Skip to content

Commit 7ecec92

Browse files
remollemoremollemo
committed
feat(roles): add upgrade_agent
1 parent 953a839 commit 7ecec92

File tree

3 files changed

+66
-2
lines changed

3 files changed

+66
-2
lines changed

packages/utils/src/components/roles/errors.cairo

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ pub enum AccessErrors {
1212
ONLY_OPERATOR,
1313
ONLY_TOKEN_ADMIN,
1414
ONLY_UPGRADE_GOVERNOR,
15+
ONLY_UPGRADER,
1516
ONLY_SECURITY_ADMIN,
1617
ONLY_SECURITY_AGENT,
1718
ONLY_MINTER,
@@ -33,6 +34,7 @@ impl DescribableError of Describable<AccessErrors> {
3334
AccessErrors::ONLY_OPERATOR => "ONLY_OPERATOR",
3435
AccessErrors::ONLY_TOKEN_ADMIN => "ONLY_TOKEN_ADMIN",
3536
AccessErrors::ONLY_UPGRADE_GOVERNOR => "ONLY_UPGRADE_GOVERNOR",
37+
AccessErrors::ONLY_UPGRADER => "ONLY_UPGRADER",
3638
AccessErrors::ONLY_SECURITY_ADMIN => "ONLY_SECURITY_ADMIN",
3739
AccessErrors::ONLY_SECURITY_AGENT => "ONLY_SECURITY_AGENT",
3840
AccessErrors::ONLY_MINTER => "MINTER_ONLY",

packages/utils/src/components/roles/interface.cairo

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ pub type RoleId = felt252;
55
// ----------------------------------------
66
// GOVERNANCE_ADMIN | GOVERNANCE_ADMIN
77
// UPGRADE_GOVERNOR | GOVERNANCE_ADMIN
8+
// UPGRADE_AGENT | APP_ROLE_ADMIN
89
// APP_ROLE_ADMIN | GOVERNANCE_ADMIN
910
// APP_GOVERNOR | APP_ROLE_ADMIN
1011
// OPERATOR | APP_ROLE_ADMIN
@@ -29,6 +30,9 @@ pub const OPERATOR: RoleId = 0x023edb77f7c8cc9e38e8afe78954f703aeeda7fffe014eeb6
2930
// int.from_bytes(Web3.keccak(text="ROLE_TOKEN_ADMIN"), "big") & MASK_250 .
3031
pub const TOKEN_ADMIN: RoleId = 0x0128d63adbf6b09002c26caf55c47e2f26635807e3ef1b027218aa74c8d61a3e;
3132

33+
// int.from_bytes(Web3.keccak(text="ROLE_UPGRADE_AGENT"), "big") & MASK_250 .
34+
pub const UPGRADE_AGENT: RoleId = 0x1d8034a6db21585e9d97ca912eb8113361e6858f64c45c9b321a4d01e949484;
35+
3236
// int.from_bytes(Web3.keccak(text="ROLE_UPGRADE_GOVERNOR"), "big") & MASK_250 .
3337
pub const UPGRADE_GOVERNOR: RoleId =
3438
0x251e864ca2a080f55bce5da2452e8cfcafdbc951a3e7fff5023d558452ec228;
@@ -48,6 +52,7 @@ pub trait IRoles<TContractState> {
4852
fn is_governance_admin(self: @TContractState, account: ContractAddress) -> bool;
4953
fn is_operator(self: @TContractState, account: ContractAddress) -> bool;
5054
fn is_token_admin(self: @TContractState, account: ContractAddress) -> bool;
55+
fn is_upgrade_agent(self: @TContractState, account: ContractAddress) -> bool;
5156
fn is_upgrade_governor(self: @TContractState, account: ContractAddress) -> bool;
5257
fn is_security_admin(self: @TContractState, account: ContractAddress) -> bool;
5358
fn is_security_agent(self: @TContractState, account: ContractAddress) -> bool;
@@ -61,6 +66,8 @@ pub trait IRoles<TContractState> {
6166
fn remove_operator(ref self: TContractState, account: ContractAddress);
6267
fn register_token_admin(ref self: TContractState, account: ContractAddress);
6368
fn remove_token_admin(ref self: TContractState, account: ContractAddress);
69+
fn register_upgrade_agent(ref self: TContractState, account: ContractAddress);
70+
fn remove_upgrade_agent(ref self: TContractState, account: ContractAddress);
6471
fn register_upgrade_governor(ref self: TContractState, account: ContractAddress);
6572
fn remove_upgrade_governor(ref self: TContractState, account: ContractAddress);
6673
fn renounce(ref self: TContractState, role: RoleId);
@@ -76,10 +83,13 @@ pub trait IRoles<TContractState> {
7683
pub trait IMinimalRoles<TContractState> {
7784
fn is_governance_admin(self: @TContractState, account: ContractAddress) -> bool;
7885
fn is_upgrade_governor(self: @TContractState, account: ContractAddress) -> bool;
86+
fn is_upgrade_agent(self: @TContractState, account: ContractAddress) -> bool;
7987
fn register_governance_admin(ref self: TContractState, account: ContractAddress);
8088
fn remove_governance_admin(ref self: TContractState, account: ContractAddress);
8189
fn register_upgrade_governor(ref self: TContractState, account: ContractAddress);
8290
fn remove_upgrade_governor(ref self: TContractState, account: ContractAddress);
91+
fn register_upgrade_agent(ref self: TContractState, account: ContractAddress);
92+
fn remove_upgrade_agent(ref self: TContractState, account: ContractAddress);
8393
fn renounce(ref self: TContractState, role: RoleId);
8494
}
8595

@@ -177,3 +187,15 @@ pub(crate) struct UpgradeGovernorRemoved {
177187
pub removed_account: ContractAddress,
178188
pub removed_by: ContractAddress,
179189
}
190+
191+
#[derive(Copy, Drop, PartialEq, starknet::Event)]
192+
pub(crate) struct UpgradeAgentAdded {
193+
pub added_account: ContractAddress,
194+
pub added_by: ContractAddress,
195+
}
196+
197+
#[derive(Copy, Drop, PartialEq, starknet::Event)]
198+
pub(crate) struct UpgradeAgentRemoved {
199+
pub removed_account: ContractAddress,
200+
pub removed_by: ContractAddress,
201+
}

packages/utils/src/components/roles/roles.cairo

Lines changed: 42 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,8 @@ pub(crate) mod RolesComponent {
55
AppRoleAdminRemoved, GOVERNANCE_ADMIN, GovernanceAdminAdded, GovernanceAdminRemoved, IRoles,
66
OPERATOR, OperatorAdded, OperatorRemoved, RoleId, SECURITY_ADMIN, SECURITY_AGENT,
77
SecurityAdminAdded, SecurityAdminRemoved, SecurityAgentAdded, SecurityAgentRemoved,
8-
TOKEN_ADMIN, TokenAdminAdded, TokenAdminRemoved, UPGRADE_GOVERNOR, UpgradeGovernorAdded,
9-
UpgradeGovernorRemoved,
8+
TOKEN_ADMIN, TokenAdminAdded, TokenAdminRemoved,UPGRADE_AGENT, UPGRADE_GOVERNOR, UpgradeAgentAdded, UpgradeGovernorAdded,
9+
UpgradeGovernorRemoved, UpgradeAgentRemoved,
1010
};
1111
use core::num::traits::Zero;
1212
use starknet::storage::StorageMapReadAccess;
@@ -40,6 +40,8 @@ pub(crate) mod RolesComponent {
4040
TokenAdminRemoved: TokenAdminRemoved,
4141
UpgradeGovernorAdded: UpgradeGovernorAdded,
4242
UpgradeGovernorRemoved: UpgradeGovernorRemoved,
43+
UpgradeAgentAdded: UpgradeAgentAdded,
44+
UpgradeAgentRemoved: UpgradeAgentRemoved,
4345
}
4446
use openzeppelin::access::accesscontrol::AccessControlComponent;
4547
use openzeppelin::access::accesscontrol::AccessControlComponent::{
@@ -100,6 +102,13 @@ pub(crate) mod RolesComponent {
100102
access_comp.has_role(role: TOKEN_ADMIN, :account)
101103
}
102104

105+
fn is_upgrade_agent(
106+
self: @ComponentState<TContractState>, account: ContractAddress,
107+
) -> bool {
108+
let access_comp = get_dep_component!(self, Access);
109+
access_comp.has_role(role: UPGRADE_AGENT, :account)
110+
}
111+
103112
fn is_upgrade_governor(
104113
self: @ComponentState<TContractState>, account: ContractAddress,
105114
) -> bool {
@@ -230,6 +239,24 @@ pub(crate) mod RolesComponent {
230239
self._revoke_role_and_emit(role: TOKEN_ADMIN, :account, :event);
231240
}
232241

242+
fn register_upgrade_agent(
243+
ref self: ComponentState<TContractState>, account: ContractAddress,
244+
) {
245+
let event = Event::UpgradeAgentAdded(
246+
UpgradeAgentAdded { added_account: account, added_by: get_caller_address() },
247+
);
248+
self._grant_role_and_emit(role: UPGRADE_AGENT, :account, :event);
249+
}
250+
251+
fn remove_upgrade_agent(
252+
ref self: ComponentState<TContractState>, account: ContractAddress,
253+
) {
254+
let event = Event::UpgradeAgentRemoved(
255+
UpgradeAgentRemoved { removed_account: account, removed_by: get_caller_address() },
256+
);
257+
self._revoke_role_and_emit(role: UPGRADE_AGENT, :account, :event);
258+
}
259+
233260
fn register_upgrade_governor(
234261
ref self: ComponentState<TContractState>, account: ContractAddress,
235262
) {
@@ -349,6 +376,7 @@ pub(crate) mod RolesComponent {
349376
access_comp.set_role_admin(role: GOVERNANCE_ADMIN, admin_role: GOVERNANCE_ADMIN);
350377
access_comp.set_role_admin(role: OPERATOR, admin_role: APP_ROLE_ADMIN);
351378
access_comp.set_role_admin(role: TOKEN_ADMIN, admin_role: APP_ROLE_ADMIN);
379+
access_comp.set_role_admin(role: UPGRADE_AGENT, admin_role: APP_ROLE_ADMIN);
352380
access_comp.set_role_admin(role: UPGRADE_GOVERNOR, admin_role: GOVERNANCE_ADMIN);
353381

354382
access_comp._grant_role(role: SECURITY_ADMIN, account: governance_admin);
@@ -361,14 +389,17 @@ pub(crate) mod RolesComponent {
361389
self.is_app_governor(get_caller_address()), "{}", AccessErrors::ONLY_APP_GOVERNOR,
362390
);
363391
}
392+
364393
fn only_operator(self: @ComponentState<TContractState>) {
365394
assert!(self.is_operator(get_caller_address()), "{}", AccessErrors::ONLY_OPERATOR);
366395
}
396+
367397
fn only_token_admin(self: @ComponentState<TContractState>) {
368398
assert!(
369399
self.is_token_admin(get_caller_address()), "{}", AccessErrors::ONLY_TOKEN_ADMIN,
370400
);
371401
}
402+
372403
fn only_upgrade_governor(self: @ComponentState<TContractState>) {
373404
assert!(
374405
self.is_upgrade_governor(get_caller_address()),
@@ -377,6 +408,15 @@ pub(crate) mod RolesComponent {
377408
);
378409
}
379410

411+
fn only_upgrader(self: @ComponentState<TContractState>) {
412+
assert!(
413+
self.is_upgrade_agent(get_caller_address())
414+
|| self.is_upgrade_governor(get_caller_address()),
415+
"{}",
416+
AccessErrors::ONLY_UPGRADER,
417+
);
418+
}
419+
380420
fn only_security_admin(self: @ComponentState<TContractState>) {
381421
assert!(
382422
self.is_security_admin(get_caller_address()),

0 commit comments

Comments
 (0)