[PDE-384] add MANAGER_ROLE to AggregateToken

nest/src/AggregateToken.sol

@@ -47,6 +47,8 @@ contract AggregateToken is ComponentToken, IAggregateToken, ERC1155Holder {
 
     /// @notice Role for the price updater of the AggregateToken
     bytes32 public constant PRICE_UPDATER_ROLE = keccak256("PRICE_UPDATER_ROLE");
+    /// @notice Role for the manager of the AggregateToken
+    bytes32 public constant MANAGER_ROLE = keccak256("MANAGER_ROLE");
 
     // Events
 
@@ -256,14 +258,14 @@ contract AggregateToken is ComponentToken, IAggregateToken, ERC1155Holder {
 
     /**
      * @notice Approve the given ComponentToken to spend the given amount of `asset`
-     * @dev Only the owner can call this function
+     * @dev Only the manager can call this function
      * @param componentToken ComponentToken to approve
      * @param amount Amount of `asset` to approve
      */
     function approveComponentToken(
         IComponentToken componentToken,
         uint256 amount
-    ) external nonReentrant onlyRole(ADMIN_ROLE) {
+    ) external nonReentrant onlyRole(MANAGER_ROLE) {
         // Verify the componentToken is in componentTokenMap
         if (!_getAggregateTokenStorage().componentTokenMap[componentToken]) {
             revert ComponentTokenNotListed(componentToken);
@@ -325,15 +327,15 @@ contract AggregateToken is ComponentToken, IAggregateToken, ERC1155Holder {
 
     /**
      * @notice Buy ComponentToken using `asset`
-     * @dev Only the owner can call this function, will revert if
+     * @dev Only the manager can call this function, will revert if
      *   the AggregateToken does not have enough `asset` to buy the ComponentToken
      * @param componentToken ComponentToken to buy
      * @param assets Amount of `asset` to pay to receive the ComponentToken
      */
     function buyComponentToken(
         IComponentToken componentToken,
         uint256 assets
-    ) public nonReentrant onlyRole(ADMIN_ROLE) {
+    ) public nonReentrant onlyRole(MANAGER_ROLE) {
         AggregateTokenStorage storage $ = _getAggregateTokenStorage();
 
         if (!$.componentTokenMap[componentToken]) {
@@ -348,45 +350,45 @@ contract AggregateToken is ComponentToken, IAggregateToken, ERC1155Holder {
 
     /**
      * @notice Sell ComponentToken to receive `asset`
-     * @dev Only the owner can call this function, will revert if
+     * @dev Only the manager can call this function, will revert if
      *   the ComponentToken does not have enough `asset` to sell to the AggregateToken
      * @param componentToken ComponentToken to sell
      * @param componentTokenAmount Amount of ComponentToken to sell
      */
     function sellComponentToken(
         IComponentToken componentToken,
         uint256 componentTokenAmount
-    ) public nonReentrant onlyRole(ADMIN_ROLE) {
+    ) public nonReentrant onlyRole(MANAGER_ROLE) {
         uint256 assets = componentToken.redeem(componentTokenAmount, address(this), address(this));
         emit ComponentTokenSold(msg.sender, componentToken, componentTokenAmount, assets);
     }
 
     /**
      * @notice Request to buy ComponentToken.
-     * @dev Only the owner can call this function. This function requests the purchase of ComponentToken, which will be
-     * processed later.
+     * @dev Only the manager can call this function. This function requests
+     * the purchase of ComponentToken, which will be processed later.
      * @param componentToken ComponentToken to buy
      * @param assets Amount of `asset` to pay to receive the ComponentToken
      */
     function requestBuyComponentToken(
         IComponentToken componentToken,
         uint256 assets
-    ) public nonReentrant onlyRole(ADMIN_ROLE) {
+    ) public nonReentrant onlyRole(MANAGER_ROLE) {
         uint256 requestId = componentToken.requestDeposit(assets, address(this), address(this));
         emit ComponentTokenBuyRequested(msg.sender, componentToken, assets, requestId);
     }
 
     /**
      * @notice Request to sell ComponentToken.
-     * @dev Only the owner can call this function. This function requests the sale of ComponentToken, which will be
-     * processed later.
+     * @dev Only the manager can call this function. This function requests 
+     * the sale of ComponentToken, which will be processed later.
      * @param componentToken ComponentToken to sell
      * @param componentTokenAmount Amount of ComponentToken to sell
      */
     function requestSellComponentToken(
         IComponentToken componentToken,
         uint256 componentTokenAmount
-    ) public nonReentrant onlyRole(ADMIN_ROLE) {
+    ) public nonReentrant onlyRole(MANAGER_ROLE) {
         uint256 requestId = componentToken.requestRedeem(componentTokenAmount, address(this), address(this));
         emit ComponentTokenSellRequested(msg.sender, componentToken, componentTokenAmount, requestId);
     }

nest/src/mocks/MockInvalidToken.sol

@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.25;
+
+import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+
+contract MockInvalidToken is ERC20 {
+
+    constructor() ERC20("Invalid Token", "INVALID") {
+        _mint(msg.sender, 1_000_000 * 10 ** decimals());
+    }
+
+    function decimals() public pure override returns (uint8) {
+        return 12; // Different from USDC's 6 decimals
+    }
+
+    function mint(address to, uint256 amount) external {
+        _mint(to, amount);
+    }
+
+}

nest/test/pUSD.t.sol

@@ -17,6 +17,7 @@ import { ITeller } from "../src/interfaces/ITeller.sol";
 
 import { MockAccountantWithRateProviders } from "../src/mocks/MockAccountantWithRateProviders.sol";
 import { MockAtomicQueue } from "../src/mocks/MockAtomicQueue.sol";
+import { MockInvalidToken } from "../src/mocks/MockInvalidToken.sol";
 import { MockLens } from "../src/mocks/MockLens.sol";
 import { MockTeller } from "../src/mocks/MockTeller.sol";
 import { MockUSDC } from "../src/mocks/MockUSDC.sol";
@@ -27,11 +28,6 @@ import { pUSDProxy } from "../src/proxy/pUSDProxy.sol";
 import { BoringVaultAdapter } from "../src/token/BoringVaultAdapter.sol";
 import { pUSD } from "../src/token/pUSD.sol";
 
-// Mock contract for testing invalid asset
-contract MockInvalidToken {
-// Deliberately missing functions to make it invalid
-}
-
 contract MockInvalidVault {
 
     // Empty contract that will fail when trying to call decimals()