test _checkRole revert message

OpenZeppelin · Mar 23, 2021 · 8d34329 · 8d34329
1 parent bd43a98
commit 8d34329
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 6 deletions.
diff --git a/contracts/access/AccessControl.sol b/contracts/access/AccessControl.sol
@@ -119,7 +119,7 @@ abstract contract AccessControl is Context, IAccessControl, ERC165 {
     /**
      * @dev Revert with a standard message if `account` is missing `role`.
      */
-    function _checkRole(bytes32 role, address account) public view {
+    function _checkRole(bytes32 role, address account) internal view {
         require(
             hasRole(role, account),
             string(abi.encodePacked(

diff --git a/contracts/mocks/AccessControlMock.sol b/contracts/mocks/AccessControlMock.sol
@@ -12,4 +12,6 @@ contract AccessControlMock is AccessControl {
     function setRoleAdmin(bytes32 roleId, bytes32 adminRoleId) public {
         _setRoleAdmin(roleId, adminRoleId);
     }
+
+    function senderProtected(bytes32 roleId) public onlySenderWithRole(roleId) {}
 }
diff --git a/test/access/AccessControl.behavior.js b/test/access/AccessControl.behavior.js
@@ -25,11 +25,8 @@ function shouldBehaveLikeAccessControl (errorPrefix, admin, authorized, other, o
   });
 
   describe('granting', function () {
-    it('admin can grant role to other accounts', async function () {
-      const receipt = await this.accessControl.grantRole(ROLE, authorized, { from: admin });
-      expectEvent(receipt, 'RoleGranted', { account: authorized, role: ROLE, sender: admin });
-
-      expect(await this.accessControl.hasRole(ROLE, authorized)).to.equal(true);
+    beforeEach(async function () {
+      await this.accessControl.grantRole(ROLE, authorized, { from: admin });
     });
 
     it('non-admin cannot grant role to other accounts', async function () {
@@ -157,6 +154,30 @@ function shouldBehaveLikeAccessControl (errorPrefix, admin, authorized, other, o
       );
     });
   });
+
+  describe('onlySenderWithRole modifier', function () {
+    beforeEach(async function () {
+      await this.accessControl.grantRole(ROLE, authorized, { from: admin });
+    });
+
+    it('do not revert if sender has role', async function () {
+      await this.accessControl.senderProtected(ROLE, { from: authorized });
+    });
+
+    it('revert if sender doesn\'t have role #1', async function () {
+      await expectRevert(
+        this.accessControl.senderProtected(ROLE, { from: other }),
+        `AccessControl: account ${other.toLowerCase()} is missing role ${ROLE}`,
+      );
+    });
+
+    it('revert if sender doesn\'t have role #2', async function () {
+      await expectRevert(
+        this.accessControl.senderProtected(OTHER_ROLE, { from: authorized }),
+        `AccessControl: account ${authorized.toLowerCase()} is missing role ${OTHER_ROLE}`,
+      );
+    });
+  });
 }
 
 function shouldBehaveLikeAccessControlEnumerable (errorPrefix, admin, authorized, other, otherAdmin, otherAuthorized) {