feat: refactor access control so there is only one onlyTrusted mapping

0xtekgrinder · 0xtekgrinder · commit d473b8497313 · 2024-10-22T21:35:05.000+02:00
diff --git a/contracts/helpers/BaseHarvester.sol b/contracts/helpers/BaseHarvester.sol
@@ -35,8 +35,20 @@ abstract contract BaseHarvester is IHarvester, AccessControl {
                                                        MODIFIERS
     //////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
 
-    modifier onlyAllowedOrGuardian() {
-        if (!isAllowed[msg.sender] && !accessControlManager.isGovernorOrGuardian(msg.sender)) revert NotTrusted();
+    /**
+     * @notice Checks whether the `msg.sender` is trusted to update target exposure and do others non critical operations
+     */
+    modifier onlyTrusted() {
+        if (!isTrusted[msg.sender]) revert NotTrusted();
+        _;
+    }
+
+    /**
+     * @notice Checks whether the `msg.sender` is trusted or guardian to update target exposure and do others non critical operations
+     */
+    modifier onlyTrustedOrGuardian() {
+        if (!isTrusted[msg.sender] && !accessControlManager.isGovernorOrGuardian(msg.sender))
+            revert NotTrustedOrGuardian();
         _;
     }
 
@@ -52,8 +64,8 @@ abstract contract BaseHarvester is IHarvester, AccessControl {
     uint96 public maxSlippage;
     /// @notice Data associated to a yield bearing asset
     mapping(address => YieldBearingParams) public yieldBearingData;
-    /// @notice Whether an address is allowed to update the target exposure of a yield bearing asset
-    mapping(address => bool) public isAllowed;
+    /// @notice trusted addresses that can update target exposure and do others non critical operations
+    mapping(address => bool) public isTrusted;
 
     /*//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
                                                        CONSTRUCTOR
@@ -121,23 +133,23 @@ abstract contract BaseHarvester is IHarvester, AccessControl {
     }
 
     /**
-     * @notice add an address to the allowed list
-     * @param account address to be added
+     * @notice Toggle the trusted status of an address
+     * @param trusted address to toggle the trusted status
      */
-    function toggleAllowed(address account) external onlyGuardian {
-        isAllowed[account] = !isAllowed[account];
+    function toggleTrusted(address trusted) external onlyGuardian {
+        isTrusted[trusted] = !isTrusted[trusted];
     }
 
     /*//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
-                                                        ALLOWED FUNCTIONS
+                                                        TRUSTED FUNCTIONS
     //////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
 
     /**
      * @notice Set the target exposure of a yield bearing asset
      * @param yieldBearingAsset address of the yield bearing asset
      * @param targetExposure target exposure to the yield bearing asset used
      */
-    function setTargetExposure(address yieldBearingAsset, uint64 targetExposure) external onlyAllowedOrGuardian {
+    function setTargetExposure(address yieldBearingAsset, uint64 targetExposure) external onlyTrustedOrGuardian {
         yieldBearingData[yieldBearingAsset].targetExposure = targetExposure;
     }
 
diff --git a/contracts/helpers/MultiBlockHarvester.sol b/contracts/helpers/MultiBlockHarvester.sol
@@ -20,23 +20,12 @@ import "../utils/Constants.sol";
 contract MultiBlockHarvester is BaseHarvester {
     using SafeERC20 for IERC20;
 
-    /*//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
-                                                       MODIFIERS
-    //////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
-
-    modifier onlyTrusted() {
-        if (!isTrusted[msg.sender]) revert NotTrusted();
-        _;
-    }
-
     /*//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
                                                        VARIABLES
     //////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
 
     /// @notice address to deposit to receive yieldBearingAsset
     mapping(address => address) public yieldBearingToDepositAddress;
-    /// @notice trusted addresses
-    mapping(address => bool) public isTrusted;
 
     /// @notice Maximum amount of stablecoins that can be minted in a single transaction
     uint256 public maxMintAmount;
@@ -83,14 +72,6 @@ contract MultiBlockHarvester is BaseHarvester {
         yieldBearingToDepositAddress[yieldBearingAsset] = newDepositAddress;
     }
 
-    /**
-     * @notice Toggle the trusted status of an address
-     * @param trusted address to toggle the trusted status
-     */
-    function toggleTrusted(address trusted) external onlyGuardian {
-        isTrusted[trusted] = !isTrusted[trusted];
-    }
-
     /*//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
                                                         TRUSTED FUNCTIONS
     //////////////////////////////////////////////////////////////////////////////////////////////////////////////////*/
diff --git a/contracts/utils/Errors.sol b/contracts/utils/Errors.sol
@@ -31,6 +31,7 @@ error NotCollateral();
 error NotGovernor();
 error NotGovernorOrGuardian();
 error NotTrusted();
+error NotTrustedOrGuardian();
 error NotWhitelisted();
 error OneInchSwapFailed();
 error OracleUpdateFailed();
