docs: add migration guide for AccessControlDefaultAdminRules

[JunaidCD]

Resolves an audit finding suggesting more prominent documentation and migration guides for existing contracts regarding the use of AccessControlDefaultAdminRules to secure DEFAULT_ADMIN_ROLE.

Fixes #6413

Changes Introduced

• Added a Migrating to AccessControlDefaultAdminRules section to docs/modules/ROOT/pages/access-control.adoc.
• Clarified that AccessControlDefaultAdminRules requires inheritance and provided an example on how to migrate for new or un-deployed contracts.
• Added a warning explicitly advising already-deployed contracts against attempting retroactive additions, and pointing them instead to AccessManager or TimelockController.

PR Checklist

• Tests
• Documentation
• Changeset entry (run npx changeset add)

[changeset-bot]

⚠️ No Changeset found

Latest commit: f4b8522

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 4dd92e41-5706-4579-8b50-a677615e09be

📥 Commits

Reviewing files that changed from the base of the PR and between 9cfdccd and f4b8522.

📒 Files selected for processing (1)

• docs/modules/ROOT/pages/access-control.adoc

---

Walkthrough

Documentation was added to the access control module describing migration from AccessControl to AccessControlDefaultAdminRules. The new section provides guidance for new or un-deployed contracts, includes a Solidity code example demonstrating the constructor call with an initial delay period and default admin assignment, and adds a note explaining why this approach cannot be retroactively applied to already-deployed non-upgradeable contracts. The section also directs readers to alternative approaches for existing deployments.

Suggested labels

ignore-changeset

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: adding a migration guide for AccessControlDefaultAdminRules to the documentation.
Description check	✅ Passed	The description is directly related to the changeset, explaining the audit finding, the section added, clarifications provided, and warnings included for deployed contracts.
Linked Issues check	✅ Passed	The PR fully addresses issue #6413 by adding prominent documentation, providing migration guidance for new contracts, and warning against retroactive changes to deployed contracts.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to the documentation requirements in issue #6413; no unrelated modifications are present in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}