIC) this.skip(); // TODO: Fixed in #4613
640+
639641
// setup
640642
await Promise.all([
641643
this.manager.$_setTargetClosed(this.target.address, closed),

0 commit comments

Comments
 (0)