View Source: openzeppelin-solidity/contracts/access/AccessControl.sol
↗ Extends: Context, IAccessControl, ERC165 ↘ Derived Contracts: MockProtocol, ProtoBase, TimelockController
AccessControl
Contract module that allows children to implement role-based access
control mechanisms. This is a lightweight version that doesn't allow enumerating role
members except through off-chain means by accessing the contract event logs. Some
applications may benefit from on-chain enumerability, for those cases see
{AccessControlEnumerable}.
Roles are referred to by their bytes32
identifier. These should be exposed
in the external API and be unique. The best way to achieve this is by
using public constant
hash digests:
bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
Roles can be used to represent a set of permissions. To restrict access to a function call, use {hasRole}:
function foo() public {
require(hasRole(MY_ROLE, msg.sender));
...
}
Roles can be granted and revoked dynamically via the {grantRole} and
{revokeRole} functions. Each role has an associated admin role, and only
accounts that have a role's admin role can call {grantRole} and {revokeRole}.
By default, the admin role for all roles is DEFAULT_ADMIN_ROLE
, which means
that only accounts with this role will be able to grant or revoke other
roles. More complex role relationships can be created by using
{_setRoleAdmin}.
WARNING: The DEFAULT_ADMIN_ROLE
is also its own admin: it has permission to
grant and revoke this role. Extra precautions should be taken to secure
accounts that have been granted it.
struct RoleData {
mapping(address => bool) members,
bytes32 adminRole
}
Constants & Variables
//private members
mapping(bytes32 => struct AccessControl.RoleData) private _roles;
//public members
bytes32 public constant DEFAULT_ADMIN_ROLE;
Modifier that checks that an account has a specific role. Reverts with a standardized message including the required role. The format of the revert reason is given by the following regular expression: /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/ Available since v4.1.
modifier onlyRole(bytes32 role) internal
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 |
- supportsInterface(bytes4 interfaceId)
- hasRole(bytes32 role, address account)
- _checkRole(bytes32 role, address account)
- getRoleAdmin(bytes32 role)
- grantRole(bytes32 role, address account)
- revokeRole(bytes32 role, address account)
- renounceRole(bytes32 role, address account)
- _setupRole(bytes32 role, address account)
- _setRoleAdmin(bytes32 role, bytes32 adminRole)
- _grantRole(bytes32 role, address account)
- _revokeRole(bytes32 role, address account)
See {IERC165-supportsInterface}.
function supportsInterface(bytes4 interfaceId) public view
returns(bool)
Arguments
Name | Type | Description |
---|---|---|
interfaceId | bytes4 |
Source Code
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
Returns true
if account
has been granted role
.
function hasRole(bytes32 role, address account) public view
returns(bool)
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function hasRole(bytes32 role, address account) public view override returns (bool) {
return _roles[role].members[account];
}
Revert with a standard message if account
is missing role
.
The format of the revert reason is given by the following regular expression:
/^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
function _checkRole(bytes32 role, address account) internal view
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function _checkRole(bytes32 role, address account) internal view {
if (!hasRole(role, account)) {
revert(
string(
abi.encodePacked(
"AccessControl: account ",
Strings.toHexString(uint160(account), 20),
" is missing role ",
Strings.toHexString(uint256(role), 32)
)
)
);
}
}
Returns the admin role that controls role
. See {grantRole} and
{revokeRole}.
To change a role's admin, use {_setRoleAdmin}.
function getRoleAdmin(bytes32 role) public view
returns(bytes32)
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 |
Source Code
function getRoleAdmin(bytes32 role) public view override returns (bytes32) {
return _roles[role].adminRole;
}
Grants role
to account
.
If account
had not been already granted role
, emits a {RoleGranted}
event.
Requirements:
- the caller must have
role
's admin role.
function grantRole(bytes32 role, address account) public nonpayable onlyRole
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function grantRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
Revokes role
from account
.
If account
had been granted role
, emits a {RoleRevoked} event.
Requirements:
- the caller must have
role
's admin role.
function revokeRole(bytes32 role, address account) public nonpayable onlyRole
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function revokeRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
Revokes role
from the calling account.
Roles are often managed via {grantRole} and {revokeRole}: this function's
purpose is to provide a mechanism for accounts to lose their privileges
if they are compromised (such as when a trusted device is misplaced).
If the calling account had been revoked role
, emits a {RoleRevoked}
event.
Requirements:
- the caller must be
account
.
function renounceRole(bytes32 role, address account) public nonpayable
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function renounceRole(bytes32 role, address account) public virtual override {
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
Grants role
to account
.
If account
had not been already granted role
, emits a {RoleGranted}
event. Note that unlike {grantRole}, this function doesn't perform any
checks on the calling account.
[WARNING]
This function should only be called from the constructor when setting up the initial roles for the system. Using this function in any other way is effectively circumventing the admin system imposed by {AccessControl}.
NOTE: This function is deprecated in favor of {_grantRole}.
function _setupRole(bytes32 role, address account) internal nonpayable
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function _setupRole(bytes32 role, address account) internal virtual {
_grantRole(role, account);
}
Sets adminRole
as role
's admin role.
Emits a {RoleAdminChanged} event.
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal nonpayable
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
adminRole | bytes32 |
Source Code
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
Grants role
to account
.
Internal function without access restriction.
function _grantRole(bytes32 role, address account) internal nonpayable
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function _grantRole(bytes32 role, address account) internal virtual {
if (!hasRole(role, account)) {
_roles[role].members[account] = true;
emit RoleGranted(role, account, _msgSender());
}
}
Revokes role
from account
.
Internal function without access restriction.
function _revokeRole(bytes32 role, address account) internal nonpayable
Arguments
Name | Type | Description |
---|---|---|
role | bytes32 | |
account | address |
Source Code
function _revokeRole(bytes32 role, address account) internal virtual {
if (hasRole(role, account)) {
_roles[role].members[account] = false;
emit RoleRevoked(role, account, _msgSender());
}
}
- AaveStrategy
- AccessControl
- AccessControlLibV1
- Address
- BaseLibV1
- BokkyPooBahsDateTimeLibrary
- BondPool
- BondPoolBase
- BondPoolLibV1
- CompoundStrategy
- Context
- Cover
- CoverBase
- CoverLibV1
- CoverReassurance
- CoverStake
- CoverUtilV1
- cxToken
- cxTokenFactory
- cxTokenFactoryLibV1
- Delayable
- Destroyable
- ERC165
- ERC20
- FakeAaveLendingPool
- FakeCompoundDaiDelegator
- FakePriceOracle
- FakeRecoverable
- FakeStore
- FakeToken
- FakeUniswapPair
- FakeUniswapV2FactoryLike
- FakeUniswapV2PairLike
- FakeUniswapV2RouterLike
- FaultyAaveLendingPool
- FaultyCompoundDaiDelegator
- Finalization
- ForceEther
- Governance
- GovernanceUtilV1
- IAaveV2LendingPoolLike
- IAccessControl
- IBondPool
- IClaimsProcessor
- ICompoundERC20DelegatorLike
- ICover
- ICoverReassurance
- ICoverStake
- ICxToken
- ICxTokenFactory
- IERC165
- IERC20
- IERC20Detailed
- IERC20Metadata
- IERC3156FlashBorrower
- IERC3156FlashLender
- IFinalization
- IGovernance
- ILendingStrategy
- ILiquidityEngine
- IMember
- INeptuneRouterV1
- InvalidStrategy
- IPausable
- IPolicy
- IPolicyAdmin
- IPriceOracle
- IProtocol
- IRecoverable
- IReporter
- IResolution
- IResolvable
- IStakingPools
- IStore
- IStoreLike
- IUniswapV2FactoryLike
- IUniswapV2PairLike
- IUniswapV2RouterLike
- IUnstakable
- IVault
- IVaultDelegate
- IVaultFactory
- IWitness
- LiquidityEngine
- MaliciousToken
- MockAccessControlUser
- MockCoverUtilUser
- MockCxToken
- MockCxTokenPolicy
- MockCxTokenStore
- MockFlashBorrower
- MockLiquidityEngineUser
- MockProcessorStore
- MockProcessorStoreLib
- MockProtocol
- MockRegistryClient
- MockStore
- MockStoreKeyUtilUser
- MockValidationLibUser
- MockVault
- MockVaultLibUser
- NeptuneRouterV1
- NPM
- NpmDistributor
- NTransferUtilV2
- NTransferUtilV2Intermediate
- Ownable
- Pausable
- Policy
- PolicyAdmin
- PolicyHelperV1
- PoorMansERC20
- POT
- PriceLibV1
- Processor
- ProtoBase
- Protocol
- ProtoUtilV1
- Recoverable
- ReentrancyGuard
- RegistryLibV1
- Reporter
- Resolution
- Resolvable
- RoutineInvokerLibV1
- SafeERC20
- StakingPoolBase
- StakingPoolCoreLibV1
- StakingPoolInfo
- StakingPoolLibV1
- StakingPoolReward
- StakingPools
- Store
- StoreBase
- StoreKeyUtil
- StrategyLibV1
- Strings
- TimelockController
- Unstakable
- ValidationLibV1
- Vault
- VaultBase
- VaultDelegate
- VaultDelegateBase
- VaultDelegateWithFlashLoan
- VaultFactory
- VaultFactoryLibV1
- VaultLibV1
- VaultLiquidity
- VaultStrategy
- WithFlashLoan
- WithPausability
- WithRecovery
- Witness