ACL
contract ACL
is IACL, TimeHelpers, AragonApp, ACLHelpers
Source: contracts/acl/ACL.sol
Index
Reference
Events
ChangePermissionManager
event`` ChangePermissionManager(address app, bytes32 role, address manager)
Parameters:
app- addressrole- bytes32manager- address
SetPermission
event`` SetPermission(address entity, address app, bytes32 role, bool allowed)
Parameters:
entity- addressapp- addressrole- bytes32allowed- bool
SetPermissionParams
event`` SetPermissionParams(address entity, address app, bytes32 role, bytes32 paramsHash)
Parameters:
entity- addressapp- addressrole- bytes32paramsHash- bytes32
Modifiers
noPermissionManager
modifier`` noPermissionManager(address _app, bytes32 _role)
Parameters:
_app- address_role- bytes32
onlyPermissionManager
modifier`` onlyPermissionManager(address _app, bytes32 _role)
Parameters:
_app- address_role- bytes32
Functions
_createPermission
function`` _createPermission(address _entity, address _app, bytes32 _role, address _manager) internal
Internal createPermission for access inside the kernel (on instantiation).
Parameters:
_entity- address_app- address_role- bytes32_manager- address
_evalLogic
function`` _evalLogic(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool)
Parameters:
_param- Param_paramsHash- bytes32_who- address_where- address_what- bytes32_how- uint256[]
Returns:
bool
_evalParam
function`` _evalParam(bytes32 _paramsHash, uint32 _paramId, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool)
Parameters:
_paramsHash- bytes32_paramId- uint32_who- address_where- address_what- bytes32_how- uint256[]
Returns:
bool
_saveParams
function`` _saveParams(uint256[] _encodedParams) internal returns (bytes32)
Parameters:
_encodedParams- uint256[]
Returns:
bytes32
_setPermission
function`` _setPermission(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal
Internal function called to actually save the permission.
Parameters:
_entity- address_app- address_role- bytes32_paramsHash- bytes32
_setPermissionManager
function`` _setPermissionManager(address _newManager, address _app, bytes32 _role) internal
Internal function that sets management.
Parameters:
_newManager- address_app- address_role- bytes32
burnPermissionManager
function`` burnPermissionManager(address _app, bytes32 _role) external
Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager).
Modifiers:
Parameters:
_app- Address of the app in which the permission is being burned_role- Identifier for the group of actions being burned
checkOracle
function`` checkOracle(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool)
Parameters:
_oracleAddr- IACLOracle_who- address_where- address_what- bytes32_how- uint256[]
Returns:
bool
compare
function`` compare(uint256 _a, Op _op, uint256 _b) internal pure returns (bool)
Parameters:
_a- uint256_op- Op_b- uint256
Returns:
bool
createBurnedPermission
function`` createBurnedPermission(address _app, bytes32 _role) external
Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager).
Modifiers:
Parameters:
_app- Address of the app in which the permission is being burned_role- Identifier for the group of actions being burned
createPermission
function`` createPermission(address _entity, address _app, bytes32 _role, address _manager) external
Creates a permission that wasn't previously set and managed. If a created permission is removed it is possible to reset it with createPermission. This is the **ONLY** way to create permissions and set managers to permissions that don't have a manager. In terms of the ACL being initialized, this function implicitly protects all the other state-changing external functions, as they all require the sender to be a manager., Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager.
Modifiers:
Parameters:
_entity- Address of the whitelisted entity that will be able to perform the role_app- Address of the app in which the role will be allowed (requires app to depend on kernel for ACL)_role- Identifier for the group of actions in app given access to perform_manager- Address of the entity that will be able to grant and revoke the permission further.
evalParams
function`` evalParams(bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) public view returns (bool)
Parameters:
_paramsHash- bytes32_who- address_where- address_what- bytes32_how- uint256[]
Returns:
bool
getPermissionManager
function`` getPermissionManager(address _app, bytes32 _role) public view returns (address)
Get manager for permission.
Parameters:
_app- Address of the app_role- Identifier for a group of actions in app
Returns:
address of the manager for the permission
getPermissionParam
function`` getPermissionParam(address _entity, address _app, bytes32 _role, uint _index) external view returns (uint8, uint8, uint240)
Get parameter for permission.
Parameters:
_entity- Address of the whitelisted entity that will be able to perform the role_app- Address of the app_role- Identifier for a group of actions in app_index- Index of parameter in the array
Returns:
Parameter (id, op, value)
getPermissionParamsLength
function`` getPermissionParamsLength(address _entity, address _app, bytes32 _role) external view returns (uint)
Get parameters for permission array length.
Parameters:
_entity- Address of the whitelisted entity that will be able to perform the role_app- Address of the app_role- Identifier for a group of actions in app
Returns:
Length of the array
grantPermission
function`` grantPermission(address _entity, address _app, bytes32 _role) external
Grants permission if allowed. This requires `msg.sender` to be the permission manager, Grant `_entity` the ability to perform actions requiring `_role` on `_app`.
Parameters:
_entity- Address of the whitelisted entity that will be able to perform the role_app- Address of the app in which the role will be allowed (requires app to depend on kernel for ACL)_role- Identifier for the group of actions in app given access to perform
grantPermissionP
function`` grantPermissionP(address _entity, address _app, bytes32 _role, uint256[] _params) public
Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager, Grant `_entity` the ability to perform actions requiring `_role` on `_app`.
Modifiers:
Parameters:
_entity- Address of the whitelisted entity that will be able to perform the role_app- Address of the app in which the role will be allowed (requires app to depend on kernel for ACL)_role- Identifier for the group of actions in app given access to perform_params- Permission parameters
hasPermission
function`` hasPermission(address _who, address _where, bytes32 _what, bytes _how) public view returns (bool)
Function called by apps to check ACL on kernel or to check permission statu.
Parameters:
_who- Sender of the original call_where- Identifier for a group of actions in app_what- bytes32_how- Permission parameters
Returns:
boolean indicating whether the ACL allows the role or not
hasPermission
function`` hasPermission(address _who, address _where, bytes32 _what, uint256[] _how) public view returns (bool)
Parameters:
_who- address_where- address_what- bytes32_how- uint256[]
Returns:
bool
hasPermission
function`` hasPermission(address _who, address _where, bytes32 _what) public view returns (bool)
Parameters:
_who- address_where- address_what- bytes32
Returns:
bool
initialize
function`` initialize(address _permissionsCreator) public
Initialize can only be called once. It saves the block number in which it was initialized., Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions.
Modifiers:
Parameters:
_permissionsCreator- Entity that will be given permission over createPermission
permissionHash
function`` permissionHash(address _who, address _where, bytes32 _what) internal pure returns (bytes32)
Parameters:
_who- address_where- address_what- bytes32
Returns:
bytes32
removePermissionManager
function`` removePermissionManager(address _app, bytes32 _role) external
Remove the manager of `_role` in `_app`.
Modifiers:
Parameters:
_app- Address of the app in which the permission is being unmanaged_role- Identifier for the group of actions being unmanaged
revokePermission
function`` revokePermission(address _entity, address _app, bytes32 _role) external
Revokes permission if allowed. This requires `msg.sender` to be the the permission manager, Revoke from `_entity` the ability to perform actions requiring `_role` on `_app`.
Modifiers:
Parameters:
_entity- Address of the whitelisted entity to revoke access from_app- Address of the app in which the role will be revoked_role- Identifier for the group of actions in app being revoked
roleHash
function`` roleHash(address _where, bytes32 _what) internal pure returns (bytes32)
Parameters:
_where- address_what- bytes32
Returns:
bytes32
setPermissionManager
function`` setPermissionManager(address _newManager, address _app, bytes32 _role) external
Set `_newManager` as the manager of `_role` in `_app`.
Modifiers:
Parameters:
_newManager- Address for the new manager_app- Address of the app in which the permission management is being transferred_role- Identifier for the group of actions being transferred
Last updated
Was this helpful?