npm - @lazy-sol/access-control - Versions diffs - 1.0.5 → 1.1.0 - Mend

@lazy-sol/access-control 1.0.5 → 1.1.0

Files changed (16) hide show

package/CHANGELOG.md +38 -0
package/README.md +77 -0
package/Role-based Access Control (RBAC) Lifecycle.png +0 -0
package/artifacts/contracts/OwnableToAccessControlAdapter.sol/OwnableToAccessControlAdapter.json +7 -64
package/contracts/AccessControl.sol +15 -219
package/contracts/AccessControlCore.sol +353 -0
package/contracts/AdapterFactory.sol +1 -1
package/contracts/OwnableToAccessControlAdapter.sol +7 -5
package/contracts/mocks/AccessControlMock.sol +7 -1
package/hardhat.config.js +38 -9
package/index.js +4 -0
package/package.json +10 -6
package/test/include/rbac.behaviour.js +22 -7
package/test/ownable_to_rbac_adapter.js +1 -1
package/test/ownable_to_rbac_adapter_rbac.js +3 -3
package/test/rbac_modifier.js +1 -1

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,38 @@
+v1.1.0: Contact Size Optimizations
+- __Breaking Change:__ Solidity 0.8.4 is now required to compile the contracts
+  (previously was 0.4.22 for the core contract and 0.6.2 for periphery contracts).
+- Replaced "access denied" error with string literal (0.4.22) with the custom error AccessDenied() (0.8.4)
+- Introduced lighter modification of the "AccessControl" RBAC contract – "AccessControlCore" (RBAC-C).
+  The 'core' version of the RBAC contract hides three rarely used external functions from the public ABI,
+  making them internal and thus reducing the overall compiled implementation size.
+  | old name             | old modifier | new name              | new modifier |
+  |----------------------|--------------|-----------------------|--------------|
+  | `isFeatureEnabled()` | `public`     | `isFeatureEnabled()`  | `internal`   |
+  | `isSenderInRole()`   | `public`     | `_isSenderInRole()`   | `internal`   |
+  | `isOperatorInRole()` | `public`     | `_isOperatorInRole()` | `internal`   |
+- Added `_requireSenderInRole()` and `_requireAccessCondition()` internal functions for a convenient and gas-efficient
+  way of checking the access permissions and throwing the AccessDenied() error.
+- Added the CHANGELOG (this file)
+v1.0.7:
+- Exported the RBAC behavior
+v1.0.6:
+- Updated the documentation
+v1.0.5:
+- Exported RBAC JavaScript constants and functions
+v1.0.4:
+- Fixed broken dependencies
+- Upgraded npm libraries
+- Added Sepolia network support
+v1.0.3:
+- Allowed lower versions of Hardhat to be used
+v1.0.2:
+- Optimized npm dependencies

package/README.md CHANGED Viewed

@@ -4,6 +4,83 @@ A shortcut to a modular and easily pluggable dapp architecture.
 Enable the modular plug and play (PnP) architecture for your dapp by incorporating the role-based access control (RBAC)
 into the smart contracts.
+## Technical Overview
+Role-based Access Control (RBAC), or simply Access Control, is the base parent contract to be inherited by other smart
+contracts wishing to enable the RBAC feature. It provides an API to check if a specific operation is permitted globally
+and/or if a particular user has a permission to execute it.
+It deals with two main entities: features and roles. Features are designed to be used to enable/disable public functions
+of the smart contract (used by a wide audience). User roles are designed to control the access to restricted functions
+of the smart contract (used by a limited set of maintainers).
+When designing the RBAC-enabled contract, the best practice is to make all public mutative functions controlled with
+their corresponding feature flags, which can be enabled/disabled during smart contact deployment, setup process, and,
+optionally, during contract operation.
+Restricted access functions must be controlled by their corresponding user roles/permissions and usually can be executed
+by the deployer during smart contract deployment and setup process.
+After deployment is complete and smart contract setup is verified the deployer should enable the feature flags and
+revoke own permissions to control these flags, as well as permissions to execute restricted access functions.
+It is possible that smart contract functionalities are enabled in phases, but the intention is that eventually it is
+also possible to set the smart contract to be uncontrolled by anyone and be fully decentralized.
+It is also possible that the deployer shares its admin permissions with other addresses during the deployment and setup
+process, but eventually all these permissions can be revoked from all the addresses involved.
+Following diagram summarizes stated below:
+![Role-based Access Control (RBAC) Lifecycle](Role-based%20Access%20Control%20%28RBAC%29%20Lifecycle.png)
+Diagram 1. RBAC-enabled smart contract deployment and setup phases. Contract evolves from the fully controlled in the
+initial phases of the setup process to the fully decentralized and uncontrolled in the end.
+It is important to note that it is not necessary, and not recommended to wait until the last “Setup Complete” phase is
+executed to consider the protocol fully operational in the mainnet. In fact, the best practice is to do the launch after
+the deployer permissions are revoked, but there are admin multisig accounts with the full permissions to control the
+protocol. This kind of approach allows reacting to the security issues, which are more likely to happen in the beginning
+of the protocol operation.
+## Special Permissions Mapping
+Special permissions mapping, `userRoles`, stores special permissions of the smart contract administrators and helpers.
+The mapping is a part of AccessControl and is inherited by the smart contracts using it.
+The value stored in the mapping is a 256 bits unsigned integer, each bit of that integer represents a particular
+permission. We call a set of permissions a role. Usually, roles are defined as 32 bits unsigned integer constants, but
+extension to 255 bits is possible.
+Permission with the bit 255 set is a special one. It corresponds to the access manager role `ROLE_ACCESS_MANAGER`
+defined on the Access Control smart contract and allows accounts having that bit set to grant/revoke their permissions
+to other addresses and to enable/disable corresponding features of the smart contract (to update self address “this”
+role – see below).
+Self address “this” mapping is a special one. It represents the deployed smart contract itself and defines features
+enabled on it. Features control what public functions are enabled and how they behave. Usually, features are defined as
+32 bits unsigned integer constants, but extension to 255 bits is possible.
+Access Control is a shared parent for other smart contracts which are free to use any strategy to introduce their
+features and roles. Usually, smart contracts use different values for all the features and roles (see the table in the
+next section).
+Access manager may revoke its own permissions, including the bit 255. Eventually that allows an access manager to let
+the smart contract “float freely” and be controlled only by the community (via DAO) or by no one at all.
+## Comparing with OpenZeppelin
+Both our and OpenZeppelin Access Control implementations feature a similar API to check/know "who is allowed to do this
+thing".
+Zeppelin implementation is more flexible:
+* it allows setting unlimited number of roles, while current is limited to 256 different roles
+* it allows setting an admin for each role, while current allows having only one global admin
+Our implementation is more lightweight:
+* it uses only 1 bit per role, while Zeppelin uses 256 bits
+* it allows setting up to 256 roles at once, in a single transaction, while Zeppelin allows setting only one role in a
+  single transaction
 ## Installation
 ```
 npm i -D @lazy-sol/access-control

package/Role-based Access Control (RBAC) Lifecycle.png ADDED Viewed

Binary file

package/artifacts/contracts/OwnableToAccessControlAdapter.sol/OwnableToAccessControlAdapter.json CHANGED Viewed

@@ -19,6 +19,11 @@
       "stateMutability": "nonpayable",
       "type": "constructor"
     },
+    {
+      "inputs": [],
+      "name": "AccessDenied",
+      "type": "error"
+    },
     {
       "anonymous": false,
       "inputs": [
@@ -188,68 +193,6 @@
       "stateMutability": "view",
       "type": "function"
     },
-    {
-      "inputs": [
-        {
-          "internalType": "uint256",
-          "name": "required",
-          "type": "uint256"
-        }
-      ],
-      "name": "isFeatureEnabled",
-      "outputs": [
-        {
-          "internalType": "bool",
-          "name": "",
-          "type": "bool"
-        }
-      ],
-      "stateMutability": "view",
-      "type": "function"
-    },
-    {
-      "inputs": [
-        {
-          "internalType": "address",
-          "name": "operator",
-          "type": "address"
-        },
-        {
-          "internalType": "uint256",
-          "name": "required",
-          "type": "uint256"
-        }
-      ],
-      "name": "isOperatorInRole",
-      "outputs": [
-        {
-          "internalType": "bool",
-          "name": "",
-          "type": "bool"
-        }
-      ],
-      "stateMutability": "view",
-      "type": "function"
-    },
-    {
-      "inputs": [
-        {
-          "internalType": "uint256",
-          "name": "required",
-          "type": "uint256"
-        }
-      ],
-      "name": "isSenderInRole",
-      "outputs": [
-        {
-          "internalType": "bool",
-          "name": "",
-          "type": "bool"
-        }
-      ],
-      "stateMutability": "view",
-      "type": "function"
-    },
     {
       "inputs": [],
       "name": "target",
@@ -335,8 +278,8 @@
       "type": "receive"
     }
   ],
-  "bytecode": "0x608060405234801561001057600080fd5b50604051610b40380380610b4083398101604081905261002f9161012f565b80600061003f82600019806100bb565b61004a3082806100bb565b50506001600160a01b0382166100955760405162461bcd60e51b815260206004820152600c60248201526b7a65726f206164647265737360a01b604482015260640160405180910390fd5b50600180546001600160a01b0319166001600160a01b0392909216919091179055610162565b6001600160a01b0383166000818152602081815260409182902084905581518581529081018490527fe9be537308880e0f56b7d7cfd7abf85f14c4934486d138f848b92a0cbaf659b4910160405180910390a2505050565b80516001600160a01b038116811461012a57600080fd5b919050565b6000806040838503121561014257600080fd5b61014b83610113565b915061015960208401610113565b90509250929050565b6109cf806101716000396000f3fe6080604052600436106100e15760003560e01c8063725f36261161007f578063c688d69311610059578063c688d693146102bc578063d4b83992146102dc578063d5bb7f6714610314578063fcc2c0781461033457610100565b8063725f362614610254578063ae5b102e14610284578063ae682e2e146102a457610100565b806334e48c9e116100bb57806334e48c9e146101c657806344276733146101de578063491d2611146102145780635defb40d1461023457610100565b806309c5eabe146101405780630e82fe25146101695780632b521416146101a457610100565b36610100576100fe60405180602001604052806000815250610354565b005b6100fe6000368080601f01602080910402602001604051908101604052809392919081815260200183838082843760009201919091525061035492505050565b61015361014e366004610742565b610354565b60405161016091906107e3565b60405180910390f35b34801561017557600080fd5b50610196610184366004610813565b60026020526000908152604090205481565b604051908152602001610160565b3480156101b057600080fd5b5030600090815260208190526040902054610196565b3480156101d257600080fd5b50610196600160fd1b81565b3480156101ea57600080fd5b506101966101f9366004610845565b6001600160a01b031660009081526020819052604090205490565b34801561022057600080fd5b506100fe61022f366004610860565b6104de565b34801561024057600080fd5b506100fe61024f36600461088a565b610560565b34801561026057600080fd5b5061027461026f3660046108e3565b610575565b6040519015158152602001610160565b34801561029057600080fd5b506100fe61029f3660046108fc565b610597565b3480156102b057600080fd5b50610196600160ff1b81565b3480156102c857600080fd5b506102746102d73660046108fc565b61061c565b3480156102e857600080fd5b506001546102fc906001600160a01b031681565b6040516001600160a01b039091168152602001610160565b34801561032057600080fd5b506100fe61032f3660046108e3565b610645565b34801561034057600080fd5b5061027461034f3660046108e3565b610652565b6020810151815160609190156103f0576001600160e01b03198116600090815260026020526040812054908190036103c95760405162461bcd60e51b81526020600482015260136024820152721858d8d95cdcc81c9bdb19481b9bdd081cd95d606a1b60448201526064015b60405180910390fd5b6103d281610652565b6103ee5760405162461bcd60e51b81526004016103c090610918565b505b60015460405160009182916001600160a01b0390911690349061041490889061093f565b60006040518083038185875af1925050503d8060008114610451576040519150601f19603f3d011682016040523d82523d6000602084013e610456565b606091505b50915091508161049b5760405162461bcd60e51b815260206004820152601060248201526f195e1958dd5d1a5bdb8819985a5b195960821b60448201526064016103c0565b7f57a62eca76fc623c92f161d2a4b851851ece707135ce2af1eec256d660571b6d8386836040516104ce9392919061095b565b60405180910390a1949350505050565b6104eb600160fd1b610652565b6105075760405162461bcd60e51b81526004016103c090610918565b6001600160e01b03198216600081815260026020908152604091829020849055815192835282018390527fdb8ed917742b49e83acd1322bcaa8f18b1e5f78a70784c43ea14db7ab50e628d910160405180910390a15050565b6105718280519060200120826104de565b5050565b30600090815260208190526040812054610591905b8316831490565b92915050565b6105a4600160ff1b610652565b6105c05760405162461bcd60e51b81526004016103c090610918565b6105718282610617336105e8876001600160a01b031660009081526020819052604090205490565b6001600160a01b0391909116600090815260208190526040902054600019808818821618908716919091171690565b61065e565b6001600160a01b03821660009081526020819052604081205461063e9061058a565b9392505050565b61064f3082610597565b50565b6000610591338361061c565b6001600160a01b0383166000818152602081815260409182902084905581518581529081018490527fe9be537308880e0f56b7d7cfd7abf85f14c4934486d138f848b92a0cbaf659b4910160405180910390a2505050565b634e487b7160e01b600052604160045260246000fd5b600067ffffffffffffffff808411156106e7576106e76106b6565b604051601f8501601f19908116603f0116810190828211818310171561070f5761070f6106b6565b8160405280935085815286868601111561072857600080fd5b858560208301376000602087830101525050509392505050565b60006020828403121561075457600080fd5b813567ffffffffffffffff81111561076b57600080fd5b8201601f8101841361077c57600080fd5b61078b848235602084016106cc565b949350505050565b60005b838110156107ae578181015183820152602001610796565b50506000910152565b600081518084526107cf816020860160208601610793565b601f01601f19169290920160200192915050565b60208152600061063e60208301846107b7565b80356001600160e01b03198116811461080e57600080fd5b919050565b60006020828403121561082557600080fd5b61063e826107f6565b80356001600160a01b038116811461080e57600080fd5b60006020828403121561085757600080fd5b61063e8261082e565b6000806040838503121561087357600080fd5b61087c836107f6565b946020939093013593505050565b6000806040838503121561089d57600080fd5b823567ffffffffffffffff8111156108b457600080fd5b8301601f810185136108c557600080fd5b6108d4858235602084016106cc565b95602094909401359450505050565b6000602082840312156108f557600080fd5b5035919050565b6000806040838503121561090f57600080fd5b61087c8361082e565b6020808252600d908201526c1858d8d95cdcc819195b9a5959609a1b604082015260600190565b60008251610951818460208701610793565b9190910192915050565b63ffffffff60e01b8416815260606020820152600061097d60608301856107b7565b828103604084015261098f81856107b7565b969550505050505056fea26469706673582212206993ad950cca82a01e8e72c0503e3a006930148e125b67ad2894063853f6078264736f6c63430008150033",
-  "deployedBytecode": "0x6080604052600436106100e15760003560e01c8063725f36261161007f578063c688d69311610059578063c688d693146102bc578063d4b83992146102dc578063d5bb7f6714610314578063fcc2c0781461033457610100565b8063725f362614610254578063ae5b102e14610284578063ae682e2e146102a457610100565b806334e48c9e116100bb57806334e48c9e146101c657806344276733146101de578063491d2611146102145780635defb40d1461023457610100565b806309c5eabe146101405780630e82fe25146101695780632b521416146101a457610100565b36610100576100fe60405180602001604052806000815250610354565b005b6100fe6000368080601f01602080910402602001604051908101604052809392919081815260200183838082843760009201919091525061035492505050565b61015361014e366004610742565b610354565b60405161016091906107e3565b60405180910390f35b34801561017557600080fd5b50610196610184366004610813565b60026020526000908152604090205481565b604051908152602001610160565b3480156101b057600080fd5b5030600090815260208190526040902054610196565b3480156101d257600080fd5b50610196600160fd1b81565b3480156101ea57600080fd5b506101966101f9366004610845565b6001600160a01b031660009081526020819052604090205490565b34801561022057600080fd5b506100fe61022f366004610860565b6104de565b34801561024057600080fd5b506100fe61024f36600461088a565b610560565b34801561026057600080fd5b5061027461026f3660046108e3565b610575565b6040519015158152602001610160565b34801561029057600080fd5b506100fe61029f3660046108fc565b610597565b3480156102b057600080fd5b50610196600160ff1b81565b3480156102c857600080fd5b506102746102d73660046108fc565b61061c565b3480156102e857600080fd5b506001546102fc906001600160a01b031681565b6040516001600160a01b039091168152602001610160565b34801561032057600080fd5b506100fe61032f3660046108e3565b610645565b34801561034057600080fd5b5061027461034f3660046108e3565b610652565b6020810151815160609190156103f0576001600160e01b03198116600090815260026020526040812054908190036103c95760405162461bcd60e51b81526020600482015260136024820152721858d8d95cdcc81c9bdb19481b9bdd081cd95d606a1b60448201526064015b60405180910390fd5b6103d281610652565b6103ee5760405162461bcd60e51b81526004016103c090610918565b505b60015460405160009182916001600160a01b0390911690349061041490889061093f565b60006040518083038185875af1925050503d8060008114610451576040519150601f19603f3d011682016040523d82523d6000602084013e610456565b606091505b50915091508161049b5760405162461bcd60e51b815260206004820152601060248201526f195e1958dd5d1a5bdb8819985a5b195960821b60448201526064016103c0565b7f57a62eca76fc623c92f161d2a4b851851ece707135ce2af1eec256d660571b6d8386836040516104ce9392919061095b565b60405180910390a1949350505050565b6104eb600160fd1b610652565b6105075760405162461bcd60e51b81526004016103c090610918565b6001600160e01b03198216600081815260026020908152604091829020849055815192835282018390527fdb8ed917742b49e83acd1322bcaa8f18b1e5f78a70784c43ea14db7ab50e628d910160405180910390a15050565b6105718280519060200120826104de565b5050565b30600090815260208190526040812054610591905b8316831490565b92915050565b6105a4600160ff1b610652565b6105c05760405162461bcd60e51b81526004016103c090610918565b6105718282610617336105e8876001600160a01b031660009081526020819052604090205490565b6001600160a01b0391909116600090815260208190526040902054600019808818821618908716919091171690565b61065e565b6001600160a01b03821660009081526020819052604081205461063e9061058a565b9392505050565b61064f3082610597565b50565b6000610591338361061c565b6001600160a01b0383166000818152602081815260409182902084905581518581529081018490527fe9be537308880e0f56b7d7cfd7abf85f14c4934486d138f848b92a0cbaf659b4910160405180910390a2505050565b634e487b7160e01b600052604160045260246000fd5b600067ffffffffffffffff808411156106e7576106e76106b6565b604051601f8501601f19908116603f0116810190828211818310171561070f5761070f6106b6565b8160405280935085815286868601111561072857600080fd5b858560208301376000602087830101525050509392505050565b60006020828403121561075457600080fd5b813567ffffffffffffffff81111561076b57600080fd5b8201601f8101841361077c57600080fd5b61078b848235602084016106cc565b949350505050565b60005b838110156107ae578181015183820152602001610796565b50506000910152565b600081518084526107cf816020860160208601610793565b601f01601f19169290920160200192915050565b60208152600061063e60208301846107b7565b80356001600160e01b03198116811461080e57600080fd5b919050565b60006020828403121561082557600080fd5b61063e826107f6565b80356001600160a01b038116811461080e57600080fd5b60006020828403121561085757600080fd5b61063e8261082e565b6000806040838503121561087357600080fd5b61087c836107f6565b946020939093013593505050565b6000806040838503121561089d57600080fd5b823567ffffffffffffffff8111156108b457600080fd5b8301601f810185136108c557600080fd5b6108d4858235602084016106cc565b95602094909401359450505050565b6000602082840312156108f557600080fd5b5035919050565b6000806040838503121561090f57600080fd5b61087c8361082e565b6020808252600d908201526c1858d8d95cdcc819195b9a5959609a1b604082015260600190565b60008251610951818460208701610793565b9190910192915050565b63ffffffff60e01b8416815260606020820152600061097d60608301856107b7565b828103604084015261098f81856107b7565b969550505050505056fea26469706673582212206993ad950cca82a01e8e72c0503e3a006930148e125b67ad2894063853f6078264736f6c63430008150033",
+  "bytecode": "0x608060405234801561001057600080fd5b50604051610a23380380610a2383398101604081905261002f9161012f565b80600061003f82600019806100bb565b61004a3082806100bb565b50506001600160a01b0382166100955760405162461bcd60e51b815260206004820152600c60248201526b7a65726f206164647265737360a01b604482015260640160405180910390fd5b50600180546001600160a01b0319166001600160a01b0392909216919091179055610162565b6001600160a01b0383166000818152602081815260409182902084905581518581529081018490527fe9be537308880e0f56b7d7cfd7abf85f14c4934486d138f848b92a0cbaf659b4910160405180910390a2505050565b80516001600160a01b038116811461012a57600080fd5b919050565b6000806040838503121561014257600080fd5b61014b83610113565b915061015960208401610113565b90509250929050565b6108b2806101716000396000f3fe6080604052600436106100a05760003560e01c8063491d261111610064578063491d2611146101d35780635defb40d146101f3578063ae5b102e14610213578063ae682e2e14610233578063d4b839921461024b578063d5bb7f6714610283576100bf565b806309c5eabe146100ff5780630e82fe25146101285780632b5214161461016357806334e48c9e14610185578063442767331461019d576100bf565b366100bf576100bd604051806020016040528060008152506102a3565b005b6100bd6000368080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152506102a392505050565b61011261010d36600461064c565b6102a3565b60405161011f91906106ed565b60405180910390f35b34801561013457600080fd5b5061015561014336600461071d565b60026020526000908152604090205481565b60405190815260200161011f565b34801561016f57600080fd5b5030600090815260208190526040902054610155565b34801561019157600080fd5b50610155600160fd1b81565b3480156101a957600080fd5b506101556101b836600461074f565b6001600160a01b031660009081526020819052604090205490565b3480156101df57600080fd5b506100bd6101ee36600461076a565b610411565b3480156101ff57600080fd5b506100bd61020e366004610794565b610477565b34801561021f57600080fd5b506100bd61022e3660046107ed565b61048c565b34801561023f57600080fd5b50610155600160ff1b81565b34801561025757600080fd5b5060015461026b906001600160a01b031681565b6040516001600160a01b03909116815260200161011f565b34801561028f57600080fd5b506100bd61029e366004610809565b6104f5565b602081015181516060919015610323576001600160e01b03198116600090815260026020526040812054908190036103185760405162461bcd60e51b81526020600482015260136024820152721858d8d95cdcc81c9bdb19481b9bdd081cd95d606a1b60448201526064015b60405180910390fd5b61032181610502565b505b60015460405160009182916001600160a01b03909116903490610347908890610822565b60006040518083038185875af1925050503d8060008114610384576040519150601f19603f3d011682016040523d82523d6000602084013e610389565b606091505b5091509150816103ce5760405162461bcd60e51b815260206004820152601060248201526f195e1958dd5d1a5bdb8819985a5b195960821b604482015260640161030f565b7f57a62eca76fc623c92f161d2a4b851851ece707135ce2af1eec256d660571b6d8386836040516104019392919061083e565b60405180910390a1949350505050565b61041e600160fd1b610502565b6001600160e01b03198216600081815260026020908152604091829020849055815192835282018390527fdb8ed917742b49e83acd1322bcaa8f18b1e5f78a70784c43ea14db7ab50e628d910160405180910390a15050565b610488828051906020012082610411565b5050565b610499600160ff1b610502565b61048882826104f0336104c1876001600160a01b031660009081526020819052604090205490565b6001600160a01b0391909116600090815260208190526040902054600019808818821618908716919091171690565b610513565b6104ff308261048c565b50565b6104ff61050e8261056b565b61057d565b6001600160a01b0383166000818152602081815260409182902084905581518581529081018490527fe9be537308880e0f56b7d7cfd7abf85f14c4934486d138f848b92a0cbaf659b4910160405180910390a2505050565b6000610577338361059b565b92915050565b806104ff57604051634ca8886760e01b815260040160405180910390fd5b6001600160a01b038216600090815260208190526040812054821682145b9392505050565b634e487b7160e01b600052604160045260246000fd5b600067ffffffffffffffff808411156105f1576105f16105c0565b604051601f8501601f19908116603f01168101908282118183101715610619576106196105c0565b8160405280935085815286868601111561063257600080fd5b858560208301376000602087830101525050509392505050565b60006020828403121561065e57600080fd5b813567ffffffffffffffff81111561067557600080fd5b8201601f8101841361068657600080fd5b610695848235602084016105d6565b949350505050565b60005b838110156106b85781810151838201526020016106a0565b50506000910152565b600081518084526106d981602086016020860161069d565b601f01601f19169290920160200192915050565b6020815260006105b960208301846106c1565b80356001600160e01b03198116811461071857600080fd5b919050565b60006020828403121561072f57600080fd5b6105b982610700565b80356001600160a01b038116811461071857600080fd5b60006020828403121561076157600080fd5b6105b982610738565b6000806040838503121561077d57600080fd5b61078683610700565b946020939093013593505050565b600080604083850312156107a757600080fd5b823567ffffffffffffffff8111156107be57600080fd5b8301601f810185136107cf57600080fd5b6107de858235602084016105d6565b95602094909401359450505050565b6000806040838503121561080057600080fd5b61078683610738565b60006020828403121561081b57600080fd5b5035919050565b6000825161083481846020870161069d565b9190910192915050565b63ffffffff60e01b8416815260606020820152600061086060608301856106c1565b828103604084015261087281856106c1565b969550505050505056fea2646970667358221220e3c74e6e9d12e9f897ad014f9a9508e19f07aa6158ea118e7b0f262e5ef3629764736f6c63430008150033",
+  "deployedBytecode": "0x6080604052600436106100a05760003560e01c8063491d261111610064578063491d2611146101d35780635defb40d146101f3578063ae5b102e14610213578063ae682e2e14610233578063d4b839921461024b578063d5bb7f6714610283576100bf565b806309c5eabe146100ff5780630e82fe25146101285780632b5214161461016357806334e48c9e14610185578063442767331461019d576100bf565b366100bf576100bd604051806020016040528060008152506102a3565b005b6100bd6000368080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152506102a392505050565b61011261010d36600461064c565b6102a3565b60405161011f91906106ed565b60405180910390f35b34801561013457600080fd5b5061015561014336600461071d565b60026020526000908152604090205481565b60405190815260200161011f565b34801561016f57600080fd5b5030600090815260208190526040902054610155565b34801561019157600080fd5b50610155600160fd1b81565b3480156101a957600080fd5b506101556101b836600461074f565b6001600160a01b031660009081526020819052604090205490565b3480156101df57600080fd5b506100bd6101ee36600461076a565b610411565b3480156101ff57600080fd5b506100bd61020e366004610794565b610477565b34801561021f57600080fd5b506100bd61022e3660046107ed565b61048c565b34801561023f57600080fd5b50610155600160ff1b81565b34801561025757600080fd5b5060015461026b906001600160a01b031681565b6040516001600160a01b03909116815260200161011f565b34801561028f57600080fd5b506100bd61029e366004610809565b6104f5565b602081015181516060919015610323576001600160e01b03198116600090815260026020526040812054908190036103185760405162461bcd60e51b81526020600482015260136024820152721858d8d95cdcc81c9bdb19481b9bdd081cd95d606a1b60448201526064015b60405180910390fd5b61032181610502565b505b60015460405160009182916001600160a01b03909116903490610347908890610822565b60006040518083038185875af1925050503d8060008114610384576040519150601f19603f3d011682016040523d82523d6000602084013e610389565b606091505b5091509150816103ce5760405162461bcd60e51b815260206004820152601060248201526f195e1958dd5d1a5bdb8819985a5b195960821b604482015260640161030f565b7f57a62eca76fc623c92f161d2a4b851851ece707135ce2af1eec256d660571b6d8386836040516104019392919061083e565b60405180910390a1949350505050565b61041e600160fd1b610502565b6001600160e01b03198216600081815260026020908152604091829020849055815192835282018390527fdb8ed917742b49e83acd1322bcaa8f18b1e5f78a70784c43ea14db7ab50e628d910160405180910390a15050565b610488828051906020012082610411565b5050565b610499600160ff1b610502565b61048882826104f0336104c1876001600160a01b031660009081526020819052604090205490565b6001600160a01b0391909116600090815260208190526040902054600019808818821618908716919091171690565b610513565b6104ff308261048c565b50565b6104ff61050e8261056b565b61057d565b6001600160a01b0383166000818152602081815260409182902084905581518581529081018490527fe9be537308880e0f56b7d7cfd7abf85f14c4934486d138f848b92a0cbaf659b4910160405180910390a2505050565b6000610577338361059b565b92915050565b806104ff57604051634ca8886760e01b815260040160405180910390fd5b6001600160a01b038216600090815260208190526040812054821682145b9392505050565b634e487b7160e01b600052604160045260246000fd5b600067ffffffffffffffff808411156105f1576105f16105c0565b604051601f8501601f19908116603f01168101908282118183101715610619576106196105c0565b8160405280935085815286868601111561063257600080fd5b858560208301376000602087830101525050509392505050565b60006020828403121561065e57600080fd5b813567ffffffffffffffff81111561067557600080fd5b8201601f8101841361068657600080fd5b610695848235602084016105d6565b949350505050565b60005b838110156106b85781810151838201526020016106a0565b50506000910152565b600081518084526106d981602086016020860161069d565b601f01601f19169290920160200192915050565b6020815260006105b960208301846106c1565b80356001600160e01b03198116811461071857600080fd5b919050565b60006020828403121561072f57600080fd5b6105b982610700565b80356001600160a01b038116811461071857600080fd5b60006020828403121561076157600080fd5b6105b982610738565b6000806040838503121561077d57600080fd5b61078683610700565b946020939093013593505050565b600080604083850312156107a757600080fd5b823567ffffffffffffffff8111156107be57600080fd5b8301601f810185136107cf57600080fd5b6107de858235602084016105d6565b95602094909401359450505050565b6000806040838503121561080057600080fd5b61078683610738565b60006020828403121561081b57600080fd5b5035919050565b6000825161083481846020870161069d565b9190910192915050565b63ffffffff60e01b8416815260606020820152600061086060608301856106c1565b828103604084015261087281856106c1565b969550505050505056fea2646970667358221220e3c74e6e9d12e9f897ad014f9a9508e19f07aa6158ea118e7b0f262e5ef3629764736f6c63430008150033",
   "linkReferences": {},
   "deployedLinkReferences": {}
 }

package/contracts/AccessControl.sol CHANGED Viewed

@@ -1,5 +1,11 @@
 // SPDX-License-Identifier: MIT
-pragma solidity >=0.4.22; // require with message (0.4.22), pure/view modifiers (0.4.16), hardhat (0.4.11)
+// custom errors (0.8.4)
+// require with message (0.4.22)
+// pure/view modifiers (0.4.16)
+// hardhat (0.4.11)
+pragma solidity >=0.8.4;
+import {AccessControlCore} from "./AccessControlCore.sol";
 /**
  * @title Role-based Access Control (RBAC)
@@ -50,189 +56,14 @@ pragma solidity >=0.4.22; // require with message (0.4.22), pure/view modifiers
  *
  * @author Basil Gorin
  */
-abstract contract AccessControl {
-	/**
-	 * @dev Privileged addresses with defined roles/permissions
-	 * @dev In the context of ERC20/ERC721 tokens these can be permissions to
-	 *      allow minting or burning tokens, transferring on behalf and so on
-	 *
-	 * @dev Maps user address to the permissions bitmask (role), where each bit
-	 *      represents a permission
-	 * @dev Bitmask 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-	 *      represents all possible permissions
-	 * @dev 'This' address mapping represents global features of the smart contract
-	 *
-	 * @dev We keep the mapping private to prevent direct writes to it from the inheriting
-	 *      contracts, `getRole()` and `updateRole()` functions should be used instead
-	 */
-	mapping(address => uint256) private userRoles;
-	/**
-	 * @notice Access manager is responsible for assigning the roles to users,
-	 *      enabling/disabling global features of the smart contract
-	 * @notice Access manager can add, remove and update user roles,
-	 *      remove and update global features
-	 *
-	 * @dev Role ROLE_ACCESS_MANAGER allows modifying user roles and global features
-	 * @dev Role ROLE_ACCESS_MANAGER has single bit at position 255 enabled
-	 */
-	uint256 public constant ROLE_ACCESS_MANAGER = 0x8000000000000000000000000000000000000000000000000000000000000000;
-	/**
-	 * @dev Bitmask representing all the possible permissions (super admin role)
-	 * @dev Has all the bits are enabled (2^256 - 1 value)
-	 */
-	uint256 internal constant FULL_PRIVILEGES_MASK = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;
-	/**
-	 * @dev Fired in updateRole() and updateFeatures()
-	 *
-	 * @param operator address which was granted/revoked permissions
-	 * @param requested permissions requested
-	 * @param assigned permissions effectively set
-	 */
-	event RoleUpdated(address indexed operator, uint256 requested, uint256 assigned);
-	/**
-	 * @notice Function modifier making a function defined as public behave as restricted
-	 *      (so that only a pre-configured set of accounts can execute it)
-	 *
-	 * @param role the role transaction executor is required to have;
-	 *      the function throws an "access denied" exception if this condition is not met
-	 */
-	modifier restrictedTo(uint256 role) {
-		// verify the access permission
-		require(isSenderInRole(role), "access denied");
-		// execute the rest of the function
-		_;
-	}
+contract AccessControl is AccessControlCore {
 	/**
 	 * @notice Creates an access control instance, setting the contract owner to have full privileges
 	 *
 	 * @param _owner smart contract owner having full privileges, can be zero
 	 * @param _features initial features mask of the contract, can be zero
 	 */
-	constructor(address _owner, uint256 _features) internal { // visibility modifier is required to be compilable with 0.6.x
-		// grant owner full privileges
-		__setRole(_owner, FULL_PRIVILEGES_MASK, FULL_PRIVILEGES_MASK);
-		// update initial features bitmask
-		__setRole(address(this), _features, _features);
-	}
-	/**
-	 * @notice Retrieves globally set of features enabled
-	 *
-	 * @dev Effectively reads userRoles role for the contract itself
-	 *
-	 * @return 256-bit bitmask of the features enabled
-	 */
-	function features() public view returns (uint256) {
-		// features are stored in 'this' address mapping of `userRoles`
-		return getRole(address(this));
-	}
-	/**
-	 * @notice Updates set of the globally enabled features (`features`),
-	 *      taking into account sender's permissions
-	 *
-	 * @dev Requires transaction sender to have `ROLE_ACCESS_MANAGER` permission
-	 * @dev Function is left for backward compatibility with older versions
-	 *
-	 * @param _mask bitmask representing a set of features to enable/disable
-	 */
-	function updateFeatures(uint256 _mask) public {
-		// delegate call to `updateRole`
-		updateRole(address(this), _mask);
-	}
-	/**
-	 * @notice Reads the permissions (role) for a given user from the `userRoles` mapping
-	 *      (privileged addresses with defined roles/permissions)
-	 * @notice In the context of ERC20/ERC721 tokens these can be permissions to
-	 *      allow minting or burning tokens, transferring on behalf and so on
-	 *
-	 * @dev Having a simple getter instead of making the mapping public
-	 *      allows enforcing the encapsulation of the mapping and protects from
-	 *      writing to it directly in the inheriting smart contracts
-	 *
-	 * @param operator address of a user to read permissions for,
-	 *      or self address to read global features of the smart contract
-	 */
-	function getRole(address operator) public view returns(uint256) {
-		// read the value from `userRoles` and return
-		return userRoles[operator];
-	}
-	/**
-	 * @notice Updates set of permissions (role) for a given user,
-	 *      taking into account sender's permissions.
-	 *
-	 * @dev Setting role to zero is equivalent to removing an all permissions
-	 * @dev Setting role to `FULL_PRIVILEGES_MASK` is equivalent to
-	 *      copying senders' permissions (role) to the user
-	 * @dev Requires transaction sender to have `ROLE_ACCESS_MANAGER` permission
-	 *
-	 * @param operator address of a user to alter permissions for,
-	 *       or self address to alter global features of the smart contract
-	 * @param role bitmask representing a set of permissions to
-	 *      enable/disable for a user specified
-	 */
-	function updateRole(address operator, uint256 role) public {
-		// caller must have a permission to update user roles
-		require(isSenderInRole(ROLE_ACCESS_MANAGER), "access denied");
-		// evaluate the role and reassign it
-		__setRole(operator, role, _evaluateBy(msg.sender, getRole(operator), role));
-	}
-	/**
-	 * @notice Determines the permission bitmask an operator can set on the
-	 *      target permission set
-	 * @notice Used to calculate the permission bitmask to be set when requested
-	 *     in `updateRole` and `updateFeatures` functions
-	 *
-	 * @dev Calculated based on:
-	 *      1) operator's own permission set read from userRoles[operator]
-	 *      2) target permission set - what is already set on the target
-	 *      3) desired permission set - what do we want set target to
-	 *
-	 * @dev Corner cases:
-	 *      1) Operator is super admin and its permission set is `FULL_PRIVILEGES_MASK`:
-	 *        `desired` bitset is returned regardless of the `target` permission set value
-	 *        (what operator sets is what they get)
-	 *      2) Operator with no permissions (zero bitset):
-	 *        `target` bitset is returned regardless of the `desired` value
-	 *        (operator has no authority and cannot modify anything)
-	 *
-	 * @dev Example:
-	 *      Consider an operator with the permissions bitmask     00001111
-	 *      is about to modify the target permission set          01010101
-	 *      Operator wants to set that permission set to          00110011
-	 *      Based on their role, an operator has the permissions
-	 *      to update only lowest 4 bits on the target, meaning that
-	 *      high 4 bits of the target set in this example is left
-	 *      unchanged and low 4 bits get changed as desired:      01010011
-	 *
-	 * @param operator address of the contract operator which is about to set the permissions
-	 * @param target input set of permissions to operator is going to modify
-	 * @param desired desired set of permissions operator would like to set
-	 * @return resulting set of permissions given operator will set
-	 */
-	function _evaluateBy(address operator, uint256 target, uint256 desired) internal view returns (uint256) {
-		// read operator's permissions
-		uint256 p = getRole(operator);
-		// taking into account operator's permissions,
-		// 1) enable the permissions desired on the `target`
-		target |= p & desired;
-		// 2) disable the permissions desired on the `target`
-		target &= FULL_PRIVILEGES_MASK ^ (p & (FULL_PRIVILEGES_MASK ^ desired));
-		// return calculated result
-		return target;
-	}
+	constructor(address _owner, uint256 _features) AccessControlCore(_owner, _features) {} // visibility modifier is required to be compilable with 0.6.x
 	/**
 	 * @notice Checks if requested set of features is enabled globally on the contract
@@ -241,8 +72,8 @@ abstract contract AccessControl {
 	 * @return true if all the features requested are enabled, false otherwise
 	 */
 	function isFeatureEnabled(uint256 required) public view returns (bool) {
-		// delegate call to `__hasRole`, passing `features` property
-		return __hasRole(features(), required);
+		// delegate to internal `_isFeatureEnabled`
+		return _isFeatureEnabled(required);
 	}
 	/**
@@ -252,8 +83,8 @@ abstract contract AccessControl {
 	 * @return true if all the permissions requested are enabled, false otherwise
 	 */
 	function isSenderInRole(uint256 required) public view returns (bool) {
-		// delegate call to `isOperatorInRole`, passing transaction sender
-		return isOperatorInRole(msg.sender, required);
+		// delegate to internal `_isSenderInRole`
+		return _isSenderInRole(required);
 	}
 	/**
@@ -264,42 +95,7 @@ abstract contract AccessControl {
 	 * @return true if all the permissions requested are enabled, false otherwise
 	 */
 	function isOperatorInRole(address operator, uint256 required) public view returns (bool) {
-		// delegate call to `__hasRole`, passing operator's permissions (role)
-		return __hasRole(getRole(operator), required);
-	}
-	/**
-	 * @dev Sets the `assignedRole` role to the operator, logs both `requestedRole` and `actualRole`
-	 *
-	 * @dev Unsafe:
-	 *      provides direct write access to `userRoles` mapping without any security checks,
-	 *      doesn't verify the executor (msg.sender) permissions,
-	 *      must be kept private at all times
-	 *
-	 * @param operator address of a user to alter permissions for,
-	 *       or self address to alter global features of the smart contract
-	 * @param requestedRole bitmask representing a set of permissions requested
-	 *      to be enabled/disabled for a user specified, used only to be logged into event
-	 * @param assignedRole bitmask representing a set of permissions to
-	 *      enable/disable for a user specified, used to update the mapping and to be logged into event
-	 */
-	function __setRole(address operator, uint256 requestedRole, uint256 assignedRole) private {
-		// assign the role to the operator
-		userRoles[operator] = assignedRole;
-		// fire an event
-		emit RoleUpdated(operator, requestedRole, assignedRole);
-	}
-	/**
-	 * @dev Checks if role `actual` contains all the permissions required `required`
-	 *
-	 * @param actual existent role
-	 * @param required required role
-	 * @return true if actual has required role (all permissions), false otherwise
-	 */
-	function __hasRole(uint256 actual, uint256 required) private pure returns (bool) {
-		// check the bitmask for the role required and return the result
-		return actual & required == required;
+		// delegate to internal `_isOperatorInRole`
+		return _isOperatorInRole(operator, required);
 	}
 }

package/contracts/AccessControlCore.sol ADDED Viewed

@@ -0,0 +1,353 @@
+// SPDX-License-Identifier: MIT
+// custom errors (0.8.4)
+// require with message (0.4.22)
+// pure/view modifiers (0.4.16)
+// hardhat (0.4.11)
+pragma solidity >=0.8.4;
+/**
+ * @title Role-based Access Control Core (RBAC-C)
+ *
+ * @notice Access control smart contract provides an API to check
+ *      if a specific operation is permitted globally and/or
+ *      if a particular user has a permission to execute it.
+ *
+ * @notice This contract is inherited by other contracts requiring the role-based access control (RBAC)
+ *      protection for the restricted access functions
+ *
+ * @notice It deals with two main entities: features and roles.
+ *
+ * @notice Features are designed to be used to enable/disable public functions
+ *      of the smart contract (used by a wide audience).
+ * @notice User roles are designed to control the access to restricted functions
+ *      of the smart contract (used by a limited set of maintainers).
+ *
+ * @notice Terms "role", "permissions" and "set of permissions" have equal meaning
+ *      in the documentation text and may be used interchangeably.
+ * @notice Terms "permission", "single permission" implies only one permission bit set.
+ *
+ * @notice Access manager is a special role which allows to grant/revoke other roles.
+ *      Access managers can only grant/revoke permissions which they have themselves.
+ *      As an example, access manager with no other roles set can only grant/revoke its own
+ *      access manager permission and nothing else.
+ *
+ * @notice Access manager permission should be treated carefully, as a super admin permission:
+ *      Access manager with even no other permission can interfere with another account by
+ *      granting own access manager permission to it and effectively creating more powerful
+ *      permission set than its own.
+ *
+ * @dev Both current and OpenZeppelin AccessControl implementations feature a similar API
+ *      to check/know "who is allowed to do this thing".
+ * @dev Zeppelin implementation is more flexible:
+ *      - it allows setting unlimited number of roles, while current is limited to 256 different roles
+ *      - it allows setting an admin for each role, while current allows having only one global admin
+ * @dev Current implementation is more lightweight:
+ *      - it uses only 1 bit per role, while Zeppelin uses 256 bits
+ *      - it allows setting up to 256 roles at once, in a single transaction, while Zeppelin allows
+ *        setting only one role in a single transaction
+ *
+ * @dev This smart contract is designed to be inherited by other
+ *      smart contracts which require access control management capabilities.
+ *
+ * @dev Access manager permission has a bit 255 set.
+ *      This bit must not be used by inheriting contracts for any other permissions/features.
+ *
+ * @dev The 'core' version of the RBAC contract hides three rarely used external functions from the public ABI,
+ *      making them internal and thus reducing the overall compiled implementation size.
+ *      isFeatureEnabled() public -> _isFeatureEnabled() internal
+ *      isSenderInRole() public -> _isSenderInRole() internal
+ *      isOperatorInRole() public -> _isOperatorInRole() internal
+ *
+ * @custom:since 1.1.0
+ *
+ * @author Basil Gorin
+ */
+abstract contract AccessControlCore {
+	/**
+	 * @dev Privileged addresses with defined roles/permissions
+	 * @dev In the context of ERC20/ERC721 tokens these can be permissions to
+	 *      allow minting or burning tokens, transferring on behalf and so on
+	 *
+	 * @dev Maps user address to the permissions bitmask (role), where each bit
+	 *      represents a permission
+	 * @dev Bitmask 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+	 *      represents all possible permissions
+	 * @dev 'This' address mapping represents global features of the smart contract
+	 *
+	 * @dev We keep the mapping private to prevent direct writes to it from the inheriting
+	 *      contracts, `getRole()` and `updateRole()` functions should be used instead
+	 */
+	mapping(address => uint256) private userRoles;
+	/**
+	 * @notice Access manager is responsible for assigning the roles to users,
+	 *      enabling/disabling global features of the smart contract
+	 * @notice Access manager can add, remove and update user roles,
+	 *      remove and update global features
+	 *
+	 * @dev Role ROLE_ACCESS_MANAGER allows modifying user roles and global features
+	 * @dev Role ROLE_ACCESS_MANAGER has single bit at position 255 enabled
+	 */
+	uint256 public constant ROLE_ACCESS_MANAGER = 0x8000000000000000000000000000000000000000000000000000000000000000;
+	/**
+	 * @dev Bitmask representing all the possible permissions (super admin role)
+	 * @dev Has all the bits are enabled (2^256 - 1 value)
+	 */
+	uint256 internal constant FULL_PRIVILEGES_MASK = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;
+	/**
+	 * @notice Thrown when a function is executed by an account that does not have
+	 *      the required access permission(s) (role)
+	 *
+	 * @dev This error is used to enforce role-based access control (RBAC) restrictions
+	 */
+	error AccessDenied();
+	/**
+	 * @dev Fired in updateRole() and updateFeatures()
+	 *
+	 * @param operator address which was granted/revoked permissions
+	 * @param requested permissions requested
+	 * @param assigned permissions effectively set
+	 */
+	event RoleUpdated(address indexed operator, uint256 requested, uint256 assigned);
+	/**
+	 * @notice Function modifier making a function defined as public behave as restricted
+	 *      (so that only a pre-configured set of accounts can execute it)
+	 *
+	 * @param role the role transaction executor is required to have;
+	 *      the function throws an "access denied" exception if this condition is not met
+	 */
+	modifier restrictedTo(uint256 role) {
+		// verify the access permission
+		_requireSenderInRole(role);
+		// execute the rest of the function
+		_;
+	}
+	/**
+	 * @notice Creates an access control instance, setting the contract owner to have full privileges
+	 *
+	 * @param _owner smart contract owner having full privileges, can be zero
+	 * @param _features initial features mask of the contract, can be zero
+	 */
+	constructor(address _owner, uint256 _features) { // visibility modifier is required to be compilable with 0.6.x
+		// grant owner full privileges
+		__setRole(_owner, FULL_PRIVILEGES_MASK, FULL_PRIVILEGES_MASK);
+		// update initial features bitmask
+		__setRole(address(this), _features, _features);
+	}
+	/**
+	 * @notice Retrieves globally set of features enabled
+	 *
+	 * @dev Effectively reads userRoles role for the contract itself
+	 *
+	 * @return 256-bit bitmask of the features enabled
+	 */
+	function features() public view returns (uint256) {
+		// features are stored in 'this' address mapping of `userRoles`
+		return getRole(address(this));
+	}
+	/**
+	 * @notice Updates set of the globally enabled features (`features`),
+	 *      taking into account sender's permissions
+	 *
+	 * @dev Requires transaction sender to have `ROLE_ACCESS_MANAGER` permission
+	 * @dev Function is left for backward compatibility with older versions
+	 *
+	 * @param _mask bitmask representing a set of features to enable/disable
+	 */
+	function updateFeatures(uint256 _mask) public {
+		// delegate call to `updateRole`
+		updateRole(address(this), _mask);
+	}
+	/**
+	 * @notice Reads the permissions (role) for a given user from the `userRoles` mapping
+	 *      (privileged addresses with defined roles/permissions)
+	 * @notice In the context of ERC20/ERC721 tokens these can be permissions to
+	 *      allow minting or burning tokens, transferring on behalf and so on
+	 *
+	 * @dev Having a simple getter instead of making the mapping public
+	 *      allows enforcing the encapsulation of the mapping and protects from
+	 *      writing to it directly in the inheriting smart contracts
+	 *
+	 * @param operator address of a user to read permissions for,
+	 *      or self address to read global features of the smart contract
+	 */
+	function getRole(address operator) public view returns(uint256) {
+		// read the value from `userRoles` and return
+		return userRoles[operator];
+	}
+	/**
+	 * @notice Updates set of permissions (role) for a given user,
+	 *      taking into account sender's permissions.
+	 *
+	 * @dev Setting role to zero is equivalent to removing an all permissions
+	 * @dev Setting role to `FULL_PRIVILEGES_MASK` is equivalent to
+	 *      copying senders' permissions (role) to the user
+	 * @dev Requires transaction sender to have `ROLE_ACCESS_MANAGER` permission
+	 *
+	 * @param operator address of a user to alter permissions for,
+	 *       or self address to alter global features of the smart contract
+	 * @param role bitmask representing a set of permissions to
+	 *      enable/disable for a user specified
+	 */
+	function updateRole(address operator, uint256 role) public {
+		// caller must have a permission to update user roles
+		_requireSenderInRole(ROLE_ACCESS_MANAGER);
+		// evaluate the role and reassign it
+		__setRole(operator, role, _evaluateBy(msg.sender, getRole(operator), role));
+	}
+	/**
+	 * @notice Determines the permission bitmask an operator can set on the
+	 *      target permission set
+	 * @notice Used to calculate the permission bitmask to be set when requested
+	 *     in `updateRole` and `updateFeatures` functions
+	 *
+	 * @dev Calculated based on:
+	 *      1) operator's own permission set read from userRoles[operator]
+	 *      2) target permission set - what is already set on the target
+	 *      3) desired permission set - what do we want set target to
+	 *
+	 * @dev Corner cases:
+	 *      1) Operator is super admin and its permission set is `FULL_PRIVILEGES_MASK`:
+	 *        `desired` bitset is returned regardless of the `target` permission set value
+	 *        (what operator sets is what they get)
+	 *      2) Operator with no permissions (zero bitset):
+	 *        `target` bitset is returned regardless of the `desired` value
+	 *        (operator has no authority and cannot modify anything)
+	 *
+	 * @dev Example:
+	 *      Consider an operator with the permissions bitmask     00001111
+	 *      is about to modify the target permission set          01010101
+	 *      Operator wants to set that permission set to          00110011
+	 *      Based on their role, an operator has the permissions
+	 *      to update only lowest 4 bits on the target, meaning that
+	 *      high 4 bits of the target set in this example is left
+	 *      unchanged and low 4 bits get changed as desired:      01010011
+	 *
+	 * @param operator address of the contract operator which is about to set the permissions
+	 * @param target input set of permissions to operator is going to modify
+	 * @param desired desired set of permissions operator would like to set
+	 * @return resulting set of permissions given operator will set
+	 */
+	function _evaluateBy(address operator, uint256 target, uint256 desired) internal view returns (uint256) {
+		// read operator's permissions
+		uint256 p = getRole(operator);
+		// taking into account operator's permissions,
+		// 1) enable the permissions desired on the `target`
+		target |= p & desired;
+		// 2) disable the permissions desired on the `target`
+		target &= FULL_PRIVILEGES_MASK ^ (p & (FULL_PRIVILEGES_MASK ^ desired));
+		// return calculated result
+		return target;
+	}
+	/**
+	 * @notice Ensures that the transaction sender has the required access permission(s) (role)
+	 *
+	 * @dev Reverts with an `AccessDenied` error if the sender does not have the required role
+	 *
+	 * @param required the set of permissions (role) that the transaction sender is required to have
+	 */
+	function _requireSenderInRole(uint256 required) internal view {
+		// check if the transaction has the required permission(s),
+		// reverting with the "access denied" error if not
+		_requireAccessCondition(_isSenderInRole(required));
+	}
+	/**
+	 * @notice Ensures that a specific condition is met
+	 *
+	 * @dev Reverts with an `AccessDenied` error if the condition is not met
+	 *
+	 * @param condition the condition that needs to be true for the function to proceed
+	 */
+	function _requireAccessCondition(bool condition) internal pure {
+		// check if the condition holds
+		if(!condition) {
+			// revert with the "access denied" error if not
+			revert AccessDenied();
+		}
+	}
+	/**
+	 * @notice Checks if requested set of features is enabled globally on the contract
+	 *
+	 * @param required set of features to check against
+	 * @return true if all the features requested are enabled, false otherwise
+	 */
+	function _isFeatureEnabled(uint256 required) internal view returns (bool) {
+		// delegate call to `__hasRole`, passing `features` property
+		return __hasRole(features(), required);
+	}
+	/**
+	 * @notice Checks if transaction sender `msg.sender` has all the permissions required
+	 *
+	 * @param required set of permissions (role) to check against
+	 * @return true if all the permissions requested are enabled, false otherwise
+	 */
+	function _isSenderInRole(uint256 required) internal view returns (bool) {
+		// delegate call to `isOperatorInRole`, passing transaction sender
+		return _isOperatorInRole(msg.sender, required);
+	}
+	/**
+	 * @notice Checks if operator has all the permissions (role) required
+	 *
+	 * @param operator address of the user to check role for
+	 * @param required set of permissions (role) to check
+	 * @return true if all the permissions requested are enabled, false otherwise
+	 */
+	function _isOperatorInRole(address operator, uint256 required) internal view returns (bool) {
+		// delegate call to `__hasRole`, passing operator's permissions (role)
+		return __hasRole(getRole(operator), required);
+	}
+	/**
+	 * @dev Sets the `assignedRole` role to the operator, logs both `requestedRole` and `actualRole`
+	 *
+	 * @dev Unsafe:
+	 *      provides direct write access to `userRoles` mapping without any security checks,
+	 *      doesn't verify the executor (msg.sender) permissions,
+	 *      must be kept private at all times
+	 *
+	 * @param operator address of a user to alter permissions for,
+	 *       or self address to alter global features of the smart contract
+	 * @param requestedRole bitmask representing a set of permissions requested
+	 *      to be enabled/disabled for a user specified, used only to be logged into event
+	 * @param assignedRole bitmask representing a set of permissions to
+	 *      enable/disable for a user specified, used to update the mapping and to be logged into event
+	 */
+	function __setRole(address operator, uint256 requestedRole, uint256 assignedRole) private {
+		// assign the role to the operator
+		userRoles[operator] = assignedRole;
+		// fire an event
+		emit RoleUpdated(operator, requestedRole, assignedRole);
+	}
+	/**
+	 * @dev Checks if role `actual` contains all the permissions required `required`
+	 *
+	 * @param actual existent role
+	 * @param required required role
+	 * @return true if actual has required role (all permissions), false otherwise
+	 */
+	function __hasRole(uint256 actual, uint256 required) private pure returns (bool) {
+		// check the bitmask for the role required and return the result
+		return actual & required == required;
+	}
+}

package/contracts/AdapterFactory.sol CHANGED Viewed

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity >=0.6.2;
+pragma solidity >=0.8.4;
 import "./OwnableToAccessControlAdapter.sol";

package/contracts/OwnableToAccessControlAdapter.sol CHANGED Viewed

@@ -1,5 +1,7 @@
 // SPDX-License-Identifier: MIT
-pragma solidity >=0.6.2; // breaking changes in .call() (0.5.0), allow .call{}() (0.6.2)
+// breaking changes in .call() (0.5.0)
+// allow .call{}() (0.6.2)
+pragma solidity >=0.8.4;
 import "./AccessControl.sol";
@@ -63,7 +65,7 @@ import "./AccessControl.sol";
  *
  * @author Basil Gorin
  */
-contract OwnableToAccessControlAdapter is AccessControl {
+contract OwnableToAccessControlAdapter is AccessControlCore {
 	/**
 	 * @dev Target OZ Ownable contract AccessControl Adapter executes the transactions on
 	 *
@@ -111,7 +113,7 @@ contract OwnableToAccessControlAdapter is AccessControl {
 	 * @param _target target OZ Ownable contract address
 	 * @param _owner smart contract owner having full privileges
 	 */
-	constructor(address _target, address _owner) public AccessControl(_owner, 0) {
+	constructor(address _target, address _owner) AccessControlCore(_owner, 0) { // visibility modifier is required to be compilable with 0.6.x
 		// verify the inputs
 		require(_target != address(0), "zero address");
@@ -148,7 +150,7 @@ contract OwnableToAccessControlAdapter is AccessControl {
 	 */
 	function updateAccessRole(bytes4 selector, uint256 role) public {
 		// verify the access permission
-		require(isSenderInRole(ROLE_ACCESS_ROLES_MANAGER), "access denied");
+		_requireSenderInRole(ROLE_ACCESS_ROLES_MANAGER);
 		// update the function access role
 		accessRoles[selector] = role;
@@ -190,7 +192,7 @@ contract OwnableToAccessControlAdapter is AccessControl {
 			require(roleRequired != 0, "access role not set");
 			// verify the access permission
-			require(isSenderInRole(roleRequired), "access denied");
+			_requireSenderInRole(roleRequired);
 		}
 		// execute the call on the target

package/contracts/mocks/AccessControlMock.sol CHANGED Viewed

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity >=0.4.22;
+pragma solidity >=0.8.4;
 import "../AccessControl.sol";
@@ -11,4 +11,10 @@ contract AccessControlMock is AccessControl {
 	function restricted() public restrictedTo(RESTRICTED_ROLE) {
 		emit Restricted();
 	}
+	function requireSenderInRole(uint256 required) public view {
+		_requireSenderInRole(required);
+	}
+	function requireAccessCondition(bool condition) public pure {
+		_requireAccessCondition(condition);
+	}
 }

package/hardhat.config.js CHANGED Viewed

@@ -1,6 +1,6 @@
 /**
  * default Hardhat configuration which uses account mnemonic to derive accounts
- * script expects following environment variables to be set:
+ * script supports the following environment variables set:
  *   - P_KEY1 – mainnet private key, should start with 0x
  *     or
  *   - MNEMONIC1 – mainnet mnemonic, 12 words
@@ -53,6 +53,10 @@
  *     or
  *   - MNEMONIC84532 – Base Sepolia (testnet) Optimistic Rollup (L2) mnemonic, 12 words
  *
+ *   - P_KEY – Custom network (defined by its JSON-RPC) private key, should start with 0x
+ *     or
+ *   - MNEMONIC – Custom network (defined by its JSON-RPC) mnemonic, 12 words
+ *
  *   - ALCHEMY_KEY – Alchemy API key
  *     or
  *   - INFURA_KEY – Infura API key (Project ID)
@@ -85,6 +89,13 @@ require("hardhat-gas-reporter");
 // https://www.npmjs.com/package/hardhat-deploy
 require("hardhat-deploy");
+// automatically generate TypeScript bindings for smart contracts while using Hardhat
+// TypeScript bindings help IDEs to properly recognize compiled contracts' ABIs
+// https://github.com/dethcrypto/TypeChain/tree/master/packages/hardhat
+// npm install -D typechain @typechain/hardhat @typechain/truffle-v5
+// run: npx hardhat typechain
+// require("@typechain/hardhat");
 // verify environment setup, display warning if required, replace missing values with fakes
 const FAKE_MNEMONIC = "test test test test test test test test test test test junk";
 if(!process.env.MNEMONIC1 && !process.env.P_KEY1) {
@@ -185,19 +196,26 @@ else if(process.env.P_KEY84531 && !process.env.P_KEY84531.startsWith("0x")) {
 }
 if(!process.env.MNEMONIC84532 && !process.env.P_KEY84532) {
 	console.warn("neither MNEMONIC84532 nor P_KEY84532 is not set. Base Sepolia (testnet) deployments won't be available");
-	process.env.MNEMONIC84531 = FAKE_MNEMONIC;
+	process.env.MNEMONIC84532 = FAKE_MNEMONIC;
 }
 else if(process.env.P_KEY84532 && !process.env.P_KEY84532.startsWith("0x")) {
 	console.warn("P_KEY84532 doesn't start with 0x. Appended 0x");
 	process.env.P_KEY84532 = "0x" + process.env.P_KEY84532;
 }
+if(!process.env.MNEMONIC && !process.env.P_KEY) {
+	process.env.MNEMONIC = FAKE_MNEMONIC;
+}
+else if(process.env.P_KEY && !process.env.P_KEY.startsWith("0x")) {
+	console.warn("P_KEY doesn't start with 0x. Appended 0x");
+	process.env.P_KEY = "0x" + process.env.P_KEY;
+}
 if(!process.env.INFURA_KEY && !process.env.ALCHEMY_KEY) {
 	console.warn("neither INFURA_KEY nor ALCHEMY_KEY is not set. Deployments may not be available");
 	process.env.INFURA_KEY = "";
 	process.env.ALCHEMY_KEY = "";
 }
 if(!process.env.ETHERSCAN_KEY) {
-	console.warn("ETHERSCAN_KEY is not set. Deployed smart contract code verification won't be available");
+	console.warn("ETHERSCAN_KEY is not set. Deployed smart contract code verification won't be available on etherscan");
 	process.env.ETHERSCAN_KEY = "";
 }
 if(!process.env.POLYSCAN_KEY) {
@@ -210,6 +228,7 @@ if(!process.env.BSCSCAN_KEY) {
 }
 if(!process.env.BASESCAN_KEY) {
 	console.warn("BASESCAN_KEY is not set. Deployed smart contract code verification won't be available on BaseScan");
+	process.env.BASESCAN_KEY = "";
 }
 /**
@@ -303,6 +322,10 @@ module.exports = {
 			url: get_endpoint_url("base_sepolia"),
 			accounts: get_accounts(process.env.P_KEY84532, process.env.MNEMONIC84532),
 		},
+		custom: {
+			url: get_endpoint_url(),
+			accounts: get_accounts(process.env.P_KEY, process.env.MNEMONIC),
+		},
 	},
 	// Configure Solidity compiler
@@ -348,6 +371,12 @@ module.exports = {
 		]
 	},
+	// configure typechain to generate Truffle v5 bindings
+	typechain: {
+		outDir: "typechain",
+		target: "truffle-v5",
+	},
 	// Set default mocha options here, use special reporters etc.
 	mocha: {
 		// timeout: 100000,
@@ -424,12 +453,12 @@ function get_endpoint_url(network_name) {
 	// create a key: https://www.alchemy.com/
 	if(process.env.ALCHEMY_KEY) {
 		switch(network_name) {
-			case "mainnet": return "https://eth-mainnet.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
-			case "ropsten": return "https://eth-ropsten.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
-			case "rinkeby": return "https://eth-rinkeby.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
-			case "kovan": return "https://eth-kovan.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
-			case "goerli": return "https://eth-goerli.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
-			case "sepolia": return "https://eth-sepolia.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
+			case "mainnet": return "https://eth-mainnet.g.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
+			case "ropsten": return "https://eth-ropsten.g.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
+			case "rinkeby": return "https://eth-rinkeby.g.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
+			case "kovan": return "https://eth-kovan.g.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
+			case "goerli": return "https://eth-goerli.g.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
+			case "sepolia": return "https://eth-sepolia.g.alchemyapi.io/v2/" + process.env.ALCHEMY_KEY;
 			case "polygon": return "https://polygon-mainnet.g.alchemy.com/v2/" + process.env.ALCHEMY_KEY;
 			case "mumbai": return "https://polygon-mumbai.g.alchemy.com/v2/" + process.env.ALCHEMY_KEY;
 			case "base_mainnet": return "https://base-mainnet.g.alchemy.com/v2/" + process.env.ALCHEMY_KEY;

package/index.js CHANGED Viewed

@@ -9,6 +9,9 @@ const {
 	not,
 } = require("./scripts/include/features_roles");
+// RBAC behaviours
+const {behavesLikeRBAC} = require("./test/include/rbac.behaviour");
 // Re-export the functions
 module.exports = {
 	ROLE_ACCESS_MANAGER,
@@ -16,4 +19,5 @@ module.exports = {
 	FULL_PRIVILEGES_MASK,
 	or,
 	not,
+	behavesLikeRBAC,
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lazy-sol/access-control",
-  "version": "1.0.5",
+  "version": "1.1.0",
   "description": "Enable the modular plug and play (PnP) architecture for your dapp by incorporating the role-based access control (RBAC) into the smart contracts",
   "main": "index.js",
   "scripts": {
@@ -22,18 +22,22 @@
   "author": "Basil Gorin",
   "license": "MIT",
   "dependencies": {
-    "@lazy-sol/a-missing-gem": "^1.0.4",
+    "@lazy-sol/a-missing-gem": "^1.0.9",
     "@nomiclabs/hardhat-truffle5": "^2.0.7",
-    "hardhat": "^2.22.4",
+    "hardhat": "^2.22.9",
     "hardhat-deploy": "^0.11.45"
   },
   "devDependencies": {
-    "@lazy-sol/zeppelin-test-helpers": "^1.0.0",
+    "@lazy-sol/zeppelin-test-helpers": "^1.0.5",
     "hardhat-gas-reporter": "^1.0.10",
-    "solidity-coverage": "^0.8.12"
+    "solidity-coverage": "^0.8.13"
   },
   "overrides": {
+    "axios": ">=1.7.5",
+    "micromatch": "^4.0.8",
+    "tar": "^6.2.1",
     "tough-cookie": "^4.1.3",
-    "yargs-parser": "^5.0.1"
+    "yargs-parser": "^5.0.1",
+    "ws": "^8.0.0"
   }
 }

package/test/include/rbac.behaviour.js CHANGED Viewed

@@ -15,16 +15,17 @@ const {
 	MAX_UINT256,
 } = constants;
-// BN utils
+// BN constants and utilities
 const {
 	random_bn255,
 	random_bn256,
-} = require("@lazy-sol/a-missing-gem/bn_utils");
+} = require("@lazy-sol/a-missing-gem");
 // RBAC core features and roles
 const {
 	not,
-	ROLE_ACCESS_MANAGER, FULL_PRIVILEGES_MASK,
+	ROLE_ACCESS_MANAGER,
+	FULL_PRIVILEGES_MASK,
 } = require("../../scripts/include/features_roles");
 /**
@@ -40,6 +41,18 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
 	const by = a1;
 	const to = a2;
+	describe("requireAccessCondition(condition) pure function", function() {
+		let access_control;
+		beforeEach(async function() {
+			access_control = await deployment_fn.call(this, a0, ZERO_ADDRESS, 0);
+		});
+		it("throws if condition is false", async function() {
+			await expectRevert(access_control.requireAccessCondition(false, {from: a0}), "AccessDenied()");
+		});
+		it("succeeds if condition is true", async function() {
+			await access_control.requireAccessCondition(true, {from: a0});
+		});
+	});
 	describe("deployment and initial state", function() {
 		function deploy_and_check(owner, features) {
 			let access_control;
@@ -81,7 +94,7 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
 			deploy_and_check(a1, random_bn256());
 		});
 	});
-	describe("when deployed with not initial features", function() {
+	describe("when deployed with no initial features", function() {
 		let access_control;
 		beforeEach(async function() {
 			access_control = await deployment_fn.call(this, a0);
@@ -92,7 +105,7 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
 				beforeEach(async function() {
 					await access_control.updateRole(by, ROLE_ACCESS_MANAGER, {from: a0});
 				});
-				describe("when ACCESS_MANAGER has full set of permissions", function() {
+				describe("when ACCESS_MANAGER has the full set of permissions", function() {
 					beforeEach(async function() {
 						await access_control.updateRole(by, MAX_UINT256, {from: a0});
 					});
@@ -271,6 +284,7 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
 					it("operator becomes an ACCESS_MANAGER", async function() {
 						expect(await access_control.isOperatorInRole(to, ROLE_ACCESS_MANAGER), "operator").to.be.true;
 						expect(await access_control.isSenderInRole(ROLE_ACCESS_MANAGER, {from: to}), "sender").to.be.true;
+						await access_control.requireSenderInRole(ROLE_ACCESS_MANAGER, {from: to});
 					});
 				});
 				describe("when ACCESS_MANAGER revokes ACCESS_MANAGER permission from itself", function() {
@@ -280,15 +294,16 @@ function behavesLikeRBAC(deployment_fn, a0, a1, a2) {
 					it("operator ceases to be an ACCESS_MANAGER", async function() {
 						expect(await access_control.isOperatorInRole(by, ROLE_ACCESS_MANAGER), "operator").to.be.false;
 						expect(await access_control.isSenderInRole(ROLE_ACCESS_MANAGER, {from: by}), "sender").to.be.false;
+						await expectRevert(access_control.requireSenderInRole(ROLE_ACCESS_MANAGER, {from: to}), "AccessDenied()");
 					});
 				});
 			});
 			describe("otherwise (no ACCESS_MANAGER permission)", function() {
 				it("updateFeatures reverts", async function() {
-					await expectRevert(access_control.updateFeatures(1, {from: by}), "access denied");
+					await expectRevert(access_control.updateFeatures(1, {from: by}), "AccessDenied()");
 				});
 				it("updateRole reverts", async function() {
-					await expectRevert(access_control.updateRole(to, 1, {from: by}), "access denied");
+					await expectRevert(access_control.updateRole(to, 1, {from: by}), "AccessDenied()");
 				});
 			});
 		}

package/test/ownable_to_rbac_adapter.js CHANGED Viewed

@@ -72,7 +72,7 @@ contract("OwnableToAccessControlAdapter tests", function(accounts) {
 					from: a1,
 					to: adapter.address,
 					data: target.contract.methods.transferOwnership(a2).encodeABI(),
-				}), "access denied");
+				}), "AccessDenied()");
 			});
 			describe("once an account has authorization to execute transferOwnership function", function() {
 				beforeEach(async function() {

package/test/ownable_to_rbac_adapter_rbac.js CHANGED Viewed

@@ -43,12 +43,12 @@ contract("OwnableToAccessControlAdapter: RBAC tests", function(accounts) {
 			({target, adapter} = await deploy_ownable_to_ac_adapter(a0));
 		});
-		it("it is impossible to configure the access role from unauthorized account", async function() {
+		it("it is impossible to configure the access role from an unauthorized account", async function() {
 			const operator = a1;
 			await adapter.updateRole(operator, not(ROLE_ACCESS_ROLES_MANAGER), {from: a0});
-			await expectRevert(adapter.updateAccessRole("1", 1, {from: operator}), "access denied");
+			await expectRevert(adapter.updateAccessRole("1", 1, {from: operator}), "AccessDenied()");
 		});
-		it("it is possible to configure the access role from authorized account", async function() {
+		it("it is possible to configure the access role from the authorized account", async function() {
 			const operator = a1;
 			await adapter.updateRole(operator, ROLE_ACCESS_ROLES_MANAGER, {from: a0});
 			adapter.updateAccessRole("1", 1, {from: operator});

package/test/rbac_modifier.js CHANGED Viewed

@@ -38,7 +38,7 @@ contract('AccessControl (RBAC) "restrictedTo" Modifier tests', function(accounts
 			access_control = await deploy_access_control(a0);
 		});
 		it("function protected with restrictedTo modifier fails when run not by an admin", async function() {
-			await expectRevert(access_control.restricted({from: a1}), "access denied");
+			await expectRevert(access_control.restricted({from: a1}), "AccessDenied()");
 		});
 		describe("function protected with restrictedTo modifier succeeds when run by admin", async function() {
 			let receipt;