Support ACL permissions with parameters

[macor161]

🦅 Pull Request

Add support for ACL parameters:

dao acl grant <dao-addr> <app-proxy-addr> <role> <entity> [params...]

Each parameter must have the following syntax: "<id>,<op>,<value>". Multiple parameters must be separated by spaces.

See the ACL documentation for the list of available operators.

Closes #407

🚨 Test instructions

dao acl grant <dao> <app> <role> <entity> "0,GT,2"

dao acl grant <dao> <app> <role> <entity> "2,EQ,0xC7f8dDbc7B3BFd432dEAc0CA270110467EcE01c3"

dao acl grant <dao> <app> <role> <entity> "LOGIC_OP_PARAM_ID,OR,(1,2)"  "0,LT,4"  "1,EQ,42"

dao acl grant <dao> <app> <role> <entity> "LOGIC_OP_PARAM_ID,IF_ELSE,(1,2,3)" 
 "BLOCK_NUMBER_PARAM_ID,GT,1000"  "0,EQ,42"  "0,EQ,0"

✔️ PR Todo

• Include links to related issues/PRs
• Update unit tests for this change
• Update the relevant documentation
• Clear dependencies on other modules that have to be released before merging this

[0xGabi]

Thanks a lot @macor161 this new feature is amazing, will enable much more use cases and experimentation 👨‍🔬

I tested it with the help of @fabriziovigevani using the Token Oracle 1Hive is using for the Time Lock app and is working great 💪

[sohkai]

Someone get the fire trucks, cause this is hot 🔥:fire: :fire:

Haven't checked the correctness (we should certainly add more tests), but:

• We should scope this out into its own package
• We may be able to define a light DSL language for this and use something like nearley or peg.js to parse it; we would most likely want to use this in a browser environment so we'll have to be conscious of the parser's size (and obviously handrolling it like now would be the most optimal)
• We should add a decoder to go from the param bytes, for use in UI

[macor161]

Hahaha thanks! 😄
Definitely good ideas. I added them to my to-do list. I'm not super familiar with DSLs however, I will have to read the subject a little bit more. But point 1 and 3 should be fairly straightforward to do.