ACL refactor (#5)

* acl tests working

* added entityDeployer test

* refactored entity deployer and access control so that entity will deploy policies from now on (removed policy deployer as a result)

* entity and entity deployer tests working

* work towards policy tests

* tests working

* fix: yarn lockfile

* fix truffle config

* fix registry deployment code

* fix registry deployment code

* fix coverage of ACL

* refactor test events out of index.js

README.md

@@ -16,20 +16,20 @@ Then, using [truffle-contract](https://github.com/trufflesuite/truffle/tree/deve
 const promisify = require('es6-promisify')
 const TruffleContract = require('truffle-contract')
 const Web3 = require('web3')
-const { FUCDeployer } = require('@nayms/contracts')
+const { PolicyDeployer } = require('@nayms/contracts')
 
 async init = () => {
   const web3 = new Web3(/* ... */)
 
-  const contract = TruffleContract(FUCDeployer)
+  const contract = TruffleContract(PolicyDeployer)
   contract.setProvider(web3.currentProvider)
 
   const deployer = await contract.deployed()
 
-  // deploy a new FUC
+  // deploy a new Policy
   await deployer.deploy(/*...*/)
 
-  const events = await promisify(deployer.contract.getPastEvents, deployer.contract)('NewFUC')
+  const events = await promisify(deployer.contract.getPastEvents, deployer.contract)('NewPolicy')
 
   const { returnValues: { deployedAddress } } = events.pop()
 
@@ -43,18 +43,18 @@ parse logs for events:
 ```js
 // import the parser
 const { parseLog } = require('ethereum-event-logs')
-const { events: { NewFUC } } = require('@nayms/contracts')
+const { events: { NewPolicy } } = require('@nayms/contracts')
 
 const receipt = /* execute tx on chain and wait for receipt */
 
 // we can parse all events in the contract by passing through the ABI:
-const events = parseLog(receipt.logs, [ NewFUC ])
+const events = parseLog(receipt.logs, [ NewPolicy ])
 
 console.log(events)
 /*
   [
     {
-      name: 'NewFUC',
+      name: 'NewPolicy',
       address: '0x...',
       blockNumber: 123...,
       blockHash: '0x...',

contracts/Entity.sol

@@ -0,0 +1,22 @@
+pragma solidity >=0.5.8;
+
+import "./base/AccessControl.sol";
+import "./base/Proxy.sol";
+
+contract Entity is AccessControl, Proxy {
+  constructor (
+    address _acl,
+    address _entityImpl,
+    string memory _name
+  ) AccessControl(_acl) Proxy(_entityImpl) public {
+    dataString["name"] = _name;
+  }
+
+  function upgrade (address _implementation, bytes memory _sig) public assertIsAdmin {
+    address signer = getUpgradeSigner(_implementation, _sig);
+
+    require(hasRole(signer, ROLE_ENTITY_ADMIN), 'must be approved by entity admin');
+
+    setImplementation(_implementation);
+  }
+}

contracts/EntityDeployer.sol

@@ -0,0 +1,32 @@
+pragma solidity ^0.5.4;
+
+import './base/AccessControl.sol';
+import './base/EternalStorage.sol';
+import './base/Destructible.sol';
+import './base/IEntityDeployer.sol';
+import './Entity.sol';
+
+/**
+ * This is responsible for deploying a new Entity.
+ */
+contract EntityDeployer is EternalStorage, AccessControl, Destructible, IEntityDeployer {
+  /**
+   * Constructor
+   */
+  constructor (address _acl, address _entityImpl) Destructible(_acl) public {
+    dataAddress["implementation"] = _entityImpl;
+  }
+
+  /**
+   * @dev Deploy a new Entity.
+   */
+  function deploy(string memory _name) public assertIsAdmin {
+    Entity f = new Entity(
+      address(acl()),
+      dataAddress["implementation"],
+      _name
+    );
+
+    emit NewEntity(address(f), msg.sender);
+  }
+}

contracts/EntityImpl.sol

@@ -0,0 +1,70 @@
+pragma solidity >=0.5.8;
+
+import "./base/AccessControl.sol";
+import "./base/EternalStorage.sol";
+import "./base/IEntityImpl.sol";
+import "./Policy.sol";
+
+/**
+ * @dev Business-logic for Entity
+ */
+contract EntityImpl is EternalStorage, AccessControl, IEntityImpl, IProxyImpl {
+  /**
+   * Constructor
+   */
+  constructor (address _acl)
+    AccessControl(_acl)
+    public
+  {}
+
+  // IProxyImpl
+
+  function getImplementationVersion () public pure returns (string memory) {
+    return "v1";
+  }
+
+
+  // IEntityImpl - basic details
+
+  function setName (string memory _name)
+    public
+    assertInRoleGroup(ROLEGROUP_MANAGE_ENTITY)
+  {
+    dataString["name"] = _name;
+  }
+
+  function getName ()
+    public
+    view
+    returns (string memory)
+  {
+    return dataString["name"];
+  }
+
+  // IEntityImpl - policies
+
+  function createPolicy(address _impl, string memory _name)
+    public
+    assertInRoleGroup(ROLEGROUP_MANAGE_POLICY)
+  {
+    Policy f = new Policy(
+      address(acl()),
+      aclContext(),
+      _impl,
+      _name
+    );
+
+    dataAddress[string(abi.encodePacked("policy", dataUint256["numPolicies"]))] = address(f);
+    dataUint256["numPolicies"] = dataUint256["numPolicies"] + 1;
+
+    emit NewPolicy(address(f), address(this), msg.sender);
+  }
+
+  function getNumPolicies() public view returns (uint256) {
+    return dataUint256["numPolicies"];
+  }
+
+  function getPolicy(uint256 _index) public view returns (address) {
+    return dataAddress[string(abi.encodePacked("policy", _index))];
+  }
+}

contracts/Policy.sol

@@ -0,0 +1,26 @@
+pragma solidity >=0.5.8;
+
+import "./base/AccessControl.sol";
+import "./base/Proxy.sol";
+
+contract Policy is AccessControl, Proxy {
+  constructor (
+    address _acl,
+    string memory _entityContext,
+    address _policyImpl,
+    string memory _name
+  ) AccessControl(_acl) Proxy(_policyImpl) public {
+    dataString["entityContext"] = _entityContext;
+    dataString["name"] = _name;
+  }
+
+  function upgrade (address _implementation, bytes memory _assetMgrSig, bytes memory _clientMgrSig) public assertIsAdmin {
+    address assetMgr = getUpgradeSigner(_implementation, _assetMgrSig);
+    address clientMgr = getUpgradeSigner(_implementation, _clientMgrSig);
+
+    require(hasRole(assetMgr, ROLE_ASSET_MANAGER), 'must be approved by asset manager');
+    require(hasRole(clientMgr, ROLE_CLIENT_MANAGER), 'must be approved by client manager');
+
+    setImplementation(_implementation);
+  }
+}