Skip to content

Chrono-Tech/solidity-roles-lib

Repository files navigation

Roles smart contract library Build Status Coverage Status

Part of LaborX project. Provides a couple of smart contracts to set up role-based access to system's contracts.

  • Roles2Library - smart contract that is a foundation of roles-based system, organizes access to functions in secured way;
  • Roles2LibraryAdapter - basic contract that is intended to store a reference to a roles2Library and contains protection modifier to guard functions for role-based access.

Installation

Organized as npm package this smart contracts could be easily added to a project by

npm install -s solidity-roles-lib

Usage

Right before you decided to use them add this library to package dependencies and import any contract according to this pattern, for example:

import "solidity-shared-lib/contracts/Roles2Library.sol";

or

import "solidity-shared-lib/contracts/Roles2LibraryAdapter.sol";

Cause you might want to use Roles2Library without any changes (if you want to then skip this paragraph), you will need to deploy this contract. But due to imperfection of truffle framework when you write in migration files const Roles2Library = artifacts.require("Roles2Library") this artifact will not be found. You have two options:

  1. Inherit from Roles2Library and truffle will automatically grap contract's artifact;
  2. Create a solidity file, for example, Imports.sol and add an import statement of Roles2Library. (I would recommend this one because it will not produce one more contract name and looks more reasonable.)

Details

Contracts that wants to adopt storage approach should do the following:

  1. Define a contract that will inherit from Roles2LibraryAdapter contract and implement constructor:
contract JobsController is Roles2LibraryAdapter {

	constructor(address _roles2Library) Roles2LibraryAdapter(_roles2Library) public {
		// TODO: initialization here
	}
	//...
}
  1. Protect any of your functions with auth modifier to restrict an access to only authorized members:
//...
function actionExample() external auth returns (uint) {
	//... 
}
//...
  1. In your migrations or during contracts set up organize rules (roles) that should be able to access your protected functions. For more details look at Roles2Library documentation and migration templates.
const Roles = {
	ADMIN: 2,
	MODERATOR: 4,
	USER: 11,
}

const jobController = await JobsController.deployed()
// Allow only defined role to call protected function
const sig = jobsController.contract.actionExample.getData().slice(0, 10)
await roles2Library.addRoleCapability(Roles.ADMIN, jobsController.address, sig)
//...

Migrations

Migration templates are presented in ./migrations_templates folder so you can use them as a scaffolding for your own configuration. Basic scenarios covered by migration templates are:

  • deploying and initializing Roles2Library contract;
  • deploying user's smart contract which is inherited from Roles2LibraryAdapter contract;
  • setuping role rules for user's contract

For more information and use cases look at tests.