feat: [VEN-953] add ACM check to setCloseFactor

VenusProtocol · Mar 15, 2023 · d8494f7 · d8494f7
1 parent c75580a
commit d8494f7
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 11 deletions.
diff --git a/contracts/Comptroller.sol b/contracts/Comptroller.sol
@@ -715,7 +715,8 @@ contract Comptroller is
      * @custom:event Emits NewCloseFactor on success
      * @custom:access Only Governance
      */
-    function setCloseFactor(uint256 newCloseFactorMantissa) external onlyOwner {
+    function setCloseFactor(uint256 newCloseFactorMantissa) external {
+        _checkAccessAllowed("setCloseFactor(uint256)");
         require(closeFactorMaxMantissa >= newCloseFactorMantissa, "Close factor greater than maximum close factor");
         require(closeFactorMinMantissa <= newCloseFactorMantissa, "Close factor smaller than minimum close factor");
 

diff --git a/deploy/008-access-control-configure.ts b/deploy/008-access-control-configure.ts
@@ -58,6 +58,14 @@ const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
   await tx.wait();
   console.log("DEFAULT_ADMIN | PoolRegistry       | setLiquidationIncentive(uint256)");
 
+  tx = await accessControlManager.giveCallPermission(
+    ethers.constants.AddressZero,
+    "setCloseFactor(uint256)",
+    poolRegistry.address,
+  );
+  await tx.wait();
+  console.log("DEFAULT_ADMIN | PoolRegistry       | setCloseFactor(uint256)");
+
   tx = await accessControlManager.giveCallPermission(
     ethers.constants.AddressZero,
     "setMinLiquidatableCollateral(uint256)",

diff --git a/tests/hardhat/Comptroller/setters.ts b/tests/hardhat/Comptroller/setters.ts
@@ -81,16 +81,12 @@ describe("setters", async () => {
   });
 
   describe("setCloseFactor", async () => {
-    let newPriceOracle: FakeContract<PriceOracle>;
-
-    before(async () => {
-      newPriceOracle = await smock.fake<PriceOracle>("PriceOracle");
-    });
-
-    it("reverts if called by a non-owner", async () => {
-      await expect(comptroller.connect(user).setPriceOracle(newPriceOracle.address)).to.be.revertedWith(
-        "Ownable: caller is not the owner",
-      );
+    const newCloseFactor = convertToUnit("0.8", 18);
+    it("reverts if access control manager does not allow the call", async () => {
+      accessControl.isAllowedToCall.whenCalledWith(owner.address, "setCloseFactor(uint256)").returns(false);
+      await expect(comptroller.setCloseFactor(newCloseFactor))
+        .to.be.revertedWithCustomError(comptroller, "Unauthorized")
+        .withArgs(owner.address, comptroller.address, "setCloseFactor(uint256)");
     });
   });
 

diff --git a/tests/hardhat/Fork/RiskFund.ts b/tests/hardhat/Fork/RiskFund.ts
@@ -207,6 +207,12 @@ const riskFundFixture = async (): Promise<void> => {
     poolRegistry.address,
   );
 
+  await accessControlManager.giveCallPermission(
+    ethers.constants.AddressZero,
+    "setCloseFactor(uint256)",
+    poolRegistry.address,
+  );
+
   await accessControlManager.giveCallPermission(
     poolRegistry.address,
     "createRegistryPool(string,address,uint256,uint256,uint256,address,uint256,address)",