Skip to content

Latest commit

 

History

History
986 lines (777 loc) · 25.3 KB

AccessControlLibV1.md

File metadata and controls

986 lines (777 loc) · 25.3 KB

AccessControlLibV1.sol

View Source: contracts/libraries/AccessControlLibV1.sol

AccessControlLibV1

Contract Members

Constants & Variables

bytes32 public constant NS_ROLES_ADMIN;
bytes32 public constant NS_ROLES_COVER_MANAGER;
bytes32 public constant NS_ROLES_LIQUIDITY_MANAGER;
bytes32 public constant NS_ROLES_GOVERNANCE_AGENT;
bytes32 public constant NS_ROLES_GOVERNANCE_ADMIN;
bytes32 public constant NS_ROLES_UPGRADE_AGENT;
bytes32 public constant NS_ROLES_RECOVERY_AGENT;
bytes32 public constant NS_ROLES_PAUSE_AGENT;
bytes32 public constant NS_ROLES_UNPAUSE_AGENT;

Functions

mustBeAdmin

Reverts if the sender is not the protocol admin.

function mustBeAdmin(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeAdmin(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_ADMIN, msg.sender);
  }

mustBeCoverManager

Reverts if the sender is not the cover manager.

function mustBeCoverManager(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeCoverManager(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_COVER_MANAGER, msg.sender);
  }

mustBeLiquidityManager

Reverts if the sender is not the liquidity manager.

function mustBeLiquidityManager(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeLiquidityManager(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_LIQUIDITY_MANAGER, msg.sender);
  }

mustBeGovernanceAgent

Reverts if the sender is not a governance agent.

function mustBeGovernanceAgent(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeGovernanceAgent(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_GOVERNANCE_AGENT, msg.sender);
  }

mustBeGovernanceAdmin

Reverts if the sender is not a governance admin.

function mustBeGovernanceAdmin(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeGovernanceAdmin(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_GOVERNANCE_ADMIN, msg.sender);
  }

mustBeUpgradeAgent

Reverts if the sender is not an upgrade agent.

function mustBeUpgradeAgent(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeUpgradeAgent(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_UPGRADE_AGENT, msg.sender);
  }

mustBeRecoveryAgent

Reverts if the sender is not a recovery agent.

function mustBeRecoveryAgent(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeRecoveryAgent(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_RECOVERY_AGENT, msg.sender);
  }

mustBePauseAgent

Reverts if the sender is not the pause agent.

function mustBePauseAgent(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBePauseAgent(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_PAUSE_AGENT, msg.sender);
  }

mustBeUnpauseAgent

Reverts if the sender is not the unpause agent.

function mustBeUnpauseAgent(IStore s) external view

Arguments

Name Type Description
s IStore
Source Code
function mustBeUnpauseAgent(IStore s) external view {
    _mustHaveAccess(s, NS_ROLES_UNPAUSE_AGENT, msg.sender);
  }

callerMustBeAdmin

Reverts if the caller is not the protocol admin.

function callerMustBeAdmin(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeAdmin(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_ADMIN, caller);
  }

callerMustBeCoverManager

Reverts if the caller is not the cover manager.

function callerMustBeCoverManager(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeCoverManager(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_COVER_MANAGER, caller);
  }

callerMustBeLiquidityManager

Reverts if the caller is not the liquidity manager.

function callerMustBeLiquidityManager(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeLiquidityManager(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_LIQUIDITY_MANAGER, caller);
  }

callerMustBeGovernanceAgent

Reverts if the caller is not a governance agent.

function callerMustBeGovernanceAgent(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeGovernanceAgent(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_GOVERNANCE_AGENT, caller);
  }

callerMustBeGovernanceAdmin

Reverts if the caller is not a governance admin.

function callerMustBeGovernanceAdmin(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeGovernanceAdmin(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_GOVERNANCE_ADMIN, caller);
  }

callerMustBeUpgradeAgent

Reverts if the caller is not an upgrade agent.

function callerMustBeUpgradeAgent(IStore s, address caller) public view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeUpgradeAgent(IStore s, address caller) public view {
    _mustHaveAccess(s, NS_ROLES_UPGRADE_AGENT, caller);
  }

callerMustBeRecoveryAgent

Reverts if the caller is not a recovery agent.

function callerMustBeRecoveryAgent(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeRecoveryAgent(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_RECOVERY_AGENT, caller);
  }

callerMustBePauseAgent

Reverts if the caller is not the pause agent.

function callerMustBePauseAgent(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBePauseAgent(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_PAUSE_AGENT, caller);
  }

callerMustBeUnpauseAgent

Reverts if the caller is not the unpause agent.

function callerMustBeUnpauseAgent(IStore s, address caller) external view

Arguments

Name Type Description
s IStore
caller address
Source Code
function callerMustBeUnpauseAgent(IStore s, address caller) external view {
    _mustHaveAccess(s, NS_ROLES_UNPAUSE_AGENT, caller);
  }

_mustHaveAccess

Reverts if the caller does not have access to the given role.

function _mustHaveAccess(IStore s, bytes32 role, address caller) private view

Arguments

Name Type Description
s IStore
role bytes32
caller address
Source Code
function _mustHaveAccess(
    IStore s,
    bytes32 role,
    address caller
  ) private view {
    require(hasAccess(s, role, caller), "Forbidden");
  }

hasAccess

Checks if a given user has access to the given role

function hasAccess(IStore s, bytes32 role, address user) public view
returns(bool)

Arguments

Name Type Description
s IStore
role bytes32 Specify the role name
user address Enter the user account

Returns

Returns true if the user is a member of the specified role

Source Code
function hasAccess(
    IStore s,
    bytes32 role,
    address user
  ) public view returns (bool) {
    address protocol = s.getProtocolAddress();

    // The protocol is not deployed yet. Therefore, no role to check
    if (protocol == address(0)) {
      return false;
    }

    // You must have the same role in the protocol contract if you're don't have this role here
    return IAccessControl(protocol).hasRole(role, user);
  }

addContractInternal

Adds a protocol member contract

function addContractInternal(IStore s, bytes32 namespace, bytes32 key, address contractAddress) external nonpayable

Arguments

Name Type Description
s IStore Enter the store instance
namespace bytes32 Enter the contract namespace
key bytes32 Enter the contract key
contractAddress address Enter the contract address
Source Code
function addContractInternal(
    IStore s,
    bytes32 namespace,
    bytes32 key,
    address contractAddress
  ) external {
    // Not only the msg.sender needs to be an upgrade agent
    // but the contract using this library (and this function)
    // must also be an upgrade agent
    callerMustBeUpgradeAgent(s, address(this));
    _addContract(s, namespace, key, contractAddress);
  }

_addContract

function _addContract(IStore s, bytes32 namespace, bytes32 key, address contractAddress) private nonpayable

Arguments

Name Type Description
s IStore
namespace bytes32
key bytes32
contractAddress address
Source Code
function _addContract(
    IStore s,
    bytes32 namespace,
    bytes32 key,
    address contractAddress
  ) private {
    if (key > 0) {
      s.setAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace, key, contractAddress);
    } else {
      s.setAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace, contractAddress);
    }
    _addMember(s, contractAddress);
  }

_deleteContract

function _deleteContract(IStore s, bytes32 namespace, bytes32 key, address contractAddress) private nonpayable

Arguments

Name Type Description
s IStore
namespace bytes32
key bytes32
contractAddress address
Source Code
function _deleteContract(
    IStore s,
    bytes32 namespace,
    bytes32 key,
    address contractAddress
  ) private {
    if (key > 0) {
      s.deleteAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace, key);
    } else {
      s.deleteAddressByKeys(ProtoUtilV1.NS_CONTRACTS, namespace);
    }
    _removeMember(s, contractAddress);
  }

upgradeContractInternal

Upgrades a contract at the given namespace and key. The previous contract's protocol membership is revoked and the current immediately starts assuming responsbility of whatever the contract needs to do at the supplied namespace and key.

function upgradeContractInternal(IStore s, bytes32 namespace, bytes32 key, address previous, address current) external nonpayable

Arguments

Name Type Description
s IStore Provide store instance
namespace bytes32 Enter a unique namespace for this contract
key bytes32 Enter a key if this contract has siblings
previous address Enter the existing contract address at this namespace and key.
current address Enter the contract address which will replace the previous contract.
Source Code
function upgradeContractInternal(
    IStore s,
    bytes32 namespace,
    bytes32 key,
    address previous,
    address current
  ) external {
    // Not only the msg.sender needs to be an upgrade agent
    // but the contract using this library (and this function)
    // must also be an upgrade agent
    callerMustBeUpgradeAgent(s, address(this));

    bool isMember = s.isProtocolMember(previous);
    require(isMember, "Not a protocol member");

    _deleteContract(s, namespace, key, previous);
    _addContract(s, namespace, key, current);
  }

addMemberInternal

Adds member to the protocol A member is a trusted EOA or a contract that was added to the protocol using addContract function. When a contract is removed using upgradeContract function, the membership of previous contract is also removed.

function addMemberInternal(IStore s, address member) external nonpayable

Arguments

Name Type Description
s IStore
member address Enter an address to add as a protocol member
Source Code
function addMemberInternal(IStore s, address member) external {
    // Not only the msg.sender needs to be an upgrade agent
    // but the contract using this library (and this function)
    // must also be an upgrade agent
    callerMustBeUpgradeAgent(s, address(this));

    _addMember(s, member);
  }

removeMemberInternal

Removes a member from the protocol. This function is only accessible to an upgrade agent.

function removeMemberInternal(IStore s, address member) external nonpayable

Arguments

Name Type Description
s IStore
member address Enter an address to remove as a protocol member
Source Code
function removeMemberInternal(IStore s, address member) external {
    // Not only the msg.sender needs to be an upgrade agent
    // but the contract using this library (and this function)
    // must also be an upgrade agent
    callerMustBeUpgradeAgent(s, address(this));

    _removeMember(s, member);
  }

_addMember

function _addMember(IStore s, address member) private nonpayable

Arguments

Name Type Description
s IStore
member address
Source Code
function _addMember(IStore s, address member) private {
    require(s.getBoolByKeys(ProtoUtilV1.NS_MEMBERS, member) == false, "Already exists");
    s.setBoolByKeys(ProtoUtilV1.NS_MEMBERS, member, true);
  }

_removeMember

function _removeMember(IStore s, address member) private nonpayable

Arguments

Name Type Description
s IStore
member address
Source Code
function _removeMember(IStore s, address member) private {
    s.deleteBoolByKeys(ProtoUtilV1.NS_MEMBERS, member);
  }

Contracts