-
Notifications
You must be signed in to change notification settings - Fork 0
/
AccessControl.sol
executable file
·146 lines (115 loc) · 3.77 KB
/
AccessControl.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
// SPDX-License-Identifier: UNLICENSED
/* *
* V.0.2.4
*
* Copyright (c) 2021-2024 LI LI @ JINGTIAN & GONGCHENG.
*
* This WORK is licensed under ComBoox SoftWare License 1.0, a copy of which
* can be obtained at:
* [https://github.com/paul-lee-attorney/comboox]
*
* THIS WORK IS PROVIDED ON AN "AS IS" BASIS, WITHOUT
* WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
* TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. IN NO
* EVENT SHALL ANY CONTRIBUTOR BE LIABLE TO YOU FOR ANY DAMAGES.
*
* YOU ARE PROHIBITED FROM DEPLOYING THE SMART CONTRACTS OF THIS WORK, IN WHOLE
* OR IN PART, FOR WHATEVER PURPOSE, ON ANY BLOCKCHAIN NETWORK THAT HAS ONE OR
* MORE NODES THAT ARE OUT OF YOUR CONTROL.
* */
pragma solidity ^0.8.8;
import "./IAccessControl.sol";
import "../../../center/access/Ownable.sol";
contract AccessControl is IAccessControl, Ownable {
using RolesRepo for RolesRepo.Repo;
bytes32 private constant _ATTORNEYS = bytes32("Attorneys");
RolesRepo.Repo private _roles;
Admin private _dk;
IGeneralKeeper internal _gk;
// ################
// ## Modifier ##
// ################
modifier onlyDK {
require(_dk.addr == msg.sender,
"AC.onlyDK: not");
_;
}
modifier onlyGC {
require(_roles.getRoleAdmin(_ATTORNEYS) ==
msg.sender,"AC.onlyGC: NOT");
_;
}
modifier onlyKeeper {
require(_gk.isKeeper(msg.sender) ||
_dk.addr == msg.sender,
"AC.onlyKeeper: NOT");
_;
}
modifier onlyAttorney {
require(_roles.hasRole(_ATTORNEYS, msg.sender),
"AC.onlyAttorney: NOT");
_;
}
modifier attorneyOrKeeper {
require(_roles.hasRole(_ATTORNEYS, msg.sender) ||
_gk.isKeeper(msg.sender),
"AC.md.attorneyOrKeeper: NOT");
_;
}
// #################
// ## Write ##
// #################
function initKeepers(address dk,address gk) external {
require(_dk.state == 0,
"AC.initKeepers: already inited");
_dk.addr = dk;
_gk = IGeneralKeeper(gk);
_dk.state = 1;
}
function setDirectKeeper(address acct) external onlyDK {
_dk.addr = acct;
emit SetDirectKeeper(acct);
}
function takeBackKeys (address target) external onlyDK {
IAccessControl(target).setDirectKeeper(msg.sender);
}
function setRoleAdmin(bytes32 role, address acct) external onlyOwner {
_roles.setRoleAdmin(role, acct);
emit SetRoleAdmin(role, acct);
}
function grantRole(bytes32 role, address acct) external {
_roles.grantRole(role, acct, msg.sender);
}
function revokeRole(bytes32 role, address acct) external {
_roles.revokeRole(role, acct, msg.sender);
}
function renounceRole(bytes32 role) external {
_roles.renounceRole(role, msg.sender);
}
function abandonRole(bytes32 role) external onlyOwner {
_roles.abandonRole(role);
}
function lockContents() public onlyOwner {
require(_dk.state == 1,
"AC.lockContents: wrong state");
_roles.abandonRole(_ATTORNEYS);
setNewOwner(address(0));
_dk.state = 2;
emit LockContents();
}
// ##############
// ## Read ##
// ##############
function getDK() external view returns (address) {
return _dk.addr;
}
function isFinalized() public view returns (bool) {
return _dk.state == 2;
}
function getRoleAdmin(bytes32 role) public view returns (address) {
return _roles.getRoleAdmin(role);
}
function hasRole(bytes32 role, address acct) public view returns (bool) {
return _roles.hasRole(role, acct);
}
}