This document defines Authorization Module for the CMTA Token specification.
[TOC]
There are many operations that only authorized users are allowed to perform, such as issuing new tokens. Thus we need to manage authorization in a centralized way. Authorization Module covers authorization use cases for the CMTA Token specification.
This diagram shows the different roles.
- The rectangle represent the functions
- The circle represents the roles
The actor admin, defined inside the constructor or with the function initialize
has the role DEFAULT_ADMIN_ROLE
.
The DEFAULT_ADMIN_ROLE has automatically all the roles.
This behavior is implemented by overriding the function hasRole
from OpenZeppelin
File Name | SHA-1 Hash |
---|---|
./modules/security/AuthorizationModule.sol | b816390e7b0da6bbd9602af5a7f92dfc0095bbcd |
Contract | Type | Bases | ||
---|---|---|---|---|
└ | Function Name | Visibility | Mutability | Modifiers |
AuthorizationModule | Implementation | AccessControlUpgradeable | ||
└ | __AuthorizationModule_init | Internal 🔒 | 🛑 | onlyInitializing |
└ | __AuthorizationModule_init_unchained | Internal 🔒 | 🛑 | onlyInitializing |
└ | hasRole | Public ❗️ | NO❗️ |
Symbol | Meaning |
---|---|
🛑 | Function can modify state |
💵 | Function is payable |
Origin: OpenZeppelin (AccessControlUpgradeable)
function grantRole(bytes32 role, address account)
public virtual override onlyRole(getRoleAdmin(role))
Grant the given role
to the given account
.
Here the role is a keccak256 hash of the role name.
Only authorized users are allowed to call this function.
Origin: OpenZeppelin (AccessControlUpgradeable)
function revokeRole(bytes32 role, address account)
public virtual override onlyRole(getRoleAdmin(role))
Revoke from the given role
from the given account
.
Only authorized users are allowed to call this function.
Origin: OpenZeppelin (AccessControlUpgradeable)
function getRoleAdmin(bytes32 role)
public view virtual override
returns (bytes32)
Returns the admin role that controls role
This function is overridden inside this module in order to give all the roles to the role DEFAULT_ADMIN_ROLE
.
function hasRole(bytes32 role, address account)
public view virtual override
returns (bool)
Tell, whether the given account
has the given role
currently.
Origin: OpenZeppelin (AccessControlUpgradeable)
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender)
Emitted when the specified account
was given the specified role
.
Origin: OpenZeppelin (AccessControlUpgradeable)
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender)
Emitted when the the specified role
was revoked from the specified account
.
Origin: OpenZeppelin (AccessControlUpgradeable)
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole)
Emitted when newAdminRole
is set as role
's admin role, replacing previousAdminRole