AccessManager: multiple roles for the same function

extranaught · April 27, 2024, 6:09pm

Hi guys!

I was just wondering if AccessManager can allow multiple roles to grant access to a restricted function in an AccessManaged contract.

Scanning through the source it appears that a function can be restricted to a role, but not multiple roles.

I have this kind of setup:

contract: Corp (is AccessManager)
contract: HumanResources (is AccessManaged)

In HumanResources i have a hire(address account, uint256 index, uint32 delay) function which grants an address a specific role by internally resolving index to a Position struct which holds the roleId and eventually calls corp.grantRole(role, account, delay).

Now, the hire() function itself is restricted and shall only be callable by EXECUTIVE and DIRECTOR roles.

Im using Foundry with the latest OZ contracts.

Thanks for any suggestion!

extranaught · May 3, 2024, 7:29pm

i believe i fixed it my self.

i turned my roles into "actions". I created a ACTION_HIRE role and the Position struct element uint64 role became a uint64[] actions element. Now a Position can have multiple action roles.

Now I can create an EXECUTIVE Position who can call hire and terminate and a DIRECTOR Position who can also call hire but can't call terminate for instance.

Topic		Replies	Views
AccessManager pausing for PUBLIC_ROLE only Contracts	3	117	February 16, 2024
AccessManager won't let me call my function: AccessManagedUnauthorized Contracts	0	36	May 3, 2024
Multiple Role Admins? Smart Contracts	3	304	May 3, 2023
[Proposal] AccessControl grant and revoke function more useful Contracts	3	566	July 28, 2022
grantRole(A_ROLE, SOMEONE) is returning missing role 0x00...000 for a function that does not use AccessControl Contracts openzeppelin-contracts	3	765	June 16, 2022

AccessManager: multiple roles for the same function

Related Topics