Search Apps Documentation Source Content File Folder Download Copy Actions Download

assert.gno

4.21 Kb ยท 144 lines
Download 
  1package access
  2
  3import (
  4	"chain"
  5	"chain/runtime"
  6
  7	prbac "gno.land/p/gnoswap/rbac"
  8	"gno.land/p/nt/ufmt"
  9)
 10
 11// rbacPackagePath is the package path of the RBAC contract
 12// Used to verify that role management functions are called only by RBAC
 13const rbacPackagePath = "gno.land/r/gnoswap/rbac"
 14
 15// AssertIsAdminOrGovernance panics if the caller is not admin or governance.
 16// Used for functions that require elevated privileges.
 17func AssertIsAdminOrGovernance(caller address) {
 18	if IsAuthorized(prbac.ROLE_ADMIN.String(), caller) || IsAuthorized(prbac.ROLE_GOVERNANCE.String(), caller) {
 19		return
 20	}
 21
 22	panic(ufmt.Errorf(errUnauthorizedAdminOrGov, caller))
 23}
 24
 25// AssertIsAdmin panics if the caller is not admin.
 26// Used for admin-only functions.
 27func AssertIsAdmin(caller address) {
 28	AssertIsAuthorized(prbac.ROLE_ADMIN.String(), caller)
 29}
 30
 31// AssertIsGovernance panics if the caller is not governance.
 32// Used for governance-only functions.
 33func AssertIsGovernance(caller address) {
 34	AssertIsAuthorized(prbac.ROLE_GOVERNANCE.String(), caller)
 35}
 36
 37// AssertIsGovStaker panics if the caller is not governance staker.
 38// Used for governance staking functions.
 39func AssertIsGovStaker(caller address) {
 40	AssertIsAuthorized(prbac.ROLE_GOV_STAKER.String(), caller)
 41}
 42
 43// AssertIsRouter panics if the caller is not router.
 44// Used for router-only functions.
 45func AssertIsRouter(caller address) {
 46	AssertIsAuthorized(prbac.ROLE_ROUTER.String(), caller)
 47}
 48
 49// AssertIsPool panics if the caller is not pool.
 50// Used for pool-only functions.
 51func AssertIsPool(caller address) {
 52	AssertIsAuthorized(prbac.ROLE_POOL.String(), caller)
 53}
 54
 55// AssertIsPosition panics if the caller is not position.
 56// Used for position-only functions.
 57func AssertIsPosition(caller address) {
 58	AssertIsAuthorized(prbac.ROLE_POSITION.String(), caller)
 59}
 60
 61// AssertIsStaker panics if the caller is not staker.
 62// Used for staker-only functions.
 63func AssertIsStaker(caller address) {
 64	AssertIsAuthorized(prbac.ROLE_STAKER.String(), caller)
 65}
 66
 67// AssertIsLaunchpad panics if the caller is not launchpad.
 68// Used for launchpad-only functions.
 69func AssertIsLaunchpad(caller address) {
 70	AssertIsAuthorized(prbac.ROLE_LAUNCHPAD.String(), caller)
 71}
 72
 73// AssertIsEmission panics if the caller is not emission.
 74// Used for emission-only functions.
 75func AssertIsEmission(caller address) {
 76	AssertIsAuthorized(prbac.ROLE_EMISSION.String(), caller)
 77}
 78
 79// AssertIsProtocolFee panics if the caller is not protocol fee.
 80// Used for protocol fee management functions.
 81func AssertIsProtocolFee(caller address) {
 82	AssertIsAuthorized(prbac.ROLE_PROTOCOL_FEE.String(), caller)
 83}
 84
 85// AssertIsGovXGNS panics if the caller is not xGNS governance.
 86// Used for xGNS governance functions.
 87func AssertIsGovXGNS(caller address) {
 88	AssertIsAuthorized(prbac.ROLE_XGNS.String(), caller)
 89}
 90
 91// AssertIsAuthorized panics if the caller does not have the specified role.
 92// Also panics if the role does not exist.
 93func AssertIsAuthorized(roleName string, caller address) {
 94	addr, ok := GetAddress(roleName)
 95	if !ok {
 96		panic(ufmt.Errorf(errRoleNotFound, roleName))
 97	}
 98
 99	if caller != addr {
100		panic(ufmt.Errorf(errUnauthorized, caller, roleName))
101	}
102}
103
104// AssertHasAnyRole panics if the caller does not have any of the specified roles.
105// Also panics if any of the roles do not exist.
106func AssertHasAnyRole(caller address, roleNames ...string) {
107	for _, roleName := range roleNames {
108		addr, ok := GetAddress(roleName)
109		if !ok {
110			panic(ufmt.Errorf(errRoleNotFound, roleName))
111		}
112
113		if caller == addr {
114			return
115		}
116	}
117
118	panic(ufmt.Errorf(errUnauthorizedAnyRole, caller, roleNames))
119}
120
121// AssertIsValidAddress panics if the provided address is invalid.
122func AssertIsValidAddress(addr address) {
123	if !addr.IsValid() {
124		panic(ufmt.Errorf(errInvalidAddressShort, addr))
125	}
126}
127
128// AssertIsUser panics if the caller is not a user realm.
129// Used to ensure calls come from user accounts, not other contracts.
130func AssertIsUser(r runtime.Realm) {
131	if !r.IsUser() {
132		panic(errCallerNotUser)
133	}
134}
135
136// assertIsRBAC panics if the caller is not the RBAC contract.
137// Used internally to protect role management functions.
138func assertIsRBAC(caller address) {
139	rbacAddress := chain.PackageAddress(rbacPackagePath)
140
141	if caller != rbacAddress {
142		panic(ufmt.Errorf(errUnauthorizedRBAC, caller))
143	}
144}