Documentation Index
Fetch the complete documentation index at: https://thrackle.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Git Source
Inherits:
AccessControlEnumerable, ReentrancyGuard
Author:
@mpetersoCode55, @ShaneDuncan602, @TJ-Everett, @VoR0220
SPDX-License-Identifier: BUSL-1.1
This contract is a critical component of the Rules Engine, enabling secure and flexible role management.
This contract serves as the primary Admin Roles facet for the Rules Engine. It is responsible for managing, mutating,
and granting all admin roles, including policy and calling contract admin roles. It enforces role-based access control
and ensures proper role assignment and revocation. The contract also provides mechanisms for proposing and confirming
new admin roles.
Functions
isPolicyAdmin
Checks if an address is the policy admin for a specific policy ID.
function isPolicyAdmin(uint256 policyId, address account) public view returns (bool);
| Name | Type | Description |
|---|
policyId | uint256 | The ID of the policy. |
account | address | The address to check for the policy admin role. |
| Name | Type | Description |
|---|
<none> | bool | bool True if the address has the policy admin role, false otherwise. |
generatePolicyAdminRole
Generates and assigns a policy admin role to an address.
This function is called internally by the Rules Engine to assign the policy admin role.
function generatePolicyAdminRole(uint256 policyId, address account) public nonReentrant returns (bytes32);
| Name | Type | Description |
|---|
policyId | uint256 | The ID of the policy. |
account | address | The address to assign the policy admin role. |
| Name | Type | Description |
|---|
<none> | bytes32 | bytes32 The generated admin role identifier. |
proposeNewPolicyAdmin
Proposes a new policy admin for a specific policy.
function proposeNewPolicyAdmin(address newPolicyAdmin, uint256 policyId) public;
| Name | Type | Description |
|---|
newPolicyAdmin | address | The address of the proposed new policy admin. |
policyId | uint256 | The ID of the policy. |
confirmNewPolicyAdmin
Confirms the proposed policy admin for a specific policy.
function confirmNewPolicyAdmin(uint256 policyId) public;
| Name | Type | Description |
|---|
policyId | uint256 | The ID of the policy. |
renounceRole
This function is used to renounce Role. It is also preventing policyAdmins from renouncing ther role.
They must set another policyAdmin through the function proposeNewPolicyAdmin().
function renounceRole(bytes32 role, address account, uint256 policyId) public nonReentrant;
| Name | Type | Description |
|---|
role | bytes32 | the role to renounce. |
account | address | address renouncing to the role. |
policyId | uint256 | |
revokeRole
enforcing the min-1-admin requirement.
This function overrides the parent’s revokeRole function. Its purpose is to prevent Policy Admins from being revoked through
this “backdoor” which would effectively leave the policy in a Policy Admin-orphan state.
function revokeRole(bytes32 role, address account, uint256 policyId) public nonReentrant;
| Name | Type | Description |
|---|
role | bytes32 | the role to revoke. |
account | address | address of revoked role. |
policyId | uint256 | |
_grantRolePolicyAdmin
enforcing the min-1-admin requirement for policy admins.
Grants a policy admin role to an address.
Internal function to assign the policy admin role.
function _grantRolePolicyAdmin(bytes32 _role, address _account) internal;
| Name | Type | Description |
|---|
_role | bytes32 | The admin role identifier. |
_account | address | The address to be granted the role. |
_generatePolicyAdminRoleId
Generates a unique identifier for a policy admin role.
function _generatePolicyAdminRoleId(uint256 _policyId, bytes32 _adminRole) internal pure returns (bytes32);
| Name | Type | Description |
|---|
_policyId | uint256 | The ID of the policy. |
_adminRole | bytes32 | The role constant identifier. |
| Name | Type | Description |
|---|
<none> | bytes32 | bytes32 The generated admin role identifier. |
isCallingContractAdmin
Checks if an address is the calling contract admin for a specific contract.
function isCallingContractAdmin(address _callingContract, address _account) public view returns (bool);
| Name | Type | Description |
|---|
_callingContract | address | The address of the calling contract. |
_account | address | The address to check for the calling contract admin role. |
| Name | Type | Description |
|---|
<none> | bool | bool True if the address has the calling contract admin role, false otherwise. |
grantCallingContractRole
Grants the calling contract admin role to an address.
Call this function from your contract to set the calling contract admin.
function grantCallingContractRole(address _callingContract, address _account) public nonReentrant returns (bytes32);
| Name | Type | Description |
|---|
_callingContract | address | The address of the calling contract. |
_account | address | The address to assign the calling contract admin role. |
| Name | Type | Description |
|---|
<none> | bytes32 | bytes32 The generated admin role identifier. |
grantCallingContractRoleAccessControl
Function to grant calling contract admin role
Call this function when you are the calling contract admin of your contract
function grantCallingContractRoleAccessControl(address _callingContract, address _account)
public
nonReentrant
returns (bytes32);
| Name | Type | Description |
|---|
_callingContract | address | policy Id |
_account | address | address to assign admin role Id |
| Name | Type | Description |
|---|
<none> | bytes32 | bytes32 adminRoleId |
grantCallingContractRoleOwnable
Grants the calling contract admin role to an address.
Call this function from your contract to set the calling contract admin.
function grantCallingContractRoleOwnable(address _callingContract, address _account)
public
nonReentrant
returns (bytes32);
| Name | Type | Description |
|---|
_callingContract | address | The address of the calling contract. |
_account | address | The address to assign the calling contract admin role. |
| Name | Type | Description |
|---|
<none> | bytes32 | bytes32 The generated admin role identifier. |
proposeNewCallingContractAdmin
There can only ever be one Calling Contract Admin per calling contract
This function grants the proposed admin role to the newPolicyAdmin address
Calling Contract Admin does not have a revoke or renounce function. Only Use Propose and Confirm to transfer Role.
function proposeNewCallingContractAdmin(address callingContractAddress, address newCallingContractAdmin) public;
| Name | Type | Description |
|---|
callingContractAddress | address | address of the calling contract. |
newCallingContractAdmin | address | address of new admin. |
confirmNewCallingContractAdmin
This function confirms the proposed admin role
function confirmNewCallingContractAdmin(address callingContractAddress) public;
| Name | Type | Description |
|---|
callingContractAddress | address | address of the calling contract. |
_generateCallingContractAdminRoleId
Generates a unique identifier for a calling contract admin role.
function _generateCallingContractAdminRoleId(address _callingContract, bytes32 _adminRole)
internal
pure
returns (bytes32);
| Name | Type | Description |
|---|
_callingContract | address | The address of the calling contract. |
_adminRole | bytes32 | The role constant identifier. |
| Name | Type | Description |
|---|
<none> | bytes32 | bytes32 The generated admin role identifier. |
renounceRole
Overrides the parent’s renounceRole function to disable its public nature.
This function is intentionally disabled to enforce role renouncing through specific channels.
function renounceRole(bytes32 role, address account) public virtual override(AccessControl, IAccessControl);
| Name | Type | Description |
|---|
role | bytes32 | The role to renounce. |
account | address | The address renouncing the role. |
revokeRole
Overrides the parent’s revokeRole function to disable its public nature.
This function is intentionally disabled to enforce role revocation through specific channels.
function revokeRole(bytes32 role, address account) public virtual override(AccessControl, IAccessControl);
| Name | Type | Description |
|---|
role | bytes32 | The role to revoke. |
account | address | The address of the revoked role. |
grantRole
Overrides the parent’s grantRole function to disable its public nature.
This function is intentionally disabled to enforce role granting through specific channels.
function grantRole(bytes32 role, address account) public pure override(AccessControl, IAccessControl);
| Name | Type | Description |
|---|
role | bytes32 | The role to grant. |
account | address | The address to grant the role to. |
