diff --git a/contracts/token/ERC20/ERC1400ERC20.sol b/contracts/token/ERC20/ERC1400ERC20.sol index f60a1929..a4ab5a06 100644 --- a/contracts/token/ERC20/ERC1400ERC20.sol +++ b/contracts/token/ERC20/ERC1400ERC20.sol @@ -210,7 +210,8 @@ contract ERC1400ERC20 is IERC20, ERC1400 { * @param tokenHolder Address to add/remove from whitelist. * @param authorized 'true' if tokenHolder shall be added to whitelist, 'false' if not. */ - function setWhitelisted(address tokenHolder, bool authorized) external onlyOwner { + function setWhitelisted(address tokenHolder, bool authorized) external { + require(_isController[msg.sender]); _setWhitelisted(tokenHolder, authorized); } diff --git a/contracts/token/ERC20/ERC1400RawERC20.sol b/contracts/token/ERC20/ERC1400RawERC20.sol index 6cb5ddc6..4d96c632 100644 --- a/contracts/token/ERC20/ERC1400RawERC20.sol +++ b/contracts/token/ERC20/ERC1400RawERC20.sol @@ -209,7 +209,8 @@ contract ERC1400RawERC20 is IERC20, ERC1400RawIssuable { * @param tokenHolder Address to add/remove from whitelist. * @param authorized 'true' if tokenHolder shall be added to whitelist, 'false' if not. */ - function setWhitelisted(address tokenHolder, bool authorized) external onlyOwner { + function setWhitelisted(address tokenHolder, bool authorized) external { + require(_isController[msg.sender]); _setWhitelisted(tokenHolder, authorized); } diff --git a/test/ERC1400ERC20.test.js b/test/ERC1400ERC20.test.js index da5930e5..ca7d92db 100644 --- a/test/ERC1400ERC20.test.js +++ b/test/ERC1400ERC20.test.js @@ -62,23 +62,23 @@ contract('ERC1400ERC20', function ([owner, operator, controller, tokenHolder, re // SETWHITELISTED describe('setWhitelisted', function () { - describe('when sender is the contract owner', function () { + describe('when sender is a controller', function () { describe('when targeted address is not the zero address', function () { it('adds/removes the address from whitelist', async function () { assert(!(await this.token.whitelisted(tokenHolder))); - await this.token.setWhitelisted(tokenHolder, true, { from: owner }); + await this.token.setWhitelisted(tokenHolder, true, { from: controller }); assert(await this.token.whitelisted(tokenHolder)); - await this.token.setWhitelisted(tokenHolder, false, { from: owner }); + await this.token.setWhitelisted(tokenHolder, false, { from: controller }); assert(!(await this.token.whitelisted(tokenHolder))); }); }); describe('when targeted address is the zero address', function () { it('reverts', async function () { - await shouldFail.reverting(this.token.setWhitelisted(ZERO_ADDRESS, true, { from: owner })); + await shouldFail.reverting(this.token.setWhitelisted(ZERO_ADDRESS, true, { from: controller })); }); }); }); - describe('when sender is not the contract owner', function () { + describe('when sender is not a controller', function () { it('reverts', async function () { await shouldFail.reverting(this.token.setWhitelisted(tokenHolder, true, { from: unknown })); }); @@ -259,8 +259,8 @@ contract('ERC1400ERC20', function ([owner, operator, controller, tokenHolder, re describe('transfer', function () { const to = recipient; beforeEach(async function () { - await this.token.setWhitelisted(tokenHolder, true, { from: owner }); - await this.token.setWhitelisted(to, true, { from: owner }); + await this.token.setWhitelisted(tokenHolder, true, { from: controller }); + await this.token.setWhitelisted(to, true, { from: controller }); await this.token.issueByPartition(partition1, tokenHolder, issuanceAmount, VALID_CERTIFICATE, { from: owner }); }); @@ -338,7 +338,7 @@ contract('ERC1400ERC20', function ([owner, operator, controller, tokenHolder, re const amount = issuanceAmount; it('reverts', async function () { - await this.token.setWhitelisted(tokenHolder, false, { from: owner }); + await this.token.setWhitelisted(tokenHolder, false, { from: controller }); await shouldFail.reverting(this.token.transfer(to, amount, { from: tokenHolder })); }); }); @@ -346,7 +346,7 @@ contract('ERC1400ERC20', function ([owner, operator, controller, tokenHolder, re const amount = issuanceAmount; it('reverts', async function () { - await this.token.setWhitelisted(to, false, { from: owner }); + await this.token.setWhitelisted(to, false, { from: controller }); await shouldFail.reverting(this.token.transfer(to, amount, { from: tokenHolder })); }); }); @@ -358,8 +358,8 @@ contract('ERC1400ERC20', function ([owner, operator, controller, tokenHolder, re const to = recipient; const approvedAmount = 10000; beforeEach(async function () { - await this.token.setWhitelisted(tokenHolder, true, { from: owner }); - await this.token.setWhitelisted(to, true, { from: owner }); + await this.token.setWhitelisted(tokenHolder, true, { from: controller }); + await this.token.setWhitelisted(to, true, { from: controller }); await this.token.issueByPartition(partition1, tokenHolder, issuanceAmount, VALID_CERTIFICATE, { from: owner }); }); @@ -465,14 +465,14 @@ contract('ERC1400ERC20', function ([owner, operator, controller, tokenHolder, re describe('when the sender is not whitelisted', function () { const amount = approvedAmount; it('reverts', async function () { - await this.token.setWhitelisted(tokenHolder, false, { from: owner }); + await this.token.setWhitelisted(tokenHolder, false, { from: controller }); await shouldFail.reverting(this.token.transferFrom(tokenHolder, to, amount, { from: operator })); }); }); describe('when the recipient is not whitelisted', function () { const amount = approvedAmount; it('reverts', async function () { - await this.token.setWhitelisted(to, false, { from: owner }); + await this.token.setWhitelisted(to, false, { from: controller }); await shouldFail.reverting(this.token.transferFrom(tokenHolder, to, amount, { from: operator })); }); }); diff --git a/test/ERC1400RawERC20.test.js b/test/ERC1400RawERC20.test.js index c89881cf..12dac1c8 100644 --- a/test/ERC1400RawERC20.test.js +++ b/test/ERC1400RawERC20.test.js @@ -22,23 +22,23 @@ contract('ERC1400RawERC20', function ([owner, operator, controller, tokenHolder, // SETWHITELISTED describe('setWhitelisted', function () { - describe('when sender is the contract owner', function () { + describe('when sender is a controller', function () { describe('when targeted address is not the zero address', function () { it('adds/removes the address from whitelist', async function () { assert(!(await this.token.whitelisted(tokenHolder))); - await this.token.setWhitelisted(tokenHolder, true, { from: owner }); + await this.token.setWhitelisted(tokenHolder, true, { from: controller }); assert(await this.token.whitelisted(tokenHolder)); - await this.token.setWhitelisted(tokenHolder, false, { from: owner }); + await this.token.setWhitelisted(tokenHolder, false, { from: controller }); assert(!(await this.token.whitelisted(tokenHolder))); }); }); describe('when targeted address is the zero address', function () { it('reverts', async function () { - await shouldFail.reverting(this.token.setWhitelisted(ZERO_ADDRESS, true, { from: owner })); + await shouldFail.reverting(this.token.setWhitelisted(ZERO_ADDRESS, true, { from: controller })); }); }); }); - describe('when sender is not the contract owner', function () { + describe('when sender is not a controller', function () { it('reverts', async function () { await shouldFail.reverting(this.token.setWhitelisted(tokenHolder, true, { from: unknown })); }); @@ -213,8 +213,8 @@ contract('ERC1400RawERC20', function ([owner, operator, controller, tokenHolder, const to = recipient; beforeEach(async function () { await this.token.issue(tokenHolder, initialSupply, VALID_CERTIFICATE, { from: owner }); - await this.token.setWhitelisted(tokenHolder, true, { from: owner }); - await this.token.setWhitelisted(to, true, { from: owner }); + await this.token.setWhitelisted(tokenHolder, true, { from: controller }); + await this.token.setWhitelisted(to, true, { from: controller }); }); describe('when the sender and the recipient are whitelisted', function () { @@ -281,7 +281,7 @@ contract('ERC1400RawERC20', function ([owner, operator, controller, tokenHolder, const amount = initialSupply; it('reverts', async function () { - await this.token.setWhitelisted(tokenHolder, false, { from: owner }); + await this.token.setWhitelisted(tokenHolder, false, { from: controller }); await shouldFail.reverting(this.token.transfer(to, amount, { from: tokenHolder })); }); }); @@ -289,7 +289,7 @@ contract('ERC1400RawERC20', function ([owner, operator, controller, tokenHolder, const amount = initialSupply; it('reverts', async function () { - await this.token.setWhitelisted(to, false, { from: owner }); + await this.token.setWhitelisted(to, false, { from: controller }); await shouldFail.reverting(this.token.transfer(to, amount, { from: tokenHolder })); }); }); @@ -302,8 +302,8 @@ contract('ERC1400RawERC20', function ([owner, operator, controller, tokenHolder, const approvedAmount = 10000; beforeEach(async function () { await this.token.issue(tokenHolder, initialSupply, VALID_CERTIFICATE, { from: owner }); - await this.token.setWhitelisted(tokenHolder, true, { from: owner }); - await this.token.setWhitelisted(to, true, { from: owner }); + await this.token.setWhitelisted(tokenHolder, true, { from: controller }); + await this.token.setWhitelisted(to, true, { from: controller }); }); describe('when the recipient is whitelisted', function () { @@ -398,7 +398,7 @@ contract('ERC1400RawERC20', function ([owner, operator, controller, tokenHolder, describe('when the recipient is not whitelisted', function () { const amount = approvedAmount; it('reverts', async function () { - await this.token.setWhitelisted(to, false, { from: owner }); + await this.token.setWhitelisted(to, false, { from: controller }); await shouldFail.reverting(this.token.transferFrom(tokenHolder, to, amount, { from: operator })); }); });