(object: address): bool {
diff --git a/aptos-move/framework/aptos-token-objects/doc/aptos_token.md b/aptos-move/framework/aptos-token-objects/doc/aptos_token.md
index b3f124c43686e7..2faa7be311d1dd 100644
--- a/aptos-move/framework/aptos-token-objects/doc/aptos_token.md
+++ b/aptos-move/framework/aptos-token-objects/doc/aptos_token.md
@@ -15,6 +15,8 @@ The key features are:
- [Resource `AptosCollection`](#0x4_aptos_token_AptosCollection)
- [Resource `AptosToken`](#0x4_aptos_token_AptosToken)
+- [Struct `TokenUpdatePermission`](#0x4_aptos_token_TokenUpdatePermission)
+- [Struct `CollectionUpdatePermission`](#0x4_aptos_token_CollectionUpdatePermission)
- [Constants](#@Constants_0)
- [Function `create_collection`](#0x4_aptos_token_create_collection)
- [Function `create_collection_object`](#0x4_aptos_token_create_collection_object)
@@ -58,11 +60,16 @@ The key features are:
- [Function `set_collection_royalties`](#0x4_aptos_token_set_collection_royalties)
- [Function `set_collection_royalties_call`](#0x4_aptos_token_set_collection_royalties_call)
- [Function `set_collection_uri`](#0x4_aptos_token_set_collection_uri)
+- [Function `authorize_token_mutation`](#0x4_aptos_token_authorize_token_mutation)
+- [Function `revoke_token_mutation`](#0x4_aptos_token_revoke_token_mutation)
+- [Function `authorize_collection_mutation`](#0x4_aptos_token_authorize_collection_mutation)
+- [Function `revoke_collection_mutation`](#0x4_aptos_token_revoke_collection_mutation)
use 0x1::error;
use 0x1::object;
use 0x1::option;
+use 0x1::permissioned_signer;
use 0x1::signer;
use 0x1::string;
use 0x4::collection;
@@ -201,6 +208,60 @@ Storage state for managing the no-code Token.
+
+
+
+
+## Struct `TokenUpdatePermission`
+
+
+
+struct TokenUpdatePermission has copy, drop, store
+
+
+
+
+
+Fields
+
+
+
+-
+
token_address: address
+
+-
+
+
+
+
+
+
+
+
+
+## Struct `CollectionUpdatePermission`
+
+
+
+struct CollectionUpdatePermission has copy, drop, store
+
+
+
+
+
+Fields
+
+
+
+-
+
collection_address: address
+
+-
+
+
+
+
+
@@ -864,6 +925,11 @@ With an existing collection, directly mint a soul bound token into the recipient
token::creator(*token) == signer::address_of(creator),
error::permission_denied(ENOT_CREATOR),
);
+
+ assert!(
+ permissioned_signer::check_permission_capacity_above(creator, 0, TokenUpdatePermission { token_address }),
+ error::permission_denied(ENOT_CREATOR),
+ );
borrow_global<AptosToken>(token_address)
}
@@ -1561,6 +1627,11 @@ With an existing collection, directly mint a soul bound token into the recipient
collection::creator(*collection) == signer::address_of(creator),
error::permission_denied(ENOT_CREATOR),
);
+
+ assert!(
+ permissioned_signer::check_permission_capacity_above(creator, 0, CollectionUpdatePermission { collection_address }),
+ error::permission_denied(ENOT_CREATOR),
+ );
borrow_global<AptosCollection>(collection_address)
}
@@ -1697,6 +1768,142 @@ With an existing collection, directly mint a soul bound token into the recipient
+
+
+
+
+## Function `authorize_token_mutation`
+
+
+
+public fun authorize_token_mutation<T: key>(creator: &signer, permissioned_creator: &signer, token: object::Object<T>)
+
+
+
+
+
+Implementation
+
+
+public fun authorize_token_mutation<T: key>(
+ creator: &signer,
+ permissioned_creator: &signer,
+ token: Object<T>,
+) {
+ let token_address = object::object_address(&token);
+ assert!(
+ exists<AptosToken>(token_address),
+ error::not_found(ETOKEN_DOES_NOT_EXIST),
+ );
+ permissioned_signer::authorize(
+ creator,
+ permissioned_creator,
+ 0,
+ TokenUpdatePermission { token_address },
+ )
+}
+
+
+
+
+
+
+
+
+## Function `revoke_token_mutation`
+
+
+
+public fun revoke_token_mutation<T: key>(permissioned_signer: &signer, token: object::Object<T>)
+
+
+
+
+
+Implementation
+
+
+public fun revoke_token_mutation<T: key>(
+ permissioned_signer: &signer,
+ token: Object<T>,
+) {
+ permissioned_signer::revoke_permission(
+ permissioned_signer,
+ TokenUpdatePermission { token_address: object::object_address(&token) },
+ )
+}
+
+
+
+
+
+
+
+
+## Function `authorize_collection_mutation`
+
+
+
+public fun authorize_collection_mutation<T: key>(creator: &signer, permissioned_signer: &signer, collection: object::Object<T>)
+
+
+
+
+
+Implementation
+
+
+public fun authorize_collection_mutation<T: key>(
+ creator: &signer,
+ permissioned_signer: &signer,
+ collection: Object<T>,
+) {
+ let collection_address = object::object_address(&collection);
+ assert!(
+ exists<AptosCollection>(collection_address),
+ error::not_found(ETOKEN_DOES_NOT_EXIST),
+ );
+ permissioned_signer::authorize(
+ creator,
+ permissioned_signer,
+ 0,
+ CollectionUpdatePermission { collection_address },
+ )
+}
+
+
+
+
+
+
+
+
+## Function `revoke_collection_mutation`
+
+
+
+public fun revoke_collection_mutation<T: key>(permissioned_signer: &signer, collection: object::Object<T>)
+
+
+
+
+
+Implementation
+
+
+public fun revoke_collection_mutation<T: key>(
+ permissioned_signer: &signer,
+ collection: Object<T>,
+) {
+ permissioned_signer::revoke_permission(
+ permissioned_signer,
+ CollectionUpdatePermission { collection_address: object::object_address(&collection) },
+ )
+}
+
+
+
+
diff --git a/aptos-move/framework/aptos-token-objects/sources/aptos_token.move b/aptos-move/framework/aptos-token-objects/sources/aptos_token.move
index 5fe04786cd1a93..0569c32c9b3914 100644
--- a/aptos-move/framework/aptos-token-objects/sources/aptos_token.move
+++ b/aptos-move/framework/aptos-token-objects/sources/aptos_token.move
@@ -12,6 +12,7 @@ module aptos_token_objects::aptos_token {
use std::string::String;
use std::signer;
use aptos_framework::object::{Self, ConstructorRef, Object};
+ use aptos_framework::permissioned_signer;
use aptos_token_objects::collection;
use aptos_token_objects::property_map;
use aptos_token_objects::royalty;
@@ -68,6 +69,14 @@ module aptos_token_objects::aptos_token {
property_mutator_ref: property_map::MutatorRef,
}
+ struct TokenUpdatePermission has copy, drop, store {
+ token_address: address,
+ }
+
+ struct CollectionUpdatePermission has copy, drop, store {
+ collection_address: address,
+ }
+
/// Create a new collection
public entry fun create_collection(
creator: &signer,
@@ -373,6 +382,11 @@ module aptos_token_objects::aptos_token {
token::creator(*token) == signer::address_of(creator),
error::permission_denied(ENOT_CREATOR),
);
+
+ assert!(
+ permissioned_signer::check_permission_capacity_above(creator, 0, TokenUpdatePermission { token_address }),
+ error::permission_denied(ENOT_CREATOR),
+ );
borrow_global(token_address)
}
@@ -614,6 +628,11 @@ module aptos_token_objects::aptos_token {
collection::creator(*collection) == signer::address_of(creator),
error::permission_denied(ENOT_CREATOR),
);
+
+ assert!(
+ permissioned_signer::check_permission_capacity_above(creator, 0, CollectionUpdatePermission { collection_address }),
+ error::permission_denied(ENOT_CREATOR),
+ );
borrow_global(collection_address)
}
@@ -667,6 +686,63 @@ module aptos_token_objects::aptos_token {
collection::set_uri(option::borrow(&aptos_collection.mutator_ref), uri);
}
+ // Permissions
+ public fun authorize_token_mutation(
+ creator: &signer,
+ permissioned_creator: &signer,
+ token: Object,
+ ) {
+ let token_address = object::object_address(&token);
+ assert!(
+ exists(token_address),
+ error::not_found(ETOKEN_DOES_NOT_EXIST),
+ );
+ permissioned_signer::authorize(
+ creator,
+ permissioned_creator,
+ 0,
+ TokenUpdatePermission { token_address },
+ )
+ }
+
+ public fun revoke_token_mutation(
+ permissioned_signer: &signer,
+ token: Object,
+ ) {
+ permissioned_signer::revoke_permission(
+ permissioned_signer,
+ TokenUpdatePermission { token_address: object::object_address(&token) },
+ )
+ }
+
+ public fun authorize_collection_mutation(
+ creator: &signer,
+ permissioned_signer: &signer,
+ collection: Object,
+ ) {
+ let collection_address = object::object_address(&collection);
+ assert!(
+ exists(collection_address),
+ error::not_found(ETOKEN_DOES_NOT_EXIST),
+ );
+ permissioned_signer::authorize(
+ creator,
+ permissioned_signer,
+ 0,
+ CollectionUpdatePermission { collection_address },
+ )
+ }
+
+ public fun revoke_collection_mutation(
+ permissioned_signer: &signer,
+ collection: Object,
+ ) {
+ permissioned_signer::revoke_permission(
+ permissioned_signer,
+ CollectionUpdatePermission { collection_address: object::object_address(&collection) },
+ )
+ }
+
// Tests
#[test_only]