Skip to content

Add AccessManagerEnumerable #6053

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Add AccessManagerEnumerable #6053

wants to merge 9 commits into from

Conversation

@ernestognw
Copy link
Member

@ernestognw ernestognw commented Nov 4, 2025

Testing how an AccessManagerEnumerable would look like

PR Checklist

  • Tests
  • Documentation
  • Changeset entry (run npx changeset add)

@ernestognw ernestognw requested a review from a team as a code owner November 4, 2025 17:36
@changeset-bot
Copy link

changeset-bot bot commented Nov 4, 2025
edited
Loading

🦋 Changeset detected

Latest commit: ece797a

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
openzeppelin-solidity Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 4, 2025

Walkthrough

Introduces a new abstract contract AccessManagerEnumerable that extends the AccessManager contract. The contract tracks role members by maintaining an EnumerableSet for each role. It overrides the _grantRole and _revokeRole internal methods to manage role member tracking. Two new public view functions are added: getRoleMembers to retrieve a paginated slice of addresses for a given role, and getRoleMemberCount to return the total member count for a role.

Suggested labels

ignore-changeset

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title 'Add AccessManagerEnumerable' clearly and concisely summarizes the main change: introduction of a new contract extension.
Description check ✅ Passed The description explains the purpose of the PR (testing a prototype) and references the PR checklist with pending items, which is related to the changeset.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Nov 4, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 04e683b and 4374b53.

📒 Files selected for processing (1)
  • contracts/access/manager/extensions/AccessManagerEnumerable.sol (1 hunks)
🧰 Additional context used
🧠 Learnings (1)
📓 Common learnings 
Learnt from: ernestognw
Repo: OpenZeppelin/openzeppelin-contracts PR: 5904
File: contracts/crosschain/README.adoc:1-1
Timestamp: 2025-08-28T15:48:30.716Z
Learning: ernestognw prefers "Cross chain" without hyphenation rather than "Cross-chain" in documentation titles.
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)
  • GitHub Check: tests
  • GitHub Check: tests-foundry
  • GitHub Check: tests-upgradeable
  • GitHub Check: coverage
  • GitHub Check: slither
  • GitHub Check: halmos
  • GitHub Check: Redirect rules - solidity-contracts
  • GitHub Check: Header rules - solidity-contracts
  • GitHub Check: Pages changed - solidity-contracts
🔇 Additional comments (2)
contracts/access/manager/extensions/AccessManagerEnumerable.sol (2)

25-31: The implementation is correct—all role revocation paths call _revokeRole.

Verification confirms:

  • revokeRole() → calls _revokeRole()
  • renounceRole() → calls _revokeRole()
  • cancel() → handles scheduled operation cancellation, not role revocation
  • No role expiration mechanism exists in the codebase
  • The enumerable override properly guards set removal with the return value from super._revokeRole()

No desynchronization risk exists.

Likely an incorrect or invalid review comment.

12-23: Clarify intent: should enumerable set track scheduled or only effective role grants?

The concern is partially valid. Analysis confirms:

  • getRoleMembers() includes accounts with scheduled grants (where since > now) that are not yet effective
  • hasRole() correctly returns false for these same accounts until the grant becomes effective
  • _revokeRole() is properly synchronized and removes accounts from the enumerable set

This creates an API inconsistency: getRoleMembers() and hasRole() disagree on whether an account "has" a role during the grantDelay window. This appears intentional but should be clarified:

  • Is getRoleMembers() meant to enumerate all grant holders (scheduled or effective)?
  • Should the docs explicitly explain this distinction?
  • Or should the enumerable set only track effective members?

@ernestognw ernestognw marked this pull request as draft November 4, 2025 17:48
@ernestognw ernestognw marked this pull request as ready for review November 10, 2025 14:59
@Amxx Amxx added this to the 5.6 milestone Nov 10, 2025
@Amxx Amxx requested a review from james-toussaint November 10, 2025 15:59
@ernestognw
Copy link
Member Author

ernestognw commented Nov 10, 2025

Related to #6091

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@james-toussaint james-toussaint Awaiting requested review from james-toussaint

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

5.6

Development

Successfully merging this pull request may close these issues.

2 participants

@ernestognw @Amxx