Access Control Temporal Revoke Facet

Revokes temporal roles from accounts within a diamond

Key Features

Revokes temporal roles from accounts via external functions.
Utilizes diamond storage for state management.
Emits TemporalRoleRevoked event upon successful revocation.
Protects state-changing functions with access control checks.

Overview

This facet provides functionality to revoke temporal roles assigned to accounts within a Compose diamond. It exposes an external function that interacts with diamond storage to manage role revocations, ensuring that only authorized callers can perform these actions. This facet enables dynamic management of permissions in an upgradeable diamond architecture.

Storage

AccessControlStorage

Definition

struct AccessControlStorage {
  mapping(address account => mapping(bytes32 role => bool hasRole)) hasRole;
  mapping(bytes32 role => bytes32 adminRole) adminRole;
}

AccessControlTemporalStorage

Definition

struct AccessControlTemporalStorage {
  mapping(address account => mapping(bytes32 role => uint256 expiryTimestamp)) roleExpiry;
}

State Variables

Property	Type	Description
`ACCESS_CONTROL_STORAGE_POSITION`	`bytes32`	Diamond storage slot position for this module (Value: `keccak256("compose.accesscontrol")`)
`TEMPORAL_STORAGE_POSITION`	`bytes32`	Diamond storage slot position for this module (Value: `keccak256("compose.accesscontrol.temporal")`)

Functions

revokeTemporalRole

Revokes a temporal role from an account. Only the admin of the role can revoke it. Emits a TemporalRoleRevoked event. Reverts with AccessControlUnauthorizedAccount If the caller is not the admin of the role.

function revokeTemporalRole(bytes32 _role, address _account) external;

Parameters:

Property	Type	Description
`_role`	`bytes32`	The role to revoke.
`_account`	`address`	The account to revoke the role from.

exportSelectors

Exports the selectors that are exposed by the facet.

function exportSelectors() external pure returns (bytes memory);

Returns:

Property	Type	Description
`-`	`bytes`	Selectors that are exported by the facet.

Events

TemporalRoleRevoked

Event emitted when a temporal role is revoked.

Signature:

event TemporalRoleRevoked(bytes32 indexed _role, address indexed _account, address indexed _sender);

Parameters:

Property	Type	Description
`_role`	`bytes32`	The role that was revoked.
`_account`	`address`	The account from which the role was revoked.
`_sender`	`address`	The account that revoked the role.

Errors

AccessControlUnauthorizedAccount

Best Practices

Best Practice

Ensure the AccessControlTemporalRevokeFacet is correctly initialized within the diamond's deployment process.
Verify that only the designated admin for a temporal role can call revokeTemporalRole.
Use exportSelectors to understand the facet's ABI and integrate it with diamond facets management.

Security Considerations

Security

The revokeTemporalRole function is protected by access control, reverting with AccessControlUnauthorizedAccount if the caller is not the admin of the specified role. Input validation for _role and _account should be handled by the caller or within the diamond's overall access control strategy. No reentrancy guards are explicitly implemented; follow standard Solidity security practices for external interactions.

Was this helpful?

Last updated:March 13, 2026

Overview​

Storage​

AccessControlStorage​

AccessControlTemporalStorage​

State Variables​

Functions​

revokeTemporalRole​

exportSelectors​

Events​

Errors​

Best Practices​

Security Considerations​

Newsletter