npm - @etherisc/gif-next - Versions diffs - 0.0.2-a0a9c3a-892 → 0.0.2-a0d433e-961 - Mend

@etherisc/gif-next 0.0.2-a0a9c3a-892 → 0.0.2-a0d433e-961

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (164) hide show

package/contracts/instance/InstanceService.sol CHANGED Viewed

@@ -2,41 +2,47 @@
 pragma solidity ^0.8.20;
 import {Clones} from "@openzeppelin/contracts/proxy/Clones.sol";
-import {AccessManagerUpgradeable} from "@openzeppelin/contracts-upgradeable/access/manager/AccessManagerUpgradeable.sol";
-import {AccessManagerUpgradeableInitializeable} from "./AccessManagerUpgradeableInitializeable.sol";
-import {InstanceAccessManager} from "./InstanceAccessManager.sol";
 import {Instance} from "./Instance.sol";
+import {InstanceAccessManager} from "./InstanceAccessManager.sol";
 import {IInstanceService} from "./IInstanceService.sol";
 import {InstanceReader} from "./InstanceReader.sol";
 import {BundleManager} from "./BundleManager.sol";
 import {IRegistry} from "../registry/IRegistry.sol";
-import {Registry} from "../registry/Registry.sol";
 import {RegistryService} from "../registry/RegistryService.sol";
+import {ChainNft} from "../registry/ChainNft.sol";
 import {Service} from "../../contracts/shared/Service.sol";
 import {IService} from "../shared/IService.sol";
-import {ContractDeployerLib} from "../shared/ContractDeployerLib.sol";
-import {NftId, NftIdLib, zeroNftId} from "../../contracts/types/NftId.sol";
+import {NftId} from "../../contracts/types/NftId.sol";
 import {RoleId} from "../types/RoleId.sol";
 import {VersionLib} from "../types/Version.sol";
 import {ADMIN_ROLE, INSTANCE_SERVICE_ROLE, DISTRIBUTION_SERVICE_ROLE, POOL_SERVICE_ROLE, PRODUCT_SERVICE_ROLE, POLICY_SERVICE_ROLE, BUNDLE_SERVICE_ROLE} from "../types/RoleId.sol";
 contract InstanceService is Service, IInstanceService {
-    address internal _registryAddress;
-    address internal _accessManagerMaster;
-    address internal _instanceMaster;
-    address internal _instanceReaderMaster;
-    address internal _instanceBundleManagerMaster;
+    address internal _masterInstanceAccessManager;
+    address internal _masterInstance;
+    address internal _masterInstanceReader;
+    address internal _masterInstanceBundleManager;
     // TODO update to real hash when instance is stable
     bytes32 public constant INSTANCE_CREATION_CODE_HASH = bytes32(0);
     string public constant NAME = "InstanceService";
+    modifier onlyInstanceOwner(NftId instanceNftId) {
+        IRegistry registry = getRegistry();
+        ChainNft chainNft = registry.getChainNft();
+        if( msg.sender != chainNft.ownerOf(instanceNftId.toInt())) {
+            revert ErrorInstanceServiceNotInstanceOwner(msg.sender, instanceNftId);
+        }
+        _;
+    }
     function createInstanceClone()
         external
         returns (
-            AccessManagerUpgradeableInitializeable clonedAccessManager,
+            InstanceAccessManager clonedAccessManager,
             Instance clonedInstance,
             NftId clonedInstanceNftId,
             InstanceReader clonedInstanceReader,
@@ -44,28 +50,29 @@ contract InstanceService is Service, IInstanceService {
         )
     {
         address instanceOwner = msg.sender;
-        Registry registry = Registry(_registryAddress);
-        NftId registryNftId = registry.getNftId(_registryAddress);
+        IRegistry registry = getRegistry();
+        address registryAddress = address(registry);
+        NftId registryNftId = registry.getNftId(registryAddress);
         address registryServiceAddress = registry.getServiceAddress("RegistryService", VersionLib.toVersion(3, 0, 0).toMajorPart());
         RegistryService registryService = RegistryService(registryServiceAddress);
         // initially set the authority of the access managar to this (being the instance service).
         // This will allow the instance service to bootstrap the authorizations of the instance
         // and then transfer the ownership of the access manager to the instance owner once everything is setup
-        clonedAccessManager = AccessManagerUpgradeableInitializeable(Clones.clone(_accessManagerMaster));
-        clonedAccessManager.__AccessManagerUpgradeableInitializeable_init(address(this));
+        clonedAccessManager = InstanceAccessManager(Clones.clone(_masterInstanceAccessManager));
+        clonedAccessManager.__InstanceAccessManager_initialize(address(this));
-        clonedInstance = Instance(Clones.clone(_instanceMaster));
-        clonedInstance.initialize(address(clonedAccessManager), _registryAddress, registryNftId, msg.sender);
+        clonedInstance = Instance(Clones.clone(_masterInstance));
+        clonedInstance.initialize(address(clonedAccessManager), registryAddress, registryNftId, msg.sender);
         ( IRegistry.ObjectInfo memory info, ) = registryService.registerInstance(clonedInstance);
         clonedInstanceNftId = info.nftId;
-        clonedInstanceReader = InstanceReader(Clones.clone(address(_instanceReaderMaster)));
-        clonedInstanceReader.initialize(_registryAddress, clonedInstanceNftId);
+        clonedInstanceReader = InstanceReader(Clones.clone(address(_masterInstanceReader)));
+        clonedInstanceReader.initialize(registryAddress, clonedInstanceNftId);
         clonedInstance.setInstanceReader(clonedInstanceReader);
-        clonedBundleManager = BundleManager(Clones.clone(_instanceBundleManagerMaster));
-        clonedBundleManager.initialize(address(clonedAccessManager), _registryAddress, clonedInstanceNftId);
+        clonedBundleManager = BundleManager(Clones.clone(_masterInstanceBundleManager));
+        clonedBundleManager.initialize(address(clonedAccessManager), registryAddress, clonedInstanceNftId);
         clonedInstance.setBundleManager(clonedBundleManager);
         // TODO amend setters with instance specific , policy manager ...
@@ -74,38 +81,58 @@ contract InstanceService is Service, IInstanceService {
         // to complete setup switch instance ownership to the instance owner
         // TODO: use a role less powerful than admin, maybe INSTANCE_ADMIN (does not exist yet)
-        clonedAccessManager.grantRole(ADMIN_ROLE().toInt(), instanceOwner, 0);
-        clonedAccessManager.revokeRole(ADMIN_ROLE().toInt(), address(this));
+        clonedAccessManager.grantRole(ADMIN_ROLE(), instanceOwner);
+        clonedAccessManager.revokeRole(ADMIN_ROLE(), address(this));
         emit LogInstanceCloned(address(clonedAccessManager), address(clonedInstance), address(clonedInstanceReader), clonedInstanceNftId);
     }
-    function _grantInitialAuthorizations(AccessManagerUpgradeable clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
+    function _grantInitialAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
+        _createGifTargets(clonedAccessManager, clonedInstance, clonedBundleManager);
+        _grantDistributionServiceAuthorizations(clonedAccessManager, clonedInstance);
+        _grantPoolServiceAuthorizations(clonedAccessManager, clonedInstance);
+        _grantProductServiceAuthorizations(clonedAccessManager, clonedInstance);
+        _grantPolicyServiceAuthorizations(clonedAccessManager, clonedInstance);
+        _grantBundleServiceAuthorizations(clonedAccessManager, clonedInstance, clonedBundleManager);
+        _grantInstanceServiceAuthorizations(clonedAccessManager, clonedInstance);
+    }
+    function _createGifTargets(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
+        clonedAccessManager.createGifTarget(address(clonedInstance), "Instance");
+        clonedAccessManager.createGifTarget(address(clonedBundleManager), "BundleManager");
+    }
+    function _grantDistributionServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
         // configure authorization for distribution service on instance
+        IRegistry registry = getRegistry();
         address distributionServiceAddress = _registry.getServiceAddress("DistributionService", VersionLib.toVersion(3, 0, 0).toMajorPart());
-        clonedAccessManager.grantRole(DISTRIBUTION_SERVICE_ROLE().toInt(), distributionServiceAddress, 0);
+        clonedAccessManager.grantRole(DISTRIBUTION_SERVICE_ROLE(), address(distributionServiceAddress));
         bytes4[] memory instanceDistributionServiceSelectors = new bytes4[](2);
         instanceDistributionServiceSelectors[0] = clonedInstance.createDistributionSetup.selector;
         instanceDistributionServiceSelectors[1] = clonedInstance.updateDistributionSetup.selector;
         clonedAccessManager.setTargetFunctionRole(
-            address(clonedInstance),
+            "Instance",
             instanceDistributionServiceSelectors,
-            DISTRIBUTION_SERVICE_ROLE().toInt());
+            DISTRIBUTION_SERVICE_ROLE());
+    }
+    function _grantPoolServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
         // configure authorization for pool service on instance
         address poolServiceAddress = _registry.getServiceAddress("PoolService", VersionLib.toVersion(3, 0, 0).toMajorPart());
-        clonedAccessManager.grantRole(POOL_SERVICE_ROLE().toInt(), address(poolServiceAddress), 0);
+        clonedAccessManager.grantRole(POOL_SERVICE_ROLE(), address(poolServiceAddress));
         bytes4[] memory instancePoolServiceSelectors = new bytes4[](4);
         instancePoolServiceSelectors[0] = clonedInstance.createPoolSetup.selector;
         instancePoolServiceSelectors[1] = clonedInstance.updatePoolSetup.selector;
         clonedAccessManager.setTargetFunctionRole(
-            address(clonedInstance),
+            "Instance",
             instancePoolServiceSelectors,
-            POOL_SERVICE_ROLE().toInt());
+            POOL_SERVICE_ROLE());
+    }
+    function _grantProductServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
         // configure authorization for product service on instance
         address productServiceAddress = _registry.getServiceAddress("ProductService", VersionLib.toVersion(3, 0, 0).toMajorPart());
-        clonedAccessManager.grantRole(PRODUCT_SERVICE_ROLE().toInt(), address(productServiceAddress), 0);
+        clonedAccessManager.grantRole(PRODUCT_SERVICE_ROLE(), address(productServiceAddress));
         bytes4[] memory instanceProductServiceSelectors = new bytes4[](5);
         instanceProductServiceSelectors[0] = clonedInstance.createProductSetup.selector;
         instanceProductServiceSelectors[1] = clonedInstance.updateProductSetup.selector;
@@ -113,32 +140,36 @@ contract InstanceService is Service, IInstanceService {
         instanceProductServiceSelectors[3] = clonedInstance.updateRisk.selector;
         instanceProductServiceSelectors[4] = clonedInstance.updateRiskState.selector;
         clonedAccessManager.setTargetFunctionRole(
-            address(clonedInstance),
+            "Instance",
             instanceProductServiceSelectors,
-            PRODUCT_SERVICE_ROLE().toInt());
+            PRODUCT_SERVICE_ROLE());
+    }
+    function _grantPolicyServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
         // configure authorization for policy service on instance
         address policyServiceAddress = _registry.getServiceAddress("PolicyService", VersionLib.toVersion(3, 0, 0).toMajorPart());
-        clonedAccessManager.grantRole(POLICY_SERVICE_ROLE().toInt(), address(policyServiceAddress), 0);
+        clonedAccessManager.grantRole(POLICY_SERVICE_ROLE(), address(policyServiceAddress));
         bytes4[] memory instancePolicyServiceSelectors = new bytes4[](3);
         instancePolicyServiceSelectors[0] = clonedInstance.createPolicy.selector;
         instancePolicyServiceSelectors[1] = clonedInstance.updatePolicy.selector;
         instancePolicyServiceSelectors[2] = clonedInstance.updatePolicyState.selector;
         clonedAccessManager.setTargetFunctionRole(
-            address(clonedInstance),
+            "Instance",
             instancePolicyServiceSelectors,
-            POLICY_SERVICE_ROLE().toInt());
+            POLICY_SERVICE_ROLE());
+    }
+    function _grantBundleServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance, BundleManager clonedBundleManager) internal {
         // configure authorization for bundle service on instance
         address bundleServiceAddress = _registry.getServiceAddress("BundleService", VersionLib.toVersion(3, 0, 0).toMajorPart());
-        clonedAccessManager.grantRole(BUNDLE_SERVICE_ROLE().toInt(), address(bundleServiceAddress), 0);
+        clonedAccessManager.grantRole(BUNDLE_SERVICE_ROLE(), address(bundleServiceAddress));
         bytes4[] memory instanceBundleServiceSelectors = new bytes4[](2);
         instanceBundleServiceSelectors[0] = clonedInstance.createBundle.selector;
         instanceBundleServiceSelectors[1] = clonedInstance.updateBundle.selector;
         clonedAccessManager.setTargetFunctionRole(
-            address(clonedInstance),
+            "Instance",
             instanceBundleServiceSelectors,
-            BUNDLE_SERVICE_ROLE().toInt());
+            BUNDLE_SERVICE_ROLE());
         // configure authorization for bundle service on bundle manager
         bytes4[] memory bundleManagerBundleServiceSelectors = new bytes4[](5);
@@ -148,15 +179,27 @@ contract InstanceService is Service, IInstanceService {
         bundleManagerBundleServiceSelectors[3] = clonedBundleManager.lock.selector;
         bundleManagerBundleServiceSelectors[4] = clonedBundleManager.unlock.selector;
         clonedAccessManager.setTargetFunctionRole(
-            address(clonedBundleManager),
+            "BundleManager",
             bundleManagerBundleServiceSelectors,
-            BUNDLE_SERVICE_ROLE().toInt());
+            BUNDLE_SERVICE_ROLE());
+    }
+    function _grantInstanceServiceAuthorizations(InstanceAccessManager clonedAccessManager, Instance clonedInstance) internal {
+// configure authorization for instance service on instance
+        address instanceServiceAddress = _registry.getServiceAddress("InstanceService", VersionLib.toVersion(3, 0, 0).toMajorPart());
+        clonedAccessManager.grantRole(INSTANCE_SERVICE_ROLE(), instanceServiceAddress);
+        bytes4[] memory instanceInstanceServiceSelectors = new bytes4[](1);
+        instanceInstanceServiceSelectors[0] = clonedInstance.setInstanceReader.selector;
+        clonedAccessManager.setTargetFunctionRole(
+            "Instance",
+            instanceInstanceServiceSelectors,
+            INSTANCE_SERVICE_ROLE());
     }
     function setMasterInstance(address accessManagerAddress, address instanceAddress, address instanceReaderAddress, address bundleManagerAddress) external onlyOwner {
-        require( _accessManagerMaster == address(0), "ERROR:CRD-001:ACCESS_MANAGER_MASTER_ALREADY_SET");
-        require( _instanceMaster == address(0), "ERROR:CRD-002:INSTANCE_MASTER_ALREADY_SET");
-        require( _instanceBundleManagerMaster == address(0), "ERROR:CRD-004:BUNDLE_MANAGER_MASTER_ALREADY_SET");
+        require(_masterInstanceAccessManager == address(0), "ERROR:CRD-001:ACCESS_MANAGER_MASTER_ALREADY_SET");
+        require(_masterInstance == address(0), "ERROR:CRD-002:INSTANCE_MASTER_ALREADY_SET");
+        require(_masterInstanceBundleManager == address(0), "ERROR:CRD-004:BUNDLE_MANAGER_MASTER_ALREADY_SET");
         require (accessManagerAddress != address(0), "ERROR:CRD-005:ACCESS_MANAGER_ZERO");
         require (instanceAddress != address(0), "ERROR:CRD-006:INSTANCE_ZERO");
@@ -171,31 +214,52 @@ contract InstanceService is Service, IInstanceService {
         require(instanceReader.getInstanceNftId() == instance.getNftId(), "ERROR:CRD-010:INSTANCE_READER_INSTANCE_MISMATCH");
         require(bundleManager.getInstanceNftId() == instance.getNftId(), "ERROR:CRD-011:BUNDLE_MANAGER_INSTANCE_MISMATCH");
-        _accessManagerMaster = accessManagerAddress;
-        _instanceMaster = instanceAddress;
-        _instanceReaderMaster = instanceReaderAddress;
-        _instanceBundleManagerMaster = bundleManagerAddress;
+        _masterInstanceAccessManager = accessManagerAddress;
+        _masterInstance = instanceAddress;
+        _masterInstanceReader = instanceReaderAddress;
+        _masterInstanceBundleManager = bundleManagerAddress;
+    }
+    function setMasterInstanceReader(address instanceReaderAddress) external onlyOwner {
+        require(_masterInstanceReader != address(0), "ERROR:CRD-003:INSTANCE_READER_MASTER_NOT_SET");
+        require (instanceReaderAddress != address(0), "ERROR:CRD-012:INSTANCE_READER_ZERO");
+        require(instanceReaderAddress != _masterInstanceReader, "ERROR:CRD-014:INSTANCE_READER_MASTER_SAME_AS_NEW");
+        InstanceReader instanceReader = InstanceReader(instanceReaderAddress);
+        require(instanceReader.getInstanceNftId() == Instance(_masterInstance).getNftId(), "ERROR:CRD-015:INSTANCE_READER_INSTANCE_MISMATCH");
+        _masterInstanceReader = instanceReaderAddress;
     }
     function upgradeInstanceReader(NftId instanceNftId) external {
-        // TODO: ensure this is done by instance owner
-        // TODO: upgrade instance reader of this instance to latest (set above here)
+        IRegistry registry = getRegistry();
+        IRegistry.ObjectInfo memory instanceInfo = registry.getObjectInfo(instanceNftId);
+        Instance instance = Instance(instanceInfo.objectAddress);
+        address owner = instance.getOwner();
+        if (msg.sender != owner) {
+            revert ErrorInstanceServiceRequestUnauhorized(msg.sender);
+        }
+        InstanceReader upgradedInstanceReaderClone = InstanceReader(Clones.clone(address(_masterInstanceReader)));
+        upgradedInstanceReaderClone.initialize(address(registry), instanceNftId);
+        instance.setInstanceReader(upgradedInstanceReaderClone);
     }
-    function getInstanceReaderMaster() external view returns (address) {
-        return _instanceReaderMaster;
+    function getMasterInstanceReader() external view returns (address) {
+        return _masterInstanceReader;
     }
-    function getInstanceMaster() external view returns (address) {
-        return _instanceMaster;
+    function getMasterInstance() external view returns (address) {
+        return _masterInstance;
     }
-    function getAccessManagerMaster() external view returns (address) {
-        return _accessManagerMaster;
+    function getMasterInstanceAccessManager() external view returns (address) {
+        return _masterInstanceAccessManager;
     }
-    function getBundleManagerMaster() external view returns (address) {
-        return _instanceBundleManagerMaster;
+    function getMasterInstanceBundleManager() external view returns (address) {
+        return _masterInstanceBundleManager;
     }
     // From IService
@@ -216,46 +280,21 @@ contract InstanceService is Service, IInstanceService {
         initializer
         virtual override
     {
-        // bytes memory encodedConstructorArguments = abi.encode(
-        //     _registryAddress);
-        // bytes memory instanceCreationCode = ContractDeployerLib.getCreationCode(
-        //     instanceByteCodeWithInitCode,
-        //     encodedConstructorArguments);
-        // address instanceAddress = ContractDeployerLib.deploy(
-        //     instanceCreationCode,
-        //     INSTANCE_CREATION_CODE_HASH);
         address initialOwner = address(0);
-        (_registryAddress, initialOwner) = abi.decode(data, (address, address));
+        address registryAddress = address(0);
+        (registryAddress, initialOwner) = abi.decode(data, (address, address));
         // TODO while InstanceService is not deployed in InstanceServiceManager constructor
         //      owner is InstanceServiceManager deployer
-        _initializeService(_registryAddress, owner);
+        _initializeService(registryAddress, owner);
         _registerInterface(type(IService).interfaceId);
         _registerInterface(type(IInstanceService).interfaceId);
     }
-    // TODO use instanceAddress instead of nft
-    /*function hasRole(address account, RoleId role, NftId instanceNftId) external view returns (bool) {
-        IRegistry.ObjectInfo memory instanceObjectInfo = getRegistry().getObjectInfo(instanceNftId);
-        address instanceAddress = instanceObjectInfo.objectAddress;
-        Instance instance = Instance(instanceAddress);
-        AccessManagerUpgradeable accessManager = AccessManagerUpgradeable(instance.authority());
-        (bool isMember, uint32 executionDelay) = accessManager.hasRole(role.toInt(), account);
-        if (executionDelay > 0) {
-            return false;
-        }
-        return isMember;
-    }*/
-    function hasRole(address account, RoleId role, address instanceAddress) external view returns (bool) {
+    function hasRole(address account, RoleId role, address instanceAddress) public view returns (bool) {
         Instance instance = Instance(instanceAddress);
-        AccessManagerUpgradeable accessManager = AccessManagerUpgradeable(instance.authority());
-        (bool isMember, uint32 executionDelay) = accessManager.hasRole(role.toInt(), account);
-        if (executionDelay > 0) {
-            return false;
-        }
-        return isMember;
+        InstanceAccessManager accessManager = instance.getInstanceAccessManager();
+        return accessManager.hasRole(role, account);
     }
 }

package/contracts/instance/module/IAccess.sol CHANGED Viewed

@@ -5,34 +5,44 @@ import {EnumerableSet} from "@openzeppelin/contracts/utils/structs/EnumerableSet
 import {ShortString, ShortStrings} from "@openzeppelin/contracts/utils/ShortStrings.sol";
 import {RoleId} from "../../types/RoleId.sol";
+import {Timestamp} from "../../types/Timestamp.sol";
 interface IAccess {
     struct RoleInfo {
         ShortString name;
         bool isCustom;
+        bool isLocked;
+        Timestamp createdAt;
+        Timestamp updatedAt;
     }
     struct TargetInfo {
         ShortString name;
         bool isCustom;
+        bool isLocked;
+        Timestamp createdAt;
+        Timestamp updatedAt;
     }
-    error ErrorTargetAddressZero();
-    error ErrorTargetAlreadyExists(address target, ShortString name);
-    error ErrorTargetDoesNotExist(address target);
-    error ErrorTargetNameEmpty(address target);
-    error ErrorTargetNameExists(address target, address existingTarget, ShortString name);
-    error ErrorRoleIdInvalid(RoleId roleId);
-    error ErrorRoleIdTooBig(RoleId roleId);
-    error ErrorRoleIdTooSmall(RoleId roleId);
-    error ErrorRoleIdAlreadyExists(RoleId roleId, ShortString name);
-    error ErrorRoleIdNotActive(RoleId roleId);
-    error ErrorRoleNameEmpty(RoleId roleId);
-    error ErrorRoleNameNotUnique(RoleId roleId, ShortString name);
-    error ErrorRoleInvalidUpdate(RoleId roleId, bool isCustom);
-    error ErrorGrantNonexstentRole(RoleId roleId);
-    error ErrorRevokeNonexstentRole(RoleId roleId);
-    error ErrorRenounceNonexstentRole(RoleId roleId);
+    error ErrorIAccessRoleIdInvalid(RoleId roleId);
+    error ErrorIAccessRoleIdTooBig(RoleId roleId);
+    error ErrorIAccessRoleIdTooSmall(RoleId roleId);
+    error ErrorIAccessRoleIdAlreadyExists(RoleId roleId, ShortString name);
+    error ErrorIAccessRoleIdNotActive(RoleId roleId);
+    error ErrorIAccessRoleNameEmpty(RoleId roleId);
+    error ErrorIAccessRoleNameNotUnique(RoleId roleId, ShortString name);
+    error ErrorIAccessRoleInvalidUpdate(RoleId roleId, bool isCustom);
+    error ErrorIAccessRoleIsCustomIsImmutable(RoleId roleId, bool isCustom, bool isCustomExisting);
+    error ErrorIAccessSetLockedForNonexstentRole(RoleId roleId);
+    error ErrorIAccessGrantNonexstentRole(RoleId roleId);
+    error ErrorIAccessRevokeNonexstentRole(RoleId roleId);
+    error ErrorIAccessRenounceNonexstentRole(RoleId roleId);
+    error ErrorIAccessTargetAddressZero();
+    error ErrorIAccessTargetAlreadyExists(address target, ShortString name);
+    error ErrorIAccessTargetNameEmpty(address target);
+    error ErrorIAccessTargetNameExists(address target, address existingTarget, ShortString name);
+    error ErrorIAccessSetLockedForNonexstentTarget(address target);
 }

package/contracts/types/RoleId.sol CHANGED Viewed

@@ -24,7 +24,6 @@ function PRODUCT_OWNER_ROLE_NAME() pure returns (string memory) { return "Produc
 function ADMIN_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(0); }
-// TODO correct numbers (maybe they are already defined in RegistryService)
 function DISTRIBUTION_OWNER_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(100); }
 function ORACLE_OWNER_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(200); }
 function POOL_OWNER_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(300); }
@@ -36,13 +35,13 @@ function BUNDLE_REGISTRAR_ROLE() pure returns (RoleId) { return RoleIdLib.toRole
 function POOL_REGISTRAR_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(1300); }
 function PRODUCT_REGISTRAR_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(1400); }
-function DISTRIBUTION_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(10000); }
-function POOL_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(10100); }
-function PRODUCT_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(10200); }
-function POLICY_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(10300); }
-function BUNDLE_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(10400); }
+function INSTANCE_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(2000); }
+function DISTRIBUTION_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(2100); }
+function POOL_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(2200); }
+function PRODUCT_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(2300); }
+function POLICY_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(2400); }
+function BUNDLE_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(2500); }
-function INSTANCE_SERVICE_ROLE() pure returns (RoleId) { return RoleIdLib.toRoleId(11000); }
 // @dev Returns true iff role ids a and b are identical
 function eqRoleId(RoleId a, RoleId b) pure returns (bool isSame) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@etherisc/gif-next",
-  "version": "0.0.2-a0a9c3a-892",
+  "version": "0.0.2-a0d433e-961",
   "description": "This is the repository for the next version of the Generic Insurance Framework (GIF) smart contracts. ",
   "main": "index.js",
   "scripts": {

package/artifacts/contracts/instance/IAccessManagerSimple.sol/IAccessManagerSimple.dbg.json DELETED Viewed

@@ -1,4 +0,0 @@
-{
-  "_format": "hh-sol-dbg-1",
-  "buildInfo": "../../../build-info/65b23548824c96d3a9cfdfbce93a388d.json"
-}