NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add adminAddRole, adminRemoveRole, and make hasRole/checkRole public

Browse Source
This commit is contained in:
Matt Condon
2017-12-01 15:36:54 +02:00
parent e931c1cbfc
commit 9bb2c958ec
4 changed files with 84 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
contracts/examples/RBACExample.sol
View File

@ -1,61 +0,0 @@
pragma solidity ^0.4.8;
import '../ownership/rbac/RBAC.sol';
contract RBACExample is RBAC {
modifier onlyOwnerOrAdvisor()
{
require(
hasRole(msg.sender, "owner") ||
hasRole(msg.sender, "advisor")
);
_;
}
function RBACExample(address[] _advisors)
public
{
addRole(msg.sender, "owner");
addRole(msg.sender, "advisor");
for (uint256 i = 0; i < _advisors.length; i++) {
addRole(_advisors[i], "advisor");
}
}
function onlyOwnersCanDoThis()
onlyRole("owner")
view
external
{
}
function onlyAdvisorsCanDoThis()
onlyRole("advisor")
view
external
{
}
function eitherOwnerOrAdvisorCanDoThis()
onlyOwnerOrAdvisor
view
external
{
}
// owners can remove advisor's role
function removeAdvisor(address _addr)
onlyRole("owner")
public
{
// revert if the user isn't an advisor
// (perhaps you want to soft-fail here instead?)
checkRole(_addr, "advisor");
// remove the advisor's role
removeRole(_addr, "advisor");
}
}

60
contracts/ownership/rbac/RBAC.sol
View File

@ -17,6 +17,23 @@ contract RBAC {
mapping (string => Roles.Role) internal roles;
event LogRoleAdded(address addr, string roleName);
event LogRoleRemoved(address addr, string roleName);
/**
* A constant role name for indicating admins.
*/
string public constant ROLE_ADMIN = "admin";
/**
* @dev constructor. Sets msg.sender as admin by default
*/
function RBAC()
public
{
addRole(msg.sender, ROLE_ADMIN);
}
/**
* @dev add a role to an address
* @param addr address
@ -26,6 +43,7 @@ contract RBAC {
internal
{
roles[roleName].add(addr);
LogRoleAdded(addr, roleName);
}
/**
@ -37,6 +55,7 @@ contract RBAC {
internal
{
roles[roleName].remove(addr);
LogRoleRemoved(addr, roleName);
}
/**
@ -47,7 +66,7 @@ contract RBAC {
*/
function checkRole(address addr, string roleName)
view
internal
public
{
roles[roleName].check(addr);
}
@ -60,12 +79,37 @@ contract RBAC {
*/
function hasRole(address addr, string roleName)
view
internal
public
returns (bool)
{
return roles[roleName].has(addr);
}
/**
* @dev add a role to an address
* @param addr address
* @param roleName the name of the role
*/
function adminAddRole(address addr, string roleName)
onlyAdmin
public
{
addRole(addr, roleName);
}
/**
* @dev remove a role from an address
* @param addr address
* @param roleName the name of the role
*/
function adminRemoveRole(address addr, string roleName)
onlyAdmin
public
{
removeRole(addr, roleName);
}
/**
* @dev modifier to scope access to a single role (uses msg.sender as addr)
* @param roleName the name of the role
@ -77,12 +121,22 @@ contract RBAC {
_;
}
/**
* @dev modifier to scope access to admins
* // reverts
*/
modifier onlyAdmin()
{
checkRole(msg.sender, ROLE_ADMIN);
_;
}
/**
* @dev modifier to scope access to a set of roles (uses msg.sender as addr)
* @param roleNames the names of the roles to scope access to
* // reverts
*
* @TODO - when solidity supports dynamic arrays as arguments, provide this
* @TODO - when solidity supports dynamic arrays as arguments to modifiers, provide this
* see: https://github.com/ethereum/solidity/issues/2467
*/
// modifier onlyRoles(string[] roleNames) {