Search Apps Documentation Source Content File Folder Download Copy Actions Download

assert.gno

4.20 Kb · 143 lines
  1package access
  2
  3import (
  4	"chain"
  5
  6	prbac "gno.land/p/gnoswap/rbac"
  7	ufmt "gno.land/p/nt/ufmt/v0"
  8)
  9
 10// rbacPackagePath is the package path of the RBAC contract
 11// Used to verify that role management functions are called only by RBAC
 12const rbacPackagePath = "gno.land/r/gnoswap/rbac"
 13
 14// AssertIsAdminOrGovernance panics if the caller is not admin or governance.
 15// Used for functions that require elevated privileges.
 16func AssertIsAdminOrGovernance(caller address) {
 17	if IsAuthorized(prbac.ROLE_ADMIN.String(), caller) || IsAuthorized(prbac.ROLE_GOVERNANCE.String(), caller) {
 18		return
 19	}
 20
 21	panic(ufmt.Errorf(errUnauthorizedAdminOrGov, caller))
 22}
 23
 24// AssertIsAdmin panics if the caller is not admin.
 25// Used for admin-only functions.
 26func AssertIsAdmin(caller address) {
 27	AssertIsAuthorized(prbac.ROLE_ADMIN.String(), caller)
 28}
 29
 30// AssertIsGovernance panics if the caller is not governance.
 31// Used for governance-only functions.
 32func AssertIsGovernance(caller address) {
 33	AssertIsAuthorized(prbac.ROLE_GOVERNANCE.String(), caller)
 34}
 35
 36// AssertIsGovStaker panics if the caller is not governance staker.
 37// Used for governance staking functions.
 38func AssertIsGovStaker(caller address) {
 39	AssertIsAuthorized(prbac.ROLE_GOV_STAKER.String(), caller)
 40}
 41
 42// AssertIsRouter panics if the caller is not router.
 43// Used for router-only functions.
 44func AssertIsRouter(caller address) {
 45	AssertIsAuthorized(prbac.ROLE_ROUTER.String(), caller)
 46}
 47
 48// AssertIsPool panics if the caller is not pool.
 49// Used for pool-only functions.
 50func AssertIsPool(caller address) {
 51	AssertIsAuthorized(prbac.ROLE_POOL.String(), caller)
 52}
 53
 54// AssertIsPosition panics if the caller is not position.
 55// Used for position-only functions.
 56func AssertIsPosition(caller address) {
 57	AssertIsAuthorized(prbac.ROLE_POSITION.String(), caller)
 58}
 59
 60// AssertIsStaker panics if the caller is not staker.
 61// Used for staker-only functions.
 62func AssertIsStaker(caller address) {
 63	AssertIsAuthorized(prbac.ROLE_STAKER.String(), caller)
 64}
 65
 66// AssertIsLaunchpad panics if the caller is not launchpad.
 67// Used for launchpad-only functions.
 68func AssertIsLaunchpad(caller address) {
 69	AssertIsAuthorized(prbac.ROLE_LAUNCHPAD.String(), caller)
 70}
 71
 72// AssertIsEmission panics if the caller is not emission.
 73// Used for emission-only functions.
 74func AssertIsEmission(caller address) {
 75	AssertIsAuthorized(prbac.ROLE_EMISSION.String(), caller)
 76}
 77
 78// AssertIsProtocolFee panics if the caller is not protocol fee.
 79// Used for protocol fee management functions.
 80func AssertIsProtocolFee(caller address) {
 81	AssertIsAuthorized(prbac.ROLE_PROTOCOL_FEE.String(), caller)
 82}
 83
 84// AssertIsGovXGNS panics if the caller is not xGNS governance.
 85// Used for xGNS governance functions.
 86func AssertIsGovXGNS(caller address) {
 87	AssertIsAuthorized(prbac.ROLE_XGNS.String(), caller)
 88}
 89
 90// AssertIsAuthorized panics if the caller does not have the specified role.
 91// Also panics if the role does not exist.
 92func AssertIsAuthorized(roleName string, caller address) {
 93	addr, ok := GetAddress(roleName)
 94	if !ok {
 95		panic(ufmt.Errorf(errRoleNotFound, roleName))
 96	}
 97
 98	if caller != addr {
 99		panic(ufmt.Errorf(errUnauthorized, caller, roleName))
100	}
101}
102
103// AssertHasAnyRole panics if the caller does not have any of the specified roles.
104// Also panics if any of the roles do not exist.
105func AssertHasAnyRole(caller address, roleNames ...string) {
106	for _, roleName := range roleNames {
107		addr, ok := GetAddress(roleName)
108		if !ok {
109			panic(ufmt.Errorf(errRoleNotFound, roleName))
110		}
111
112		if caller == addr {
113			return
114		}
115	}
116
117	panic(ufmt.Errorf(errUnauthorizedAnyRole, caller, roleNames))
118}
119
120// AssertIsValidAddress panics if the provided address is invalid.
121func AssertIsValidAddress(addr address) {
122	if !addr.IsValid() {
123		panic(ufmt.Errorf(errInvalidAddressShort, addr))
124	}
125}
126
127// AssertIsUser panics if the caller is not a user realm.
128// Used to ensure calls come from user accounts, not other contracts.
129func AssertIsUser(_ int, rlm realm) {
130	if !rlm.IsUser() {
131		panic(errCallerNotUser)
132	}
133}
134
135// assertIsRBAC panics if the caller is not the RBAC contract.
136// Used internally to protect role management functions.
137func assertIsRBAC(caller address) {
138	rbacAddress := chain.PackageAddress(rbacPackagePath)
139
140	if caller != rbacAddress {
141		panic(ufmt.Errorf(errUnauthorizedRBAC, caller))
142	}
143}