Fix #1585: Make whitelister role ownable and give the owner power to …

…remove all other whitelisters.
hardforkio · Jan 4, 2019 · a02d935 · a02d935
1 parent 63ce358
commit a02d935
Show file tree

Hide file tree

Showing 4 changed files with 1,661 additions and 1,622 deletions.
diff --git a/contracts/access/Roles.sol b/contracts/access/Roles.sol
@@ -7,6 +7,7 @@ pragma solidity ^0.4.24;
 library Roles {
     struct Role {
         mapping (address => bool) bearer;
+        address[] bearers;
     }
 
     /**
@@ -17,6 +18,7 @@ library Roles {
         require(!has(role, account));
 
         role.bearer[account] = true;
+        role.bearers.push(account);
     }
 
     /**
@@ -29,6 +31,18 @@ library Roles {
         role.bearer[account] = false;
     }
 
+    /**
+     * @dev remove access to this role for all other accounts
+     */
+    function removeAll(Role storage role, address account) internal {
+        require(account != address(0));
+        require(has(role, account));
+        for (uint i = 0; i < role.bearers.length; i++) {
+            role.bearer[role.bearers[i]] = false;
+        }
+        role.bearer[account] = true;
+    }
+
     /**
      * @dev check if an account has this role
      * @return bool

diff --git a/contracts/access/roles/WhitelisterRole.sol b/contracts/access/roles/WhitelisterRole.sol
@@ -1,12 +1,12 @@
 pragma solidity ^0.4.24;
 
 import "../Roles.sol";
-
+import "../../ownership/Ownable.sol";
 /**
  * @title WhitelisterRole
  * @dev Whitelisters are responsible for assigning and removing Whitelisted accounts.
  */
-contract WhitelisterRole {
+contract WhitelisterRole is Ownable {
     using Roles for Roles.Role;
 
     event WhitelisterAdded(address indexed account);
@@ -23,18 +23,32 @@ contract WhitelisterRole {
         _;
     }
 
+    modifier onlyAdmin() {
+        require(isWhitelister(msg.sender) || isOwner());
+        _;
+    }
+
     function isWhitelister(address account) public view returns (bool) {
         return _whitelisters.has(account);
     }
 
-    function addWhitelister(address account) public onlyWhitelister {
+    function addWhitelister(address account) public onlyAdmin {
         _addWhitelister(account);
     }
 
     function renounceWhitelister() public {
         _removeWhitelister(msg.sender);
     }
 
+    function transferOwnership(address newOwner) public onlyOwner {
+        _addWhitelister(newOwner);
+        Ownable.transferOwnership(newOwner);
+    }
+
+    function resetWhitelist() public onlyOwner {
+        _whitelisters.removeAll(owner());
+    }
+
     function _addWhitelister(address account) internal {
         _whitelisters.add(account);
         emit WhitelisterAdded(account);