View Source: contracts/libraries/AccessControlLibV1.sol
AccessControlLibV1
Constants & Variables
bytes32 public constant NS_ROLES_ADMIN;
bytes32 public constant NS_ROLES_COVER_MANAGER;
bytes32 public constant NS_ROLES_LIQUIDITY_MANAGER;
bytes32 public constant NS_ROLES_GOVERNANCE_AGENT;
bytes32 public constant NS_ROLES_GOVERNANCE_ADMIN;
bytes32 public constant NS_ROLES_UPGRADE_AGENT;
bytes32 public constant NS_ROLES_RECOVERY_AGENT;
bytes32 public constant NS_ROLES_PAUSE_AGENT;
bytes32 public constant NS_ROLES_UNPAUSE_AGENT;
- mustBeAdmin(IStore s)
- mustBeCoverManager(IStore s)
- mustBeLiquidityManager(IStore s)
- mustBeGovernanceAgent(IStore s)
- mustBeGovernanceAdmin(IStore s)
- mustBeUpgradeAgent(IStore s)
- mustBeRecoveryAgent(IStore s)
- mustBePauseAgent(IStore s)
- mustBeUnpauseAgent(IStore s)
- callerMustBeAdmin(IStore s, address caller)
- callerMustBeCoverManager(IStore s, address caller)
- callerMustBeLiquidityManager(IStore s, address caller)
- callerMustBeGovernanceAgent(IStore s, address caller)
- callerMustBeGovernanceAdmin(IStore s, address caller)
- callerMustBeUpgradeAgent(IStore s, address caller)
- callerMustBeRecoveryAgent(IStore s, address caller)
- callerMustBePauseAgent(IStore s, address caller)
- callerMustBeUnpauseAgent(IStore s, address caller)
- _mustHaveAccess(IStore s, bytes32 role, address caller)
- hasAccess(IStore s, bytes32 role, address user)
- addContractInternal(IStore s, bytes32 namespace, bytes32 key, address contractAddress)
- _addContract(IStore s, bytes32 namespace, bytes32 key, address contractAddress)
- _deleteContract(IStore s, bytes32 namespace, bytes32 key, address contractAddress)
- upgradeContractInternal(IStore s, bytes32 namespace, bytes32 key, address previous, address current)
- addMemberInternal(IStore s, address member)
- removeMemberInternal(IStore s, address member)
- _addMember(IStore s, address member)
- _removeMember(IStore s, address member)
Reverts if the sender is not the protocol admin.
function mustBeAdmin(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeAdmin(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_ADMIN, msg.sender);
}
Reverts if the sender is not the cover manager.
function mustBeCoverManager(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeCoverManager(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_COVER_MANAGER, msg.sender);
}
Reverts if the sender is not the liquidity manager.
function mustBeLiquidityManager(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeLiquidityManager(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_LIQUIDITY_MANAGER, msg.sender);
}
Reverts if the sender is not a governance agent.
function mustBeGovernanceAgent(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeGovernanceAgent(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_GOVERNANCE_AGENT, msg.sender);
}
Reverts if the sender is not a governance admin.
function mustBeGovernanceAdmin(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeGovernanceAdmin(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_GOVERNANCE_ADMIN, msg.sender);
}
Reverts if the sender is not an upgrade agent.
function mustBeUpgradeAgent(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeUpgradeAgent(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_UPGRADE_AGENT, msg.sender);
}
Reverts if the sender is not a recovery agent.
function mustBeRecoveryAgent(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeRecoveryAgent(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_RECOVERY_AGENT, msg.sender);
}
Reverts if the sender is not the pause agent.
function mustBePauseAgent(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBePauseAgent(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_PAUSE_AGENT, msg.sender);
}
Reverts if the sender is not the unpause agent.
function mustBeUnpauseAgent(IStore s) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore |
Source Code
function mustBeUnpauseAgent(IStore s) external view {
_mustHaveAccess(s, NS_ROLES_UNPAUSE_AGENT, msg.sender);
}
Reverts if the caller is not the protocol admin.
function callerMustBeAdmin(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeAdmin(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_ADMIN, caller);
}
Reverts if the caller is not the cover manager.
function callerMustBeCoverManager(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeCoverManager(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_COVER_MANAGER, caller);
}
Reverts if the caller is not the liquidity manager.
function callerMustBeLiquidityManager(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeLiquidityManager(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_LIQUIDITY_MANAGER, caller);
}
Reverts if the caller is not a governance agent.
function callerMustBeGovernanceAgent(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeGovernanceAgent(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_GOVERNANCE_AGENT, caller);
}
Reverts if the caller is not a governance admin.
function callerMustBeGovernanceAdmin(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeGovernanceAdmin(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_GOVERNANCE_ADMIN, caller);
}
Reverts if the caller is not an upgrade agent.
function callerMustBeUpgradeAgent(IStore s, address caller) public view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeUpgradeAgent(IStore s, address caller) public view {
_mustHaveAccess(s, NS_ROLES_UPGRADE_AGENT, caller);
}
Reverts if the caller is not a recovery agent.
function callerMustBeRecoveryAgent(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeRecoveryAgent(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_RECOVERY_AGENT, caller);
}
Reverts if the caller is not the pause agent.
function callerMustBePauseAgent(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBePauseAgent(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_PAUSE_AGENT, caller);
}
Reverts if the caller is not the unpause agent.
function callerMustBeUnpauseAgent(IStore s, address caller) external view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
caller | address |
Source Code
function callerMustBeUnpauseAgent(IStore s, address caller) external view {
_mustHaveAccess(s, NS_ROLES_UNPAUSE_AGENT, caller);
}
Reverts if the caller does not have access to the given role.
function _mustHaveAccess(IStore s, bytes32 role, address caller) private view
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
role | bytes32 | |
caller | address |
Source Code
function _mustHaveAccess(
IStore s,
bytes32 role,
address caller
) private view {
require(hasAccess(s, role, caller), "Forbidden");
}
Checks if a given user has access to the given role
function hasAccess(IStore s, bytes32 role, address user) public view
returns(bool)
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
role | bytes32 | Specify the role name |
user | address | Enter the user account |
Returns
Returns true if the user is a member of the specified role
Source Code
function hasAccess(
IStore s,
bytes32 role,
address user
) public view returns (bool) {
address protocol = s.getProtocolAddress();
// The protocol is not deployed yet. Therefore, no role to check
if (protocol == address(0)) {
return false;
}
// You must have the same role in the protocol contract if you're don't have this role here
return IAccessControl(protocol).hasRole(role, user);
}
Adds a protocol member contract
function addContractInternal(IStore s, bytes32 namespace, bytes32 key, address contractAddress) external nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | Enter the store instance |
namespace | bytes32 | Enter the contract namespace |
key | bytes32 | Enter the contract key |
contractAddress | address | Enter the contract address |
Source Code
function addContractInternal(
IStore s,
bytes32 namespace,
bytes32 key,
address contractAddress
) external {
// Not only the msg.sender needs to be an upgrade agent
// but the contract using this library (and this function)
// must also be an upgrade agent
callerMustBeUpgradeAgent(s, address(this));
_addContract(s, namespace, key, contractAddress);
}
function _addContract(IStore s, bytes32 namespace, bytes32 key, address contractAddress) private nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
namespace | bytes32 | |
key | bytes32 | |
contractAddress | address |
Source Code
function _addContract(
IStore s,
bytes32 namespace,
bytes32 key,
address contractAddress
) private {
if (key > 0) {
s.setAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace, key, contractAddress);
} else {
s.setAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace, contractAddress);
}
_addMember(s, contractAddress);
}
function _deleteContract(IStore s, bytes32 namespace, bytes32 key, address contractAddress) private nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
namespace | bytes32 | |
key | bytes32 | |
contractAddress | address |
Source Code
function _deleteContract(
IStore s,
bytes32 namespace,
bytes32 key,
address contractAddress
) private {
if (key > 0) {
s.deleteAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace, key);
} else {
s.deleteAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace);
}
_removeMember(s, contractAddress);
}
Upgrades a contract at the given namespace and key. The previous contract's protocol membership is revoked and the current immediately starts assuming responsbility of whatever the contract needs to do at the supplied namespace and key.
function upgradeContractInternal(IStore s, bytes32 namespace, bytes32 key, address previous, address current) external nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | Provide store instance |
namespace | bytes32 | Enter a unique namespace for this contract |
key | bytes32 | Enter a key if this contract has siblings |
previous | address | Enter the existing contract address at this namespace and key. |
current | address | Enter the contract address which will replace the previous contract. |
Source Code
function upgradeContractInternal(
IStore s,
bytes32 namespace,
bytes32 key,
address previous,
address current
) external {
// Not only the msg.sender needs to be an upgrade agent
// but the contract using this library (and this function)
// must also be an upgrade agent
callerMustBeUpgradeAgent(s, address(this));
bool isMember = s.isProtocolMember(previous);
require(isMember, "Not a protocol member");
_deleteContract(s, namespace, key, previous);
_addContract(s, namespace, key, current);
}
Adds member to the protocol
A member is a trusted EOA or a contract that was added to the protocol using addContract
function. When a contract is removed using upgradeContract
function, the membership of previous
contract is also removed.
function addMemberInternal(IStore s, address member) external nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
member | address | Enter an address to add as a protocol member |
Source Code
function addMemberInternal(IStore s, address member) external {
// Not only the msg.sender needs to be an upgrade agent
// but the contract using this library (and this function)
// must also be an upgrade agent
callerMustBeUpgradeAgent(s, address(this));
_addMember(s, member);
}
Removes a member from the protocol. This function is only accessible to an upgrade agent.
function removeMemberInternal(IStore s, address member) external nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
member | address | Enter an address to remove as a protocol member |
Source Code
function removeMemberInternal(IStore s, address member) external {
// Not only the msg.sender needs to be an upgrade agent
// but the contract using this library (and this function)
// must also be an upgrade agent
callerMustBeUpgradeAgent(s, address(this));
_removeMember(s, member);
}
function _addMember(IStore s, address member) private nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
member | address |
Source Code
function _addMember(IStore s, address member) private {
require(s.getBoolByKeys(ProtoUtilV1.NS_MEMBERS, member) == false, "Already exists");
s.setBoolByKeys(ProtoUtilV1.NS_MEMBERS, member, true);
}
function _removeMember(IStore s, address member) private nonpayable
Arguments
Name | Type | Description |
---|---|---|
s | IStore | |
member | address |
Source Code
function _removeMember(IStore s, address member) private {
s.deleteBoolByKeys(ProtoUtilV1.NS_MEMBERS, member);
}
- AaveStrategy
- AccessControl
- AccessControlLibV1
- Address
- BaseLibV1
- BokkyPooBahsDateTimeLibrary
- BondPool
- BondPoolBase
- BondPoolLibV1
- CompoundStrategy
- Context
- Cover
- CoverBase
- CoverLibV1
- CoverReassurance
- CoverStake
- CoverUtilV1
- cxToken
- cxTokenFactory
- cxTokenFactoryLibV1
- Delayable
- Destroyable
- ERC165
- ERC20
- FakeAaveLendingPool
- FakeCompoundDaiDelegator
- FakePriceOracle
- FakeRecoverable
- FakeStore
- FakeToken
- FakeUniswapPair
- FakeUniswapV2FactoryLike
- FakeUniswapV2PairLike
- FakeUniswapV2RouterLike
- FaultyAaveLendingPool
- FaultyCompoundDaiDelegator
- Finalization
- ForceEther
- Governance
- GovernanceUtilV1
- IAaveV2LendingPoolLike
- IAccessControl
- IBondPool
- IClaimsProcessor
- ICompoundERC20DelegatorLike
- ICover
- ICoverReassurance
- ICoverStake
- ICxToken
- ICxTokenFactory
- IERC165
- IERC20
- IERC20Detailed
- IERC20Metadata
- IERC3156FlashBorrower
- IERC3156FlashLender
- IFinalization
- IGovernance
- ILendingStrategy
- ILiquidityEngine
- IMember
- INeptuneRouterV1
- InvalidStrategy
- IPausable
- IPolicy
- IPolicyAdmin
- IPriceOracle
- IProtocol
- IRecoverable
- IReporter
- IResolution
- IResolvable
- IStakingPools
- IStore
- IStoreLike
- IUniswapV2FactoryLike
- IUniswapV2PairLike
- IUniswapV2RouterLike
- IUnstakable
- IVault
- IVaultDelegate
- IVaultFactory
- IWitness
- LiquidityEngine
- MaliciousToken
- MockAccessControlUser
- MockCoverUtilUser
- MockCxToken
- MockCxTokenPolicy
- MockCxTokenStore
- MockFlashBorrower
- MockLiquidityEngineUser
- MockProcessorStore
- MockProcessorStoreLib
- MockProtocol
- MockRegistryClient
- MockStore
- MockStoreKeyUtilUser
- MockValidationLibUser
- MockVault
- MockVaultLibUser
- NeptuneRouterV1
- NPM
- NpmDistributor
- NTransferUtilV2
- NTransferUtilV2Intermediate
- Ownable
- Pausable
- Policy
- PolicyAdmin
- PolicyHelperV1
- PoorMansERC20
- POT
- PriceLibV1
- Processor
- ProtoBase
- Protocol
- ProtoUtilV1
- Recoverable
- ReentrancyGuard
- RegistryLibV1
- Reporter
- Resolution
- Resolvable
- RoutineInvokerLibV1
- SafeERC20
- StakingPoolBase
- StakingPoolCoreLibV1
- StakingPoolInfo
- StakingPoolLibV1
- StakingPoolReward
- StakingPools
- Store
- StoreBase
- StoreKeyUtil
- StrategyLibV1
- Strings
- TimelockController
- Unstakable
- ValidationLibV1
- Vault
- VaultBase
- VaultDelegate
- VaultDelegateBase
- VaultDelegateWithFlashLoan
- VaultFactory
- VaultFactoryLibV1
- VaultLibV1
- VaultLiquidity
- VaultStrategy
- WithFlashLoan
- WithPausability
- WithRecovery
- Witness