Access Control Admin Facet
Manages roles and their administrative roles
- Manages role-to-admin-role mappings in diamond storage.
- Exposes functions for role administration and selector export.
- Reverts with
AccessControlUnauthorizedAccountif caller lacks permissions. - Compatible with ERC-2535 diamond standard.
Overview
This facet provides administrative functions for managing roles within a diamond's access control system. It allows setting administrative roles for specific roles and exporting the facet's selectors. Calls are routed through the diamond proxy, accessing shared storage for role configurations.
Storage
AccessControlStorage
State Variables
| Property | Type | Description |
|---|---|---|
STORAGE_POSITION | bytes32 | Diamond storage slot position for this module (Value: keccak256("compose.accesscontrol")) |
Functions
setRoleAdmin
Sets the admin role for a role. Emits a RoleAdminChanged event. Reverts with AccessControlUnauthorizedAccount If the caller is not the current admin of the role.
Parameters:
| Property | Type | Description |
|---|---|---|
_role | bytes32 | The role to set the admin for. |
_adminRole | bytes32 | The new admin role to set. |
exportSelectors
Exports the selectors that are exposed by the facet.
Returns:
| Property | Type | Description |
|---|---|---|
- | bytes | Selectors that are exported by the facet. |
Events
Errors
Best Practices
- Initialize role admin configurations during diamond deployment.
- Ensure the caller has the necessary permissions to set role administrators.
- Verify storage compatibility before upgrading facets to prevent state corruption.
Security Considerations
All state-changing functions, such as setRoleAdmin, are protected by access control checks, reverting with AccessControlUnauthorizedAccount if the caller is not the current admin of the role. Input validation is performed by the underlying access control logic. Follow standard Solidity security practices for external calls and state management.
