Add back WhitelistedCrowdsale

contracts/access/roles/WhitelisteeRole.sol

@@ -0,0 +1,44 @@
+pragma solidity ^0.4.24;
+
+import "../Roles.sol";
+import "./WhitelisterRole.sol";
+
+contract WhitelisteeRole is WhitelisterRole {
+    using Roles for Roles.Role;
+
+    event WhitelisteeAdded(address indexed account);
+    event WhitelisteeRemoved(address indexed account);
+
+    Roles.Role private _whitelistees;
+
+    modifier onlyWhitelistee() {
+        require(isWhitelistee(msg.sender));
+        _;
+    }
+
+    function isWhitelistee(address account) public view returns (bool) {
+        return _whitelistees.has(account);
+    }
+
+    function addWhitelistee(address account) public onlyWhitelister {
+        _addWhitelistee(account);
+    }
+
+    function removeWhitelistee(address account) public onlyWhitelister {
+        _removeWhitelistee(account);
+    }
+
+    function renounceWhitelistee() public {
+        _removeWhitelistee(msg.sender);
+    }
+
+    function _addWhitelistee(address account) internal {
+        _whitelistees.add(account);
+        emit WhitelisteeAdded(account);
+    }
+
+    function _removeWhitelistee(address account) internal {
+        _whitelistees.remove(account);
+        emit WhitelisteeRemoved(account);
+    }
+}

contracts/access/roles/WhitelisterRole.sol

@@ -0,0 +1,43 @@
+pragma solidity ^0.4.24;
+
+import "../Roles.sol";
+
+contract WhitelisterRole {
+    using Roles for Roles.Role;
+
+    event WhitelisterAdded(address indexed account);
+    event WhitelisterRemoved(address indexed account);
+
+    Roles.Role private _whitelisters;
+
+    constructor () internal {
+        _addWhitelister(msg.sender);
+    }
+
+    modifier onlyWhitelister() {
+        require(isWhitelister(msg.sender));
+        _;
+    }
+
+    function isWhitelister(address account) public view returns (bool) {
+        return _whitelisters.has(account);
+    }
+
+    function addWhitelister(address account) public onlyWhitelister {
+        _addWhitelister(account);
+    }
+
+    function renounceWhitelister() public {
+        _removeWhitelister(msg.sender);
+    }
+
+    function _addWhitelister(address account) internal {
+        _whitelisters.add(account);
+        emit WhitelisterAdded(account);
+    }
+
+    function _removeWhitelister(address account) internal {
+        _whitelisters.remove(account);
+        emit WhitelisterRemoved(account);
+    }
+}

contracts/crowdsale/validation/WhitelistedCrowdsale.sol

@@ -0,0 +1,21 @@
+pragma solidity ^0.4.24;
+import "../Crowdsale.sol";
+import "../../access/roles/WhitelisteeRole.sol";
+
+
+/**
+ * @title WhitelistedCrowdsale
+ * @dev Crowdsale in which only whitelisted users can contribute.
+ */
+contract WhitelistedCrowdsale is WhitelisteeRole, Crowdsale {
+    /**
+    * @dev Extend parent behavior requiring beneficiary to be whitelisted. Note that no
+    * restriction is imposed on the account sending the transaction.
+    * @param _beneficiary Token beneficiary
+    * @param _weiAmount Amount of wei contributed
+    */
+    function _preValidatePurchase(address _beneficiary, uint256 _weiAmount) internal view {
+        require(isWhitelistee(_beneficiary));
+        super._preValidatePurchase(_beneficiary, _weiAmount);
+    }
+}

contracts/mocks/WhitelistedCrowdsaleImpl.sol

@@ -0,0 +1,10 @@
+pragma solidity ^0.4.24;
+
+import "../token/ERC20/IERC20.sol";
+import "../crowdsale/validation/WhitelistedCrowdsale.sol";
+import "../crowdsale/Crowdsale.sol";
+
+
+contract WhitelistedCrowdsaleImpl is Crowdsale, WhitelistedCrowdsale {
+    constructor (uint256 _rate, address _wallet, IERC20 _token) Crowdsale(_rate, _wallet, _token) public {}
+}

contracts/mocks/WhitelisteeRoleMock.sol

@@ -0,0 +1,8 @@
+pragma solidity ^0.4.24;
+
+import "../access/roles/WhitelisteeRole.sol";
+
+contract WhitelisteeRoleMock is WhitelisteeRole {
+    function onlyWhitelisteeMock() public view onlyWhitelistee {
+    }
+}

contracts/mocks/WhitelisterRoleMock.sol

@@ -0,0 +1,17 @@
+pragma solidity ^0.4.24;
+
+import "../access/roles/WhitelisterRole.sol";
+
+contract WhitelisterRoleMock is WhitelisterRole {
+    function removeWhitelister(address account) public {
+        _removeWhitelister(account);
+    }
+
+    function onlyWhitelisterMock() public view onlyWhitelister {
+    }
+
+    // Causes a compilation error if super._removeWhitelister is not internal
+    function _removeWhitelister(address account) internal {
+        super._removeWhitelister(account);
+    }
+}

test/access/roles/PublicRole.behavior.js

@@ -9,7 +9,7 @@ function capitalize (str) {
   return str.replace(/\b\w/g, l => l.toUpperCase());
 }
 
-function shouldBehaveLikePublicRole (authorized, otherAuthorized, [anyone], rolename) {
+function shouldBehaveLikePublicRole (authorized, otherAuthorized, [anyone], rolename, manager) {
   rolename = capitalize(rolename);
 
   describe('should behave like public role', function () {
@@ -19,11 +19,13 @@ function shouldBehaveLikePublicRole (authorized, otherAuthorized, [anyone], role
       (await this.contract[`is${rolename}`](anyone)).should.equal(false);
     });
 
-    it('emits events during construction', async function () {
-      await expectEvent.inConstruction(this.contract, `${rolename}Added`, {
-        account: authorized,
+    if (!manager) { // Managed roles are only assigned by the manager, and none are set at construction
+      it('emits events during construction', async function () {
+        await expectEvent.inConstruction(this.contract, `${rolename}Added`, {
+          account: authorized,
+        });
       });
-    });
+    }
 
     it('reverts when querying roles for the null account', async function () {
       await shouldFail.reverting(this.contract[`is${rolename}`](ZERO_ADDRESS));
@@ -48,43 +50,51 @@ function shouldBehaveLikePublicRole (authorized, otherAuthorized, [anyone], role
     });
 
     describe('add', function () {
-      it('adds role to a new account', async function () {
-        await this.contract[`add${rolename}`](anyone, { from: authorized });
-        (await this.contract[`is${rolename}`](anyone)).should.equal(true);
-      });
+      const from = manager || authorized;
 
-      it(`emits a ${rolename}Added event`, async function () {
-        const { logs } = await this.contract[`add${rolename}`](anyone, { from: authorized });
-        expectEvent.inLogs(logs, `${rolename}Added`, { account: anyone });
-      });
+      context(`from ${manager ? 'the manager' : 'a role-haver'} account`, function () {
+        it('adds role to a new account', async function () {
+          await this.contract[`add${rolename}`](anyone, { from });
+          (await this.contract[`is${rolename}`](anyone)).should.equal(true);
+        });
 
-      it('reverts when adding role to an already assigned account', async function () {
-        await shouldFail.reverting(this.contract[`add${rolename}`](authorized, { from: authorized }));
-      });
+        it(`emits a ${rolename}Added event`, async function () {
+          const { logs } = await this.contract[`add${rolename}`](anyone, { from });
+          expectEvent.inLogs(logs, `${rolename}Added`, { account: anyone });
+        });
+
+        it('reverts when adding role to an already assigned account', async function () {
+          await shouldFail.reverting(this.contract[`add${rolename}`](authorized, { from }));
+        });
 
-      it('reverts when adding role to the null account', async function () {
-        await shouldFail.reverting(this.contract[`add${rolename}`](ZERO_ADDRESS, { from: authorized }));
+        it('reverts when adding role to the null account', async function () {
+          await shouldFail.reverting(this.contract[`add${rolename}`](ZERO_ADDRESS, { from }));
+        });
       });
     });
 
     describe('remove', function () {
-      it('removes role from an already assigned account', async function () {
-        await this.contract[`remove${rolename}`](authorized);
-        (await this.contract[`is${rolename}`](authorized)).should.equal(false);
-        (await this.contract[`is${rolename}`](otherAuthorized)).should.equal(true);
-      });
+      const from = manager || anyone; // Non-managed roles have no restrictions on the mocked 'remove' function
 
-      it(`emits a ${rolename}Removed event`, async function () {
-        const { logs } = await this.contract[`remove${rolename}`](authorized);
-        expectEvent.inLogs(logs, `${rolename}Removed`, { account: authorized });
-      });
+      context(`from ${manager ? 'the manager' : 'any'} account`, function () {
+        it('removes role from an already assigned account', async function () {
+          await this.contract[`remove${rolename}`](authorized, { from });
+          (await this.contract[`is${rolename}`](authorized)).should.equal(false);
+          (await this.contract[`is${rolename}`](otherAuthorized)).should.equal(true);
+        });
 
-      it('reverts when removing from an unassigned account', async function () {
-        await shouldFail.reverting(this.contract[`remove${rolename}`](anyone));
-      });
+        it(`emits a ${rolename}Removed event`, async function () {
+          const { logs } = await this.contract[`remove${rolename}`](authorized, { from });
+          expectEvent.inLogs(logs, `${rolename}Removed`, { account: authorized });
+        });
 
-      it('reverts when removing role from the null account', async function () {
-        await shouldFail.reverting(this.contract[`remove${rolename}`](ZERO_ADDRESS));
+        it('reverts when removing from an unassigned account', async function () {
+          await shouldFail.reverting(this.contract[`remove${rolename}`](anyone), { from });
+        });
+
+        it('reverts when removing role from the null account', async function () {
+          await shouldFail.reverting(this.contract[`remove${rolename}`](ZERO_ADDRESS), { from });
+        });
       });
     });
 

test/access/roles/WhitelisteeRole.test.js

@@ -0,0 +1,12 @@
+const { shouldBehaveLikePublicRole } = require('../../access/roles/PublicRole.behavior');
+const WhitelisteeRoleMock = artifacts.require('WhitelisteeRoleMock');
+
+contract('WhitelisteeRole', function ([_, whitelistee, otherWhitelistee, whitelister, ...otherAccounts]) {
+  beforeEach(async function () {
+    this.contract = await WhitelisteeRoleMock.new({ from: whitelister });
+    await this.contract.addWhitelistee(whitelistee, { from: whitelister });
+    await this.contract.addWhitelistee(otherWhitelistee, { from: whitelister });
+  });
+
+  shouldBehaveLikePublicRole(whitelistee, otherWhitelistee, otherAccounts, 'whitelistee', whitelister);
+});

test/access/roles/WhitelisterRole.test.js

@@ -0,0 +1,11 @@
+const { shouldBehaveLikePublicRole } = require('../../access/roles/PublicRole.behavior');
+const WhitelisterRoleMock = artifacts.require('WhitelisterRoleMock');
+
+contract('WhitelisterRole', function ([_, whitelister, otherWhitelister, ...otherAccounts]) {
+  beforeEach(async function () {
+    this.contract = await WhitelisterRoleMock.new({ from: whitelister });
+    await this.contract.addWhitelister(otherWhitelister, { from: whitelister });
+  });
+
+  shouldBehaveLikePublicRole(whitelister, otherWhitelister, otherAccounts, 'whitelister');
+});

test/crowdsale/WhitelistedCrowdsale.test.js

@@ -0,0 +1,59 @@
+const { ether } = require('../helpers/ether');
+const shouldFail = require('../helpers/shouldFail');
+
+const BigNumber = web3.BigNumber;
+
+require('chai')
+  .should();
+
+const WhitelistedCrowdsale = artifacts.require('WhitelistedCrowdsaleImpl');
+const SimpleToken = artifacts.require('SimpleToken');
+
+contract('WhitelistedCrowdsale', function ([_, wallet, whitelister, whitelistee, otherWhitelistee, anyone]) {
+  const rate = 1;
+  const value = ether(42);
+  const tokenSupply = new BigNumber('1e22');
+
+  beforeEach(async function () {
+    this.token = await SimpleToken.new({ from: whitelister });
+    this.crowdsale = await WhitelistedCrowdsale.new(rate, wallet, this.token.address, { from: whitelister });
+    await this.token.transfer(this.crowdsale.address, tokenSupply, { from: whitelister });
+  });
+
+  async function purchaseShouldSucceed (crowdsale, beneficiary, value) {
+    await crowdsale.buyTokens(beneficiary, { from: beneficiary, value });
+    await crowdsale.sendTransaction({ from: beneficiary, value });
+  }
+
+  async function purchaseShouldFail (crowdsale, beneficiary, value) {
+    await shouldFail.reverting(crowdsale.buyTokens(beneficiary, { from: beneficiary, value }));
+    await shouldFail.reverting(crowdsale.sendTransaction({ from: beneficiary, value }));
+  }
+
+  context('with no whitelisted addresses', function () {
+    it('rejects all purchases', async function () {
+      await purchaseShouldFail(this.crowdsale, anyone, value);
+      await purchaseShouldFail(this.crowdsale, whitelistee, value);
+    });
+  });
+
+  context('with whitelited addresses', function () {
+    beforeEach(async function () {
+      await this.crowdsale.addWhitelistee(whitelistee, { from: whitelister });
+      await this.crowdsale.addWhitelistee(otherWhitelistee, { from: whitelister });
+    });
+
+    it('accepts purchases with whitelisted beneficiaries', async function () {
+      await purchaseShouldSucceed(this.crowdsale, whitelistee, value);
+      await purchaseShouldSucceed(this.crowdsale, otherWhitelistee, value);
+    });
+
+    it('rejects purchases from whitelisted addresses with un-whitelisted beneficiaries', async function () {
+      await shouldFail(this.crowdsale.buyTokens(anyone, { from: whitelistee, value }));
+    });
+
+    it('rejects purchases with whitelisted beneficiaries', async function () {
+      await purchaseShouldFail(this.crowdsale, anyone, value);
+    });
+  });
+});