Access
Smart contract access utilities and implementations
This directory contains utility contracts to restrict access control in smart contracts. These include:
AccessManagerLight: A simpler version of an AccessManager that usesbytes8roles to allow function calls identified by their 4-bytes selector.
AccessManager
import "@openzeppelin/contracts/access/manager/AccessManagerLight.sol";Light version of an AccessManager contract that defines bytes8 roles
that are stored as requirements (see AccessManagerLight.getRequirements) for each function.
Each requirement is a bitmask of roles that are allowed to call a function
identified by its bytes4 selector. Users have their permissioned stored
as a bitmask of roles they belong to.
The admin role is a special role that has access to all functions and can manage the roles of other users.
Modifiers
Functions
- constructor(admin)
- canCall(caller, target, selector)
- getGroups(user)
- getGroupAdmins(group)
- getRequirements(target, selector)
- addGroup(user, group)
- remGroup(user, group)
- _addGroup(user, group)
- _remGroup(user, group)
- setGroupAdmins(group, admins)
- _setGroupAdmins(group, admins)
- setRequirements(target, selectors, groups)
- _setRequirements(target, selector, groups)
- ADMIN_ROLE()
- PUBLIC_ROLE()
- ADMIN_MASK()
- PUBLIC_MASK()
IAuthority
Events
onlyRole(Masks.Mask requirement)
internal
#Throws if the specified requirement is not met by the caller's permissions (see AccessManagerLight.getGroups).
constructor(address admin)
public
#Initializes the contract with the admin as the first member of the admin group.
canCall(address caller, address target, bytes4 selector) → bool
public
#Returns whether the caller has the required permissions to call the target with the selector.
getGroups(address user) → Masks.Mask
public
#Returns the groups that the user belongs to.
getGroupAdmins(uint8 group) → Masks.Mask
public
#Returns the admins of the group.
getRequirements(address target, bytes4 selector) → Masks.Mask
public
#Returns the requirements for the target and selector.
addGroup(address user, uint8 group)
public
#Adds the user to the group. Emits AccessManagerLight.GroupAdded event.
remGroup(address user, uint8 group)
public
#Removes the user from the group. Emits AccessManagerLight.GroupRemoved event.
_addGroup(address user, uint8 group)
internal
#Internal version of AccessManagerLight.addGroup without access control.
_remGroup(address user, uint8 group)
internal
#Internal version of AccessManagerLight.remGroup without access control.
setGroupAdmins(uint8 group, uint8[] admins)
public
#Sets the admins of the group. Emits AccessManagerLight.GroupAdmins event.
_setGroupAdmins(uint8 group, Masks.Mask admins)
internal
#Internal version of AccessManagerLight._setGroupAdmins without access control.
setRequirements(address target, bytes4[] selectors, uint8[] groups)
public
#Sets the groups requirements for the selectors of the target.
_setRequirements(address target, bytes4 selector, Masks.Mask groups)
internal
#Internal version of AccessManagerLight._setRequirements without access control.
ADMIN_ROLE() → uint8
public
#PUBLIC_ROLE() → uint8
public
#ADMIN_MASK() → Masks.Mask
public
#PUBLIC_MASK() → Masks.Mask
public
#GroupAdded(address indexed user, uint8 indexed group)
event
#GroupRemoved(address indexed user, uint8 indexed group)
event
#GroupAdmins(uint8 indexed group, Masks.Mask admins)
event
#RequirementsSet(address indexed target, bytes4 indexed selector, Masks.Mask groups)
event
#MissingPermissions(address user, Masks.Mask permissions, Masks.Mask requirement)
error
#