Multiple Role Admins?

Hello!
I'm trying, by using OpenZeppelin's contracts, to develop a simple DAO (Decentralized Autonomous Organization) with a simple ranking system.
I want to implement two functions that allow users to respectively promote or demote others inside their respective organization if they have an higher rank.
Basically higher ranks shall be allowed to promote a lower rank user by removing its lowest rank and assigning it an higher one.
The actual structure of AccessControl is fine, it's actually smart to have adminRoles for each role.
Let's say I have 4 ranks: A, B, C, D.
I've set admin roles so that A is the admin role of B, B is the admin role of C and C is the admin role of D, basically by build this hierarchy: A > B > C > D.
How can I manage to make it possible for "A role" to promote or demote (by using grantRole or revokeRole) users that have "D role"?

Given that you might have more experience, I was hoping you could help me, because the only thing I've come up to is to actually modify AccessControl's code to actually have multiple adminRoles, but I'd like to actually not alter your source code but eventually adapt mine.

It's difficult to implement this kind of mechanism, but I think you could try something like overriding _checkRole so that when the contract checks for role D it also checks for roles C, B, and A. You just need to be careful not to introduce an unbounded loop.

1 Like

Hi! Thank you for replying to me!
In the end that's what I did!
Here's the code snippet of the function I came up with:

function isAdminOfRole(bytes32 isAdminRole, bytes32 ofRole) public view returns(bool){
        bytes32 ofRoleAdminRole = getRoleAdmin(ofRole);
        while(ofRoleAdminRole != DEFAULT_ADMIN_ROLE){
            if(ofRoleAdminRole == isAdminRole){
                return true;
            }
            ofRoleAdminRole = getRoleAdmin(ofRoleAdminRole);
        }
        return isAdminRole == DEFAULT_ADMIN_ROLE;
    }

That probably works, you just need to be mindful that it is technically vulnerable to falling into an infinite loop, but if the roles are statically defined and don't have a cycle other than the default admin role it looks like it should be fine.