diff --git a/src/plugins/session/ISessionKeyPlugin.sol b/src/plugins/session/ISessionKeyPlugin.sol index 3654550bf..a5270dfda 100644 --- a/src/plugins/session/ISessionKeyPlugin.sol +++ b/src/plugins/session/ISessionKeyPlugin.sol @@ -27,9 +27,11 @@ interface ISessionKeyPlugin { // Valid access control types for contract access control lists. enum ContractAccessControlType { - ALLOWLIST, // Allowlist is default + // Allowlist is default + ALLOWLIST, DENYLIST, - NONE + // Disables contract access control + ALLOW_ALL_ACCESS } // Struct returned by view functions to provide information about a session key's spend limit. diff --git a/test/plugin/session/SessionKeyPluginWithMultiOwner.t.sol b/test/plugin/session/SessionKeyPluginWithMultiOwner.t.sol index 96c1ae138..b614c046e 100644 --- a/test/plugin/session/SessionKeyPluginWithMultiOwner.t.sol +++ b/test/plugin/session/SessionKeyPluginWithMultiOwner.t.sol @@ -282,7 +282,8 @@ contract SessionKeyPluginWithMultiOwnerTest is Test { // Disable the allowlist and native token spend checking bytes[] memory permissionUpdates = new bytes[](2); permissionUpdates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); permissionUpdates[1] = abi.encodeCall(ISessionKeyPermissionsUpdates.setNativeTokenSpendLimit, (type(uint256).max, 0)); @@ -544,7 +545,8 @@ contract SessionKeyPluginWithMultiOwnerTest is Test { // To disable the allowlist and native token spend checking bytes[] memory permissionUpdates = new bytes[](2); permissionUpdates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); permissionUpdates[1] = abi.encodeCall(ISessionKeyPermissionsUpdates.setNativeTokenSpendLimit, (type(uint256).max, 0)); diff --git a/test/plugin/session/permissions/SessionKeyERC20SpendLimits.t.sol b/test/plugin/session/permissions/SessionKeyERC20SpendLimits.t.sol index 3d42de09f..c090aeda6 100644 --- a/test/plugin/session/permissions/SessionKeyERC20SpendLimits.t.sol +++ b/test/plugin/session/permissions/SessionKeyERC20SpendLimits.t.sol @@ -114,7 +114,8 @@ contract SessionKeyERC20SpendLimitsTest is Test { // Disable the allowlist bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); @@ -137,7 +138,7 @@ contract SessionKeyERC20SpendLimitsTest is Test { // correctly assertTrue( sessionKeyPlugin.getAccessControlType(address(account1), sessionKey1) - == ISessionKeyPlugin.ContractAccessControlType.NONE + == ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS ); } diff --git a/test/plugin/session/permissions/SessionKeyGasLimits.t.sol b/test/plugin/session/permissions/SessionKeyGasLimits.t.sol index 4111a1b1f..1ead5e0a1 100644 --- a/test/plugin/session/permissions/SessionKeyGasLimits.t.sol +++ b/test/plugin/session/permissions/SessionKeyGasLimits.t.sol @@ -104,7 +104,8 @@ contract SessionKeyGasLimitsTest is Test { bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); diff --git a/test/plugin/session/permissions/SessionKeyNativeTokenSpendLimits.t.sol b/test/plugin/session/permissions/SessionKeyNativeTokenSpendLimits.t.sol index 8c3a006dc..2c16762f7 100644 --- a/test/plugin/session/permissions/SessionKeyNativeTokenSpendLimits.t.sol +++ b/test/plugin/session/permissions/SessionKeyNativeTokenSpendLimits.t.sol @@ -110,7 +110,8 @@ contract SessionKeyNativeTokenSpendLimitsTest is Test { // Remove the allowlist bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); @@ -129,7 +130,7 @@ contract SessionKeyNativeTokenSpendLimitsTest is Test { // correctly assertTrue( sessionKeyPlugin.getAccessControlType(address(account1), sessionKey1) - == ISessionKeyPlugin.ContractAccessControlType.NONE + == ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS ); } diff --git a/test/plugin/session/permissions/SessionKeyPermissions.t.sol b/test/plugin/session/permissions/SessionKeyPermissions.t.sol index 45b995049..a6aebfdab 100644 --- a/test/plugin/session/permissions/SessionKeyPermissions.t.sol +++ b/test/plugin/session/permissions/SessionKeyPermissions.t.sol @@ -148,7 +148,8 @@ contract SessionKeyPermissionsTest is Test { // Remove the allowlist bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); @@ -369,7 +370,8 @@ contract SessionKeyPermissionsTest is Test { // Remove the default allowlist bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); @@ -458,7 +460,8 @@ contract SessionKeyPermissionsTest is Test { // Disable the allowlist and disable native token spend checking. bytes[] memory updates = new bytes[](2); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); updates[1] = abi.encodeCall(ISessionKeyPermissionsUpdates.setNativeTokenSpendLimit, (type(uint256).max, 0)); @@ -517,7 +520,8 @@ contract SessionKeyPermissionsTest is Test { // Disable the allowlist bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); @@ -598,7 +602,8 @@ contract SessionKeyPermissionsTest is Test { bytes[] memory updates = new bytes[](1); updates[0] = abi.encodeCall( - ISessionKeyPermissionsUpdates.setAccessListType, (ISessionKeyPlugin.ContractAccessControlType.NONE) + ISessionKeyPermissionsUpdates.setAccessListType, + (ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS) ); vm.prank(owner1); SessionKeyPlugin(address(account1)).updateKeyPermissions(sessionKey1, updates); @@ -608,7 +613,7 @@ contract SessionKeyPermissionsTest is Test { assertEq( uint8(accessControlType1), - uint8(ISessionKeyPlugin.ContractAccessControlType.NONE), + uint8(ISessionKeyPlugin.ContractAccessControlType.ALLOW_ALL_ACCESS), "sessionKey1 should now have no allowlist" ); assertEq(