GitHub
Fraction ProtocolgenericFacetsaccessControlFacet

AccessControlFacet

This facet is a core component of any tmi-fractions platform, allowing for role-based access control mechanisms for both the platform and its individual campaigns.

_Roles are referred to by their bytes32 identifier.

IMPORTANT: The Admin of the tmi-fractions platform is not the owner of the FractionalisationDiamond.sol (i.e., diamond proxy) and does not possess the same privileges.

NOTE:

  • Only the Admin can grant and revoke all roles except for ADMIN_ROLE and OPEN_ROLE to/from users, and designate or dismiss users as role handlers (see addRoleHandler() & removeRoleHandler()).
  • Designated role handlers can only grant and revoke roles they are assigned to manage from/to users.
  • OPEN_ROLE is the default role; all accounts inherently have this role.
  • By default, the Admin is a handler of all roles except for ADMIN_ROLE and OPEN_ROLE.
  • This version supports only one Admin per tmi-fractions platform._

RestrictedAdminRole

error RestrictedAdminRole(address account)

Thrown when attempting to change forwarder.

InvalidZeroAddressForForwarder

error InvalidZeroAddressForForwarder()

Thrown when attempting to assign the zero address as the forwarder.

initAccessControlFacet

function initAccessControlFacet(address account) external

Initializes the AccessControlFacetStorage by setting the Admin of the tmi-fractions platform.

admin cannot be address(0). Emits a {AccessControlInitialized} event.

Parameters

NameTypeDescription
accountaddressThe address to be the designated Admin of the platform, responsible for managing permissions.

hasRole

function hasRole(bytes32 role, address account) external view returns (bool)

Checks whether a specific account holds a specified role within the tmi-fractions platform.

This function verifies role-based permissions within a platform-scoped context.

Parameters

NameTypeDescription
rolebytes32The role identifier to check.
accountaddressThe address to verify for the specified role.

Return Values

NameTypeDescription
[0]booltrue if account holds role; false otherwise.

hasRoleForId

function hasRoleForId(uint256 campaignId, bytes32 role, address account) external view returns (bool)

Checks whether a specific account holds a specified role within a given campaign.

This function verifies role-based permissions within a campaign-scoped context.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
rolebytes32The role identifier to check.
accountaddressThe address to verify for the specified role in the given campaign.

Return Values

NameTypeDescription
[0]booltrue if account holds role within campaignId; false otherwise.

getRolesOf

function getRolesOf(address account) external view returns (bytes32[])

Returns all the roles that a specified account holds within a platform-scoped context.

Parameters

NameTypeDescription
accountaddressThe address to query for platform-scoped roles.

Return Values

NameTypeDescription
[0]bytes32[]An array of all the platform-scoped roles that account holds.

getAccountsWithRole

function getAccountsWithRole(bytes32 role) external view returns (address[])

Returns all the accounts that hold the specified role within a platform-scoped context.

Parameters

NameTypeDescription
rolebytes32The role to check for.

Return Values

NameTypeDescription
[0]address[]An array of all the accounts that hold the specified role.

getRolesOfAccountForId

function getRolesOfAccountForId(uint256 campaignId, address account) external view returns (bytes32[])

Returns all the roles that a specified account holds within a campaign-scoped context.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
accountaddressThe address to query for the targeted campaign-scoped roles.

Return Values

NameTypeDescription
[0]bytes32[]An array of all the roles held by account within campaignId.

getAccountsWithRoleForId

function getAccountsWithRoleForId(uint256 campaignId, bytes32 role) external view returns (address[])

Returns all the accounts that hold a specified role within a given campaign.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
rolebytes32The role to check for.

Return Values

NameTypeDescription
[0]address[]An array of all the accounts that hold the specified role within campaignId.

getHandledRolesOf

function getHandledRolesOf(address account) external view returns (bytes32[])

Returns all the roles that a specified account is a role handler for.

A role handler manages its role both in a platform-scoped and campaign-scoped context.

Parameters

NameTypeDescription
accountaddressThe account to check.

Return Values

NameTypeDescription
[0]bytes32[]An array of all the roles that account is a role handler for.

grantRole

function grantRole(bytes32 role, address account) external

Grants role to account within a platform-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleGranted} event.

Parameters

NameTypeDescription
rolebytes32The identifier of the role to grant.
accountaddressThe address to which role is granted.

grantRoleForId

function grantRoleForId(uint256 campaignId, bytes32 role, address account) external

Grants role to account within a campaign-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleGrantedForId} event.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
rolebytes32The identifier of the role to grant.
accountaddressThe address to which role is granted.

grantRoleMultiple

function grantRoleMultiple(bytes32 role, address[] accounts) external

Grants role to multiple accounts within a platform-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleMultipleGranted} event.

Parameters

NameTypeDescription
rolebytes32The identifier of the role to grant.
accountsaddress[]An array of addresses to which role is granted.

grantRoleMultipleForId

function grantRoleMultipleForId(uint256 campaignId, bytes32 role, address[] accounts) external

Grants role to multiple accounts within a campaign-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleMultipleGrantedForId} event.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
rolebytes32The identifier of the role to grant.
accountsaddress[]An array of addresses to which role is granted.

revokeRole

function revokeRole(bytes32 role, address account) external

Revokes role from account within a platform-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleRevoked} event.

Parameters

NameTypeDescription
rolebytes32The identifier of the role to revoke.
accountaddressThe address from which role is revoked.

revokeRoleForId

function revokeRoleForId(uint256 campaignId, bytes32 role, address account) external

Revokes role from account within a campaign-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleRevokedForId} event.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
rolebytes32The identifier of the role to revoke.
accountaddressThe address from which role is revoked.

revokeRoleMultiple

function revokeRoleMultiple(bytes32 role, address[] accounts) external

Revokes role from multiple accounts within a platform-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleMultipleRevoked} event.

Parameters

NameTypeDescription
rolebytes32The identifier of the role to revoke.
accountsaddress[]An array of addresses from which role is revoked.

revokeRoleMultipleForId

function revokeRoleMultipleForId(uint256 campaignId, bytes32 role, address[] accounts) external

Revokes role from multiple accounts within a campaign-scoped context.

Only callable by the Admin or a handler of role. Emits a {RoleMultipleRevokedForId} event.

Parameters

NameTypeDescription
campaignIduint256The unique identifier of the targeted campaign.
rolebytes32The identifier of the role to revoke.
accountsaddress[]An array of addresses from which role is revoked.

addRoleHandler

function addRoleHandler(bytes32 role, address account) external

Delegates the handling of role to the specified account, allowing account to manage the granting and revocation of this role.

_Only callable by the Admin.

Designated role handlers can manage the associated roles both at the platform level (platform-scoped context) and within individual campaigns (campaign-scoped context).

Emits a {RoleHandlerAdded} event._

Parameters

NameTypeDescription
rolebytes32The identifier of the role to delegate handling for.
accountaddressThe address to be designated as a role handler for role.

removeRoleHandler

function removeRoleHandler(bytes32 role, address account) external

Revokes role handling privileges from the specified account, preventing account from managing the granting and revocation of this role.

Only callable by the Admin. Emits a {RoleHandlerRemoved} event.

Parameters

NameTypeDescription
rolebytes32The identifier of the role to revoke handling for.
accountaddressThe address to be removed as a role handler for role.

changeAdmin

function changeAdmin(address account) external

Replaces the current Admin with a new Admin.

Only callable by the (current) Admin. In this version, only one Admin is supported per platform. Emits an {AdminChanged} event.

Parameters

NameTypeDescription
accountaddressThe address of the new Admin.

updateTrustedForwarder

function updateTrustedForwarder(address newForwarder) external

Updates the trusted forwarder.

Only callable by the Admin. Emits an {TrustedForwarderUpdated} event.

Parameters

NameTypeDescription
newForwarderaddressThe address of the new forwarder.

Previous

WrapFungibleAssetsFacetStorage

Next

AccessControlFacetStorage

On this page