npm - @etherisc/gif-next - Versions diffs - 0.0.2-9e6b423-414 → 0.0.2-9f51324-299 - Mend

@etherisc/gif-next 0.0.2-9e6b423-414 → 0.0.2-9f51324-299

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (337) hide show

package/contracts/authorization/AccessAdminLib.sol CHANGED Viewed

@@ -6,57 +6,19 @@ import {AccessManagedUpgradeable} from "@openzeppelin/contracts-upgradeable/acce
 import {IAccess} from "./IAccess.sol";
 import {IAccessAdmin} from "./IAccessAdmin.sol";
 import {IAuthorization} from "./IAuthorization.sol";
-import {IComponent} from "../shared/IComponent.sol";
 import {IRegistry} from "../registry/IRegistry.sol";
-import {IService} from "../shared/IService.sol";
-import {IServiceAuthorization} from "./IServiceAuthorization.sol";
 import {ContractLib} from "../shared/ContractLib.sol";
 import {ObjectType} from "../type/ObjectType.sol";
-import {RoleId, RoleIdLib} from "../type/RoleId.sol";
+import {RoleId} from "../type/RoleId.sol";
 import {SelectorLib} from "../type/Selector.sol";
 import {Str, StrLib} from "../type/String.sol";
 import {TimestampLib} from "../type/Timestamp.sol";
-import {VersionPart, VersionPartLib} from "../type/Version.sol";
+import {VersionPart} from "../type/Version.sol";
 library AccessAdminLib { // ACCESS_ADMIN_LIB
-    string public constant TOKEN_HANDLER_SUFFIX = "Th";
-    string public constant ROLE_SUFFIX = "_Role";
-    uint64 public constant SERVICE_DOMAIN_ROLE_FACTOR = 100;
-    uint64 public constant COMPONENT_ROLE_FACTOR = 1000;
-    uint64 public constant COMPONENT_ROLE_MAX = 19000;
-    uint64 public constant CORE_ROLE_MIN        =     100;
-    uint64 public constant SERVICE_ROLE_MIN     =    1000; // + service domain * SERVICE_ROLE_FACTOR + release
-    uint64 public constant SERVICE_ROLE_FACTOR  =    1000;
-    uint64 public constant INSTANCE_ROLE_MIN    =  100000;
-    // MUST match with Authorization.COMPONENT_ROLE_MIN
-    uint64 public constant COMPONENT_ROLE_MIN   =  110000;
-    uint64 public constant CUSTOM_ROLE_MIN      = 1000000;
-    function getSelectors(
-        IAccess.FunctionInfo[] memory functions
-    )
-        public
-        pure
-        returns (
-            bytes4[] memory selectors
-        )
-    {
-        uint256 n = functions.length;
-        selectors = new bytes4[](n);
-        for (uint256 i = 0; i < n; i++) {
-            selectors[i] = functions[i].selector.toBytes4();
-        }
-    }
     function checkRoleCreation(
         IAccessAdmin accessAdmin,
         RoleId roleId,
@@ -92,7 +54,6 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
         }
     }
     function checkTargetCreation(
         IAccessAdmin accessAdmin,
         address target,
@@ -136,6 +97,7 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
                 revert IAccessAdmin.ErrorAccessAdminTargetAuthorityMismatch(accessAdmin.authority(), targetAuthority);
             }
         }
     }
@@ -144,7 +106,6 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
         address authorization,
         ObjectType expectedDomain,
         VersionPart expectedRelease,
-        bool expectServiceAuthorization,
         bool checkAlreadyInitialized
     )
         public
@@ -157,14 +118,8 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
         }
         // check contract type matches
-        if (expectServiceAuthorization) {
-            if (!ContractLib.supportsInterface(authorization, type(IServiceAuthorization).interfaceId)) {
-                revert IAccessAdmin.ErrorAccessAdminNotServiceAuthorization(authorization);
-            }
-        } else {
-            if (!ContractLib.supportsInterface(authorization, type(IAuthorization).interfaceId)) {
-                revert IAccessAdmin.ErrorAccessAdminNotAuthorization(authorization);
-            }
+        if (!ContractLib.supportsInterface(authorization, type(IAuthorization).interfaceId)) {
+            revert IAccessAdmin.ErrorAccessAdminNotAuthorization(authorization);
         }
         // check domain matches
@@ -189,8 +144,6 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
         public
         view
     {
-        checkRegistry(registry);
         ObjectType tagetType = IRegistry(registry).getObjectInfo(target).objectType;
         if (tagetType.eqz()) {
             revert IAccessAdmin.ErrorAccessAdminNotRegistered(target);
@@ -201,161 +154,7 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
         }
     }
-    function checkRegistry(
-        address registry
-    )
-        public
-        view
-    {
-        if (!ContractLib.isRegistry(registry)) {
-            revert IAccessAdmin.ErrorAccessAdminNotRegistry(registry);
-        }
-    }
-    function getServiceRoleId(
-        address serviceAddress,
-        IAccess.TargetType serviceTargetType
-    )
-        public
-        view
-        returns (RoleId serviceRoleId)
-    {
-        IService service = IService(serviceAddress);
-        if (serviceTargetType == IAccess.TargetType.Service) {
-            return RoleIdLib.toServiceRoleId(service.getDomain(), service.getRelease());
-        } else if (serviceTargetType == IAccess.TargetType.GenericService) {
-            return RoleIdLib.toGenericServiceRoleId(service.getDomain());
-        }
-        revert IAccessAdmin.ErrorAccessAdminInvalidServiceType(serviceAddress, serviceTargetType);
-    }
-    function getVersionedServiceRoleId(
-        ObjectType serviceDomain,
-        VersionPart release
-    )
-        public
-        pure
-        returns (RoleId serviceRoleId)
-    {
-        return RoleIdLib.toRoleId(
-            SERVICE_ROLE_MIN + SERVICE_ROLE_FACTOR * serviceDomain.toInt() + release.toInt());
-    }
-    function getGenericServiceRoleId(
-        ObjectType serviceDomain
-    )
-        public
-        pure
-        returns (RoleId serviceRoleId)
-    {
-        return RoleIdLib.toRoleId(
-            SERVICE_ROLE_MIN + SERVICE_ROLE_FACTOR * serviceDomain.toInt() + VersionPartLib.releaseMax().toInt());
-    }
-    function getCustomRoleId(uint64 index)
-        public
-        pure
-        returns (RoleId customRoleId)
-    {
-        return RoleIdLib.toRoleId(CUSTOM_ROLE_MIN + index);
-    }
-    function isCustomRole(RoleId roleId)
-        public
-        pure
-        returns (bool)
-    {
-        return roleId.toInt() >= CUSTOM_ROLE_MIN;
-    }
-    function getTargetRoleId(
-        address target,
-        IAccess.TargetType targetType,
-        uint64 index
-    )
-        public
-        view
-        returns (RoleId targetRoleId)
-    {
-        if (targetType == IAccess.TargetType.Core) {
-            return RoleIdLib.toRoleId(CORE_ROLE_MIN + index);
-        }
-        if (targetType == IAccess.TargetType.Service || targetType == IAccess.TargetType.GenericService ) {
-            return getServiceRoleId(target, targetType);
-        }
-        if (targetType == IAccess.TargetType.Instance) {
-            return RoleIdLib.toRoleId(INSTANCE_ROLE_MIN + index);
-        }
-        if (targetType == IAccess.TargetType.Component) {
-            return RoleIdLib.toRoleId(COMPONENT_ROLE_MIN + index);
-        }
-        if (targetType == IAccess.TargetType.Custom) {
-            return RoleIdLib.toRoleId(CUSTOM_ROLE_MIN + index);
-        }
-        revert IAccessAdmin.ErrorAccessAdminInvalidTargetType(target, targetType);
-    }
-    function getTokenHandler(
-        address target,
-        string memory targetName,
-        IAccess.TargetType targetType
-    )
-        public
-        view
-        returns (
-            address tokenHandler,
-            string memory tokenHandlerName
-        )
-    {
-        // not component or core (we need to check core because of staking)
-        if (targetType != IAccess.TargetType.Component && targetType != IAccess.TargetType.Core) {
-            return (address(0), "");
-        }
-        // not contract
-        if (!ContractLib.isContract(target)) {
-            return (address(0), "");
-        }
-        // not component
-        if (!ContractLib.supportsInterface(target, type(IComponent).interfaceId)) {
-            return (address(0), "");
-        }
-        tokenHandler = address(IComponent(target).getTokenHandler());
-        tokenHandlerName = string(abi.encodePacked(targetName, TOKEN_HANDLER_SUFFIX));
-    }
-    function toRoleName(string memory name) public pure returns (string memory) {
-        return string(
-            abi.encodePacked(
-                name,
-                ROLE_SUFFIX));
-    }
-    function toRole(
-        RoleId adminRoleId,
-        IAccessAdmin.RoleType roleType,
-        uint32 maxMemberCount,
-        string memory name
-    )
+    function toRole(RoleId adminRoleId, IAccessAdmin.RoleType roleType, uint32 maxMemberCount, string memory name)
         public
         view
         returns (IAccess.RoleInfo memory)
@@ -370,23 +169,11 @@ library AccessAdminLib { // ACCESS_ADMIN_LIB
         });
     }
-    function toFunction(
-        bytes4 selector,
-        string memory name
-    )
+    function toFunction(bytes4 selector, string memory name)
         public
         view
         returns (IAccess.FunctionInfo memory)
     {
-        if(selector == bytes4(0)) {
-            revert IAccessAdmin.ErrorAccessAdminSelectorZero();
-        }
-        if(bytes(name).length == 0) {
-            revert IAccessAdmin.ErrorAccessAdminFunctionNameEmpty();
-        }
         return IAccess.FunctionInfo({
             name: StrLib.toStr(name),
             selector: SelectorLib.toSelector(selector),

package/contracts/authorization/Authorization.sol CHANGED Viewed

@@ -4,49 +4,75 @@ pragma solidity ^0.8.20;
 import {IAccess} from "./IAccess.sol";
 import {IAuthorization} from "./IAuthorization.sol";
-import {ADMIN_ROLE_NAME, PUBLIC_ROLE_NAME} from "./AccessAdmin.sol";
+import {InitializableERC165} from "../shared/InitializableERC165.sol";
 import {ObjectType, ObjectTypeLib} from "../type/ObjectType.sol";
-import {RoleId, RoleIdLib, ADMIN_ROLE, PUBLIC_ROLE} from "../type/RoleId.sol";
+import {RoleId, RoleIdLib, ADMIN_ROLE} from "../type/RoleId.sol";
 import {SelectorLib} from "../type/Selector.sol";
-import {ServiceAuthorization} from "../authorization/ServiceAuthorization.sol";
 import {Str, StrLib} from "../type/String.sol";
 import {TimestampLib} from "../type/Timestamp.sol";
 import {VersionPart, VersionPartLib} from "../type/Version.sol";
 contract Authorization is
-    ServiceAuthorization,
+    InitializableERC165,
     IAuthorization
 {
+    uint256 public constant GIF_RELEASE = 3;
-    // MUST match with AccessAdminLib.COMPONENT_ROLE_MIN
-    uint64 public constant COMPONENT_ROLE_MIN = 110000;
+    string public constant ROLE_NAME_SUFFIX = "Role";
+    string public constant SERVICE_ROLE_NAME_SUFFIX = "ServiceRole";
     uint64 internal _nextGifContractRoleId;
+    ObjectType[] internal _serviceDomains;
+    mapping(ObjectType domain => Str target) internal _serviceTarget;
+    string internal _mainTargetName = "Component";
+    string internal _tokenHandlerName = "ComponentTH";
-    string internal _tokenHandlerName = "ComponentTh";
+    ObjectType internal _domain;
+    Str internal _mainTarget;
     Str internal _tokenHandlerTarget;
+    Str[] internal _targets;
+    mapping(Str target => RoleId roleid) internal _targetRole;
+    mapping(Str target => bool exists) internal _targetExists;
+    RoleId[] internal _roles;
+    mapping(RoleId role => RoleInfo info) internal _roleInfo;
+    mapping(Str target => RoleId[] authorizedRoles) internal _authorizedRoles;
+    mapping(Str target => mapping(RoleId authorizedRole => IAccess.FunctionInfo[] functions)) internal _authorizedFunctions;
     constructor(
         string memory mainTargetName,
-        ObjectType domain,
-        uint8 release,
-        string memory commitHash,
+        ObjectType targetDomain,
         bool isComponent,
         bool includeTokenHandler
     )
-        ServiceAuthorization(mainTargetName, domain, release, commitHash)
     {
+        // checks
+        if (bytes(mainTargetName).length == 0) {
+            revert ErrorAuthorizationMainTargetNameEmpty();
+        }
+        if (targetDomain == ObjectTypeLib.zero()) {
+            revert ErrorAuthorizationTargetDomainZero();
+        }
+        // effects
+        _initializeERC165();
+        _domain = targetDomain;
+        _mainTargetName = mainTargetName;
+        _mainTarget = StrLib.toStr(mainTargetName);
         _nextGifContractRoleId = 10;
-        // setup main target
         if (isComponent) {
-            if (domain.eqz()) {
+            if (targetDomain.eqz()) {
                 revert ErrorAuthorizationTargetDomainZero();
             }
-            RoleId mainRoleId = RoleIdLib.toRoleId(COMPONENT_ROLE_MIN);
+            RoleId mainRoleId = RoleIdLib.toComponentRoleId(targetDomain, 0);
             string memory mainRolName = _toTargetRoleName(_mainTargetName);
             _addTargetWithRole(
@@ -54,9 +80,8 @@ contract Authorization is
                 mainRoleId,
                 mainRolName);
         } else {
-            _addGifTarget(_mainTargetName);
+            _addGifContractTarget(_mainTargetName);
         }
         // setup use case specific parts
         _setupServiceTargets();
         _setupRoles(); // not including main target role
@@ -65,7 +90,7 @@ contract Authorization is
         // setup component token handler
         if (includeTokenHandler) {
-            _tokenHandlerName = string(abi.encodePacked(mainTargetName, "Th"));
+            _tokenHandlerName = string(abi.encodePacked(mainTargetName, "TH"));
             _tokenHandlerTarget = StrLib.toStr(_tokenHandlerName);
             _addTarget(_tokenHandlerName);
             _setupTokenHandlerAuthorizations();
@@ -74,6 +99,47 @@ contract Authorization is
         _registerInterfaceNotInitializing(type(IAuthorization).interfaceId);
     }
+    function getDomain() external view returns(ObjectType targetDomain) {
+        return _domain;
+    }
+    function getServiceDomains() external view returns(ObjectType[] memory serviceDomains) {
+        return _serviceDomains;
+    }
+    function getComponentRole(ObjectType componentDomain) public view returns(RoleId roleId) {
+        return RoleIdLib.toComponentRoleId(componentDomain, 0);
+    }
+    function getServiceRole(ObjectType serviceDomain) public virtual pure returns (RoleId serviceRoleId) {
+        return RoleIdLib.roleForTypeAndVersion(
+            serviceDomain,
+            getRelease());
+    }
+    function getServiceTarget(ObjectType serviceDomain) external view returns(Str serviceTarget) {
+        return _serviceTarget[serviceDomain];
+    }
+    function getRoles() external view returns(RoleId[] memory roles) {
+        return _roles;
+    }
+    function roleExists(RoleId roleId) public view returns(bool exists) {
+        return _roleInfo[roleId].roleType != RoleType.Undefined;
+    }
+    function getRoleInfo(RoleId roleId) external view returns (RoleInfo memory info) {
+        return _roleInfo[roleId];
+    }
+    function getMainTargetName() public virtual view returns (string memory name) {
+        return _mainTargetName;
+    }
+    function getMainTarget() public view returns(Str) {
+        return _mainTarget;
+    }
     function getTokenHandlerName() public view returns(string memory) {
         return _tokenHandlerName;
@@ -83,7 +149,7 @@ contract Authorization is
         return _tokenHandlerTarget;
     }
-    function getTarget(string memory targetName) public pure returns(Str target) {
+    function getTarget(string memory targetName) public view returns(Str target) {
         return StrLib.toStr(targetName);
     }
@@ -95,31 +161,111 @@ contract Authorization is
         return target == _mainTarget || _targetExists[target];
     }
+    function getTargetRole(Str target) public view returns(RoleId roleId) {
+        return _targetRole[target];
+    }
+    function getAuthorizedRoles(Str target) external view returns(RoleId[] memory roleIds) {
+        return _authorizedRoles[target];
+    }
+    function getAuthorizedFunctions(Str target, RoleId roleId) external view returns(IAccess.FunctionInfo[] memory authorizatedFunctions) {
+        return _authorizedFunctions[target][roleId];
+    }
+    function getRelease() public virtual pure returns(VersionPart release) {
+        return VersionPartLib.toVersionPart(GIF_RELEASE);
+    }
     /// @dev Sets up the relevant service targets for the component.
     /// Overwrite this function for use case specific authorizations.
-    // solhint-disable-next-line no-empty-blocks
     function _setupServiceTargets() internal virtual { }
     /// @dev Sets up the relevant (non-service) targets for the component.
     /// Overwrite this function for use case specific authorizations.
-    // solhint-disable-next-line no-empty-blocks
     function _setupTargets() internal virtual { }
     /// @dev Sets up the relevant roles for the component.
     /// Overwrite this function for use case specific authorizations.
-    // solhint-disable-next-line no-empty-blocks
     function _setupRoles() internal virtual {}
     /// @dev Sets up the relevant component's token handler authorizations.
     /// Overwrite this function for use case specific authorizations.
-    // solhint-disable-next-line no-empty-blocks
     function _setupTokenHandlerAuthorizations() internal virtual {}
     /// @dev Sets up the relevant target authorizations for the component.
     /// Overwrite this function for use case specific authorizations.
-    // solhint-disable-next-line no-empty-blocks
     function _setupTargetAuthorizations() internal virtual {}
+    function _addGifContractTarget(string memory contractName) internal {
+        RoleId contractRoleId = RoleIdLib.toRoleId(_nextGifContractRoleId++);
+        string memory contractRoleName = string(
+            abi.encodePacked(
+                contractName,
+                ROLE_NAME_SUFFIX));
+        _addTargetWithRole(
+            contractName,
+            contractRoleId,
+            contractRoleName);
+    }
+    /// @dev Add the service target role for the specified service domain
+    function _addServiceTargetWithRole(ObjectType serviceDomain) internal {
+        // add service domain
+        _serviceDomains.push(serviceDomain);
+        // get versioned target name
+        string memory serviceTargetName = ObjectTypeLib.toVersionedName(
+                ObjectTypeLib.toName(serviceDomain),
+                "Service",
+                getRelease());
+        _serviceTarget[serviceDomain] = StrLib.toStr(serviceTargetName);
+        RoleId serviceRoleId = getServiceRole(serviceDomain);
+        string memory serviceRoleName = ObjectTypeLib.toVersionedName(
+                ObjectTypeLib.toName(serviceDomain),
+                "ServiceRole",
+                getRelease());
+        _addTargetWithRole(
+            serviceTargetName,
+            serviceRoleId,
+            serviceRoleName);
+    }
+    /// @dev Use this method to to add an authorized role.
+    function _addRole(RoleId roleId, RoleInfo memory info) internal {
+        _roles.push(roleId);
+        _roleInfo[roleId] = info;
+    }
+    /// @dev Add a contract role for the provided role id and name.
+    function _addContractRole(RoleId roleId, string memory name) internal {
+        _addRole(
+            roleId,
+            _toRoleInfo(
+                ADMIN_ROLE(),
+                RoleType.Contract,
+                1,
+                name));
+    }
+    /// @dev Add the versioned service role for the specified service domain
+    function _addServiceRole(ObjectType serviceDomain) internal {
+        _addContractRole(
+            getServiceRole(serviceDomain),
+            ObjectTypeLib.toVersionedName(
+                ObjectTypeLib.toName(serviceDomain),
+                SERVICE_ROLE_NAME_SUFFIX,
+                getRelease()));
+    }
     /// @dev Add a contract role for the provided role id and name.
     function _addCustomRole(RoleId roleId, RoleId adminRoleId, uint32 maxMemberCount, string memory name) internal {
@@ -132,18 +278,31 @@ contract Authorization is
                 name));
     }
-    /// @dev Add a gif target with its corresponding contract role
-    function _addGifTarget(string memory contractName) internal {
-        RoleId contractRoleId = RoleIdLib.toRoleId(_nextGifContractRoleId++);
-        string memory contractRoleName = string(
-            abi.encodePacked(
-                contractName,
-                ROLE_NAME_SUFFIX));
-        _addTargetWithRole(
-            contractName,
-            contractRoleId,
-            contractRoleName);
+    /// @dev Use this method to to add an authorized target together with its target role.
+    function _addTargetWithRole(
+        string memory targetName,
+        RoleId roleId,
+        string memory roleName
+    )
+        internal
+    {
+        // add target
+        Str target = StrLib.toStr(targetName);
+        _targets.push(target);
+        _targetExists[target] = true;
+        // link role to target if defined
+        if (roleId != RoleIdLib.zero()) {
+            // add role if new
+            if (!roleExists(roleId)) {
+                _addContractRole(roleId, roleName);
+            }
+            // link target to role
+            _targetRole[target] = roleId;
+        }
     }
@@ -153,22 +312,54 @@ contract Authorization is
     }
-    /// @dev Role id for targets registry, staking and instance
+    /// @dev Use this method to authorize the specified role to access the target.
+    function _authorizeForTarget(string memory target, RoleId authorizedRoleId)
+        internal
+        returns (IAccess.FunctionInfo[] storage authorizatedFunctions)
+    {
+        Str targetStr = StrLib.toStr(target);
+        _authorizedRoles[targetStr].push(authorizedRoleId);
+        return _authorizedFunctions[targetStr][authorizedRoleId];
+    }
+    /// @dev Use this method to authorize a specific function authorization
+    function _authorize(IAccess.FunctionInfo[] storage functions, bytes4 selector, string memory name) internal {
+        functions.push(
+            IAccess.FunctionInfo({
+                selector: SelectorLib.toSelector(selector),
+                name: StrLib.toStr(name),
+                createdAt: TimestampLib.blockTimestamp()}));
+    }
+    /// @dev role id for targets registry, staking and instance
     function _toTargetRoleId(ObjectType targetDomain)
         internal
         pure
         returns (RoleId targetRoleId)
     {
-        return RoleIdLib.toRoleId(100 * targetDomain.toInt());
+        return RoleIdLib.roleForType(targetDomain);
     }
-    /// @dev Returns the role name for the specified target name
     function _toTargetRoleName(string memory targetName) internal pure returns (string memory) {
         return string(
             abi.encodePacked(
                 targetName,
                 ROLE_NAME_SUFFIX));
     }
+    /// @dev creates a role info object from the provided parameters
+    function _toRoleInfo(RoleId adminRoleId, RoleType roleType, uint32 maxMemberCount, string memory name) internal view returns (RoleInfo memory info) {
+        return RoleInfo({
+            name: StrLib.toStr(name),
+            adminRoleId: adminRoleId,
+            roleType: roleType,
+            maxMemberCount: maxMemberCount,
+            createdAt: TimestampLib.blockTimestamp(),
+            pausedAt: TimestampLib.max()});
+    }
 }