ACL
contract ACL
is IACL, TimeHelpers, AragonApp, ACLHelpers
Source: contracts/acl/ACL.sol
Index
Reference
Events
ChangePermissionManager
event``
ChangePermissionManager
(address app, bytes32 role, address manager)
Parameters:
app
- addressrole
- bytes32manager
- address
SetPermission
event``
SetPermission
(address entity, address app, bytes32 role, bool allowed)
Parameters:
entity
- addressapp
- addressrole
- bytes32allowed
- bool
SetPermissionParams
event``
SetPermissionParams
(address entity, address app, bytes32 role, bytes32 paramsHash)
Parameters:
entity
- addressapp
- addressrole
- bytes32paramsHash
- bytes32
Modifiers
noPermissionManager
modifier``
noPermissionManager
(address _app, bytes32 _role)
Parameters:
_app
- address_role
- bytes32
onlyPermissionManager
modifier``
onlyPermissionManager
(address _app, bytes32 _role)
Parameters:
_app
- address_role
- bytes32
Functions
_createPermission
function``
_createPermission
(address _entity, address _app, bytes32 _role, address _manager) internal
Internal createPermission for access inside the kernel (on instantiation).
Parameters:
_entity
- address_app
- address_role
- bytes32_manager
- address
_evalLogic
function``
_evalLogic
(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool)
Parameters:
_param
- Param_paramsHash
- bytes32_who
- address_where
- address_what
- bytes32_how
- uint256[]
Returns:
bool
_evalParam
function``
_evalParam
(bytes32 _paramsHash, uint32 _paramId, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool)
Parameters:
_paramsHash
- bytes32_paramId
- uint32_who
- address_where
- address_what
- bytes32_how
- uint256[]
Returns:
bool
_saveParams
function``
_saveParams
(uint256[] _encodedParams) internal returns (bytes32)
Parameters:
_encodedParams
- uint256[]
Returns:
bytes32
_setPermission
function``
_setPermission
(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal
Internal function called to actually save the permission.
Parameters:
_entity
- address_app
- address_role
- bytes32_paramsHash
- bytes32
_setPermissionManager
function``
_setPermissionManager
(address _newManager, address _app, bytes32 _role) internal
Internal function that sets management.
Parameters:
_newManager
- address_app
- address_role
- bytes32
burnPermissionManager
function``
burnPermissionManager
(address _app, bytes32 _role) external
Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager).
Modifiers:
Parameters:
_app
- Address of the app in which the permission is being burned_role
- Identifier for the group of actions being burned
checkOracle
function``
checkOracle
(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool)
Parameters:
_oracleAddr
- IACLOracle_who
- address_where
- address_what
- bytes32_how
- uint256[]
Returns:
bool
compare
function``
compare
(uint256 _a, Op _op, uint256 _b) internal pure returns (bool)
Parameters:
_a
- uint256_op
- Op_b
- uint256
Returns:
bool
createBurnedPermission
function``
createBurnedPermission
(address _app, bytes32 _role) external
Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager).
Modifiers:
Parameters:
_app
- Address of the app in which the permission is being burned_role
- Identifier for the group of actions being burned
createPermission
function``
createPermission
(address _entity, address _app, bytes32 _role, address _manager) external
Creates a permission that wasn't previously set and managed. If a created permission is removed it is possible to reset it with createPermission. This is the **ONLY** way to create permissions and set managers to permissions that don't have a manager. In terms of the ACL being initialized, this function implicitly protects all the other state-changing external functions, as they all require the sender to be a manager., Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager.
Modifiers:
Parameters:
_entity
- Address of the whitelisted entity that will be able to perform the role_app
- Address of the app in which the role will be allowed (requires app to depend on kernel for ACL)_role
- Identifier for the group of actions in app given access to perform_manager
- Address of the entity that will be able to grant and revoke the permission further.
evalParams
function``
evalParams
(bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) public view returns (bool)
Parameters:
_paramsHash
- bytes32_who
- address_where
- address_what
- bytes32_how
- uint256[]
Returns:
bool
getPermissionManager
function``
getPermissionManager
(address _app, bytes32 _role) public view returns (address)
Get manager for permission.
Parameters:
_app
- Address of the app_role
- Identifier for a group of actions in app
Returns:
address of the manager for the permission
getPermissionParam
function``
getPermissionParam
(address _entity, address _app, bytes32 _role, uint _index) external view returns (uint8, uint8, uint240)
Get parameter for permission.
Parameters:
_entity
- Address of the whitelisted entity that will be able to perform the role_app
- Address of the app_role
- Identifier for a group of actions in app_index
- Index of parameter in the array
Returns:
Parameter (id, op, value)
getPermissionParamsLength
function``
getPermissionParamsLength
(address _entity, address _app, bytes32 _role) external view returns (uint)
Get parameters for permission array length.
Parameters:
_entity
- Address of the whitelisted entity that will be able to perform the role_app
- Address of the app_role
- Identifier for a group of actions in app
Returns:
Length of the array
grantPermission
function``
grantPermission
(address _entity, address _app, bytes32 _role) external
Grants permission if allowed. This requires `msg.sender` to be the permission manager, Grant `_entity` the ability to perform actions requiring `_role` on `_app`.
Parameters:
_entity
- Address of the whitelisted entity that will be able to perform the role_app
- Address of the app in which the role will be allowed (requires app to depend on kernel for ACL)_role
- Identifier for the group of actions in app given access to perform
grantPermissionP
function``
grantPermissionP
(address _entity, address _app, bytes32 _role, uint256[] _params) public
Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager, Grant `_entity` the ability to perform actions requiring `_role` on `_app`.
Modifiers:
Parameters:
_entity
- Address of the whitelisted entity that will be able to perform the role_app
- Address of the app in which the role will be allowed (requires app to depend on kernel for ACL)_role
- Identifier for the group of actions in app given access to perform_params
- Permission parameters
hasPermission
function``
hasPermission
(address _who, address _where, bytes32 _what, bytes _how) public view returns (bool)
Function called by apps to check ACL on kernel or to check permission statu.
Parameters:
_who
- Sender of the original call_where
- Identifier for a group of actions in app_what
- bytes32_how
- Permission parameters
Returns:
boolean indicating whether the ACL allows the role or not
hasPermission
function``
hasPermission
(address _who, address _where, bytes32 _what, uint256[] _how) public view returns (bool)
Parameters:
_who
- address_where
- address_what
- bytes32_how
- uint256[]
Returns:
bool
hasPermission
function``
hasPermission
(address _who, address _where, bytes32 _what) public view returns (bool)
Parameters:
_who
- address_where
- address_what
- bytes32
Returns:
bool
initialize
function``
initialize
(address _permissionsCreator) public
Initialize can only be called once. It saves the block number in which it was initialized., Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions.
Modifiers:
Parameters:
_permissionsCreator
- Entity that will be given permission over createPermission
permissionHash
function``
permissionHash
(address _who, address _where, bytes32 _what) internal pure returns (bytes32)
Parameters:
_who
- address_where
- address_what
- bytes32
Returns:
bytes32
removePermissionManager
function``
removePermissionManager
(address _app, bytes32 _role) external
Remove the manager of `_role` in `_app`.
Modifiers:
Parameters:
_app
- Address of the app in which the permission is being unmanaged_role
- Identifier for the group of actions being unmanaged
revokePermission
function``
revokePermission
(address _entity, address _app, bytes32 _role) external
Revokes permission if allowed. This requires `msg.sender` to be the the permission manager, Revoke from `_entity` the ability to perform actions requiring `_role` on `_app`.
Modifiers:
Parameters:
_entity
- Address of the whitelisted entity to revoke access from_app
- Address of the app in which the role will be revoked_role
- Identifier for the group of actions in app being revoked
roleHash
function``
roleHash
(address _where, bytes32 _what) internal pure returns (bytes32)
Parameters:
_where
- address_what
- bytes32
Returns:
bytes32
setPermissionManager
function``
setPermissionManager
(address _newManager, address _app, bytes32 _role) external
Set `_newManager` as the manager of `_role` in `_app`.
Modifiers:
Parameters:
_newManager
- Address for the new manager_app
- Address of the app in which the permission management is being transferred_role
- Identifier for the group of actions being transferred
Last updated