Part of LaborX project. Provides a couple of smart contracts to set up role-based access to system's contracts.
- Roles2Library - smart contract that is a foundation of roles-based system, organizes access to functions in secured way;
- Roles2LibraryAdapter - basic contract that is intended to store a reference to a roles2Library and contains protection modifier to guard functions for role-based access.
Organized as npm package this smart contracts could be easily added to a project by
npm install -s solidity-roles-lib
Right before you decided to use them add this library to package dependencies and import any contract according to this pattern, for example:
import "solidity-shared-lib/contracts/Roles2Library.sol";
or
import "solidity-shared-lib/contracts/Roles2LibraryAdapter.sol";
Cause you might want to use Roles2Library without any changes (if you want to then skip this paragraph), you will need to deploy this contract. But due to imperfection of truffle framework when you write in migration files const Roles2Library = artifacts.require("Roles2Library")
this artifact will not be found. You have two options:
- Inherit from Roles2Library and truffle will automatically grap contract's artifact;
- Create a solidity file, for example, Imports.sol and add an
import
statement of Roles2Library. (I would recommend this one because it will not produce one more contract name and looks more reasonable.)
Contracts that wants to adopt storage approach should do the following:
- Define a contract that will inherit from Roles2LibraryAdapter contract and implement constructor:
contract JobsController is Roles2LibraryAdapter {
constructor(address _roles2Library) Roles2LibraryAdapter(_roles2Library) public {
// TODO: initialization here
}
//...
}
- Protect any of your functions with
auth
modifier to restrict an access to only authorized members:
//...
function actionExample() external auth returns (uint) {
//...
}
//...
- In your migrations or during contracts set up organize rules (roles) that should be able to access your protected functions. For more details look at Roles2Library documentation and migration templates.
const Roles = {
ADMIN: 2,
MODERATOR: 4,
USER: 11,
}
const jobController = await JobsController.deployed()
// Allow only defined role to call protected function
const sig = jobsController.contract.actionExample.getData().slice(0, 10)
await roles2Library.addRoleCapability(Roles.ADMIN, jobsController.address, sig)
//...
Migration templates are presented in ./migrations_templates
folder so you can use them as a scaffolding for your own configuration. Basic scenarios covered by migration templates are:
- deploying and initializing Roles2Library contract;
- deploying user's smart contract which is inherited from Roles2LibraryAdapter contract;
- setuping role rules for user's contract
For more information and use cases look at tests.