//SPDX-License-Identifier: MIT import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol"; import "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; import "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol"; import "@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol"; import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; pragma solidity ^0.8.5; /************************************** CONTRACT **************************************/ contract Roles is Initializable, UUPSUpgradeable, AccessControlUpgradeable, PausableUpgradeable, OwnableUpgradeable { bytes32 public constant MANAGER_ROLE = keccak256("MANAGER_ROLE"); bytes32 public constant ASST_MANAGER_ROLE = keccak256("ASST_MANAGER_ROLE"); bytes32 public constant UPDATES_MANAGER_ROLE = keccak256("UPDATES_MANAGER_ROLE"); bytes32 public constant ADDRESS_MANAGER_ROLE = keccak256("ADDRESS_MANAGER_ROLE"); bytes32 public constant ROLES_MANAGER = keccak256("ROLES_MANAGER"); bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE"); bytes32 public constant PAUSER_ROLE = keccak256("PAUSER_ROLE"); function initialize() public initializer { _setupRole(DEFAULT_ADMIN_ROLE, msg.sender); _grantRole(MANAGER_ROLE, msg.sender); _grantRole(ASST_MANAGER_ROLE, msg.sender); _grantRole(UPDATES_MANAGER_ROLE, msg.sender); _grantRole(ADDRESS_MANAGER_ROLE, msg.sender); _grantRole(ROLES_MANAGER, msg.sender); _grantRole(MINTER_ROLE, msg.sender); _grantRole(PAUSER_ROLE, msg.sender); _setRoleAdmin(MANAGER_ROLE, DEFAULT_ADMIN_ROLE); _setRoleAdmin(ASST_MANAGER_ROLE, MANAGER_ROLE); _setRoleAdmin(UPDATES_MANAGER_ROLE, MANAGER_ROLE); _setRoleAdmin(ADDRESS_MANAGER_ROLE, MANAGER_ROLE); _setRoleAdmin(ROLES_MANAGER, DEFAULT_ADMIN_ROLE); _setRoleAdmin(MINTER_ROLE, ROLES_MANAGER); _setRoleAdmin(PAUSER_ROLE, ROLES_MANAGER); __AccessControl_init(); __Pausable_init(); __Ownable_init(); } function _authorizeUpgrade(address) internal virtual override onlyOwner {} /************************************** ROLES **************************************/ /******* ADMIN_ROLE *******/ function grantSuperAdminRole(address account) public whenNotPaused { require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "Access Denied: Caller is NOT SUPER ADMIN!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(DEFAULT_ADMIN_ROLE, account) == false, "Access Role Duplication: The account is already a SUPER ADMIN!"); grantRole(DEFAULT_ADMIN_ROLE, account); grantRole(MANAGER_ROLE, account); grantRole(ASST_MANAGER_ROLE, account); grantRole(UPDATES_MANAGER_ROLE, account); grantRole(ADDRESS_MANAGER_ROLE, account); grantRole(ROLES_MANAGER, account); grantRole(MINTER_ROLE, account); grantRole(PAUSER_ROLE, account); } function revokeSuperAdminRole(address account) public { require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "Access Denied: Caller is NOT SUPER ADMIN!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(DEFAULT_ADMIN_ROLE, account), "Revoke Role Failed: The account is NOT a SUPER ADMIN!"); revokeRole(DEFAULT_ADMIN_ROLE, account); revokeRole(MANAGER_ROLE, account); revokeRole(ASST_MANAGER_ROLE, account); revokeRole(UPDATES_MANAGER_ROLE, account); revokeRole(ADDRESS_MANAGER_ROLE, account); revokeRole(ROLES_MANAGER, account); revokeRole(MINTER_ROLE, account); revokeRole(PAUSER_ROLE, account); } function isSuperAdmin(address account) public virtual view returns(bool) { return hasRole(DEFAULT_ADMIN_ROLE, account); } /******* MANAGER_ROLE *******/ function grantManagerRole(address account) public whenNotPaused { require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "Access Denied: Caller is NOT SUPER ADMIN!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(MANAGER_ROLE, account) == false, "Access Role Duplication: The account is already a MANAGER!"); grantRole(MANAGER_ROLE, account); grantRole(ASST_MANAGER_ROLE, account); grantRole(UPDATES_MANAGER_ROLE, account); grantRole(ADDRESS_MANAGER_ROLE, account); } function revokeManagerRole(address account) public { require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "Access Denied: Caller is NOT SUPER ADMIN!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(MANAGER_ROLE, account), "Revoke Role Failed: The account is NOT a MANAGER!"); revokeRole(MANAGER_ROLE, account); revokeRole(ASST_MANAGER_ROLE, account); revokeRole(UPDATES_MANAGER_ROLE, account); revokeRole(ADDRESS_MANAGER_ROLE, account); } function isManager(address account) public virtual view returns(bool) { return hasRole(MANAGER_ROLE, account); } /******* ASST_MANAGER_ROLE *******/ function grantAsstManagerRole(address account) public whenNotPaused { require(hasRole(MANAGER_ROLE, msg.sender), "Access Denied: Caller is NOT MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(ASST_MANAGER_ROLE, account) == false, "Access Role Duplication: The account is already an Assistant Manager!"); grantRole(ASST_MANAGER_ROLE, account); } function revokeAsstManagerRole(address account) public { require(hasRole(MANAGER_ROLE, msg.sender), "Access Denied: Caller is NOT MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(ASST_MANAGER_ROLE, account), "Revoke Role Failed: The account is NOT an Assistant Manager!"); revokeRole(ASST_MANAGER_ROLE, account); } function isAsstManager(address account) public virtual view returns(bool) { return hasRole(ASST_MANAGER_ROLE, account); } /******* ADDRESS_MANAGER_ROLE *******/ function grantAddressManagerRole(address account) public whenNotPaused { require(hasRole(MANAGER_ROLE, msg.sender), "Access Denied: Caller is NOT MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(ADDRESS_MANAGER_ROLE, account) == false, "Access Role Duplication: The account is already an Address Manager!"); grantRole(ADDRESS_MANAGER_ROLE, account); } function revokeAddressManagerRole(address account) public { require(hasRole(MANAGER_ROLE, msg.sender), "Access Denied: Caller is NOT MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(ADDRESS_MANAGER_ROLE, account), "Revoke Role Failed: The account is NOT an Address Manager!"); revokeRole(ADDRESS_MANAGER_ROLE, account); } function isAddressManager(address account) public virtual view returns(bool) { return hasRole(ADDRESS_MANAGER_ROLE, account); } /******* UPDATES_MANAGER_ROLE *******/ function grantUpdatesManagerRole(address account) public whenNotPaused { require(hasRole(MANAGER_ROLE, msg.sender), "Access Denied: Caller is NOT MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(UPDATES_MANAGER_ROLE, account) == false, "Access Role Duplication: The account is already an Updates Manager!"); grantRole(UPDATES_MANAGER_ROLE, account); } function revokeUpdatesManagerRole(address account) public { require(hasRole(MANAGER_ROLE, msg.sender), "Access Denied: Caller is NOT MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(UPDATES_MANAGER_ROLE, account), "Revoke Role Failed: The account is NOT an Updates Manager!"); revokeRole(UPDATES_MANAGER_ROLE, account); } function isUpdatesManager(address account) public virtual view returns(bool) { return hasRole(UPDATES_MANAGER_ROLE, account); } /******* ROLES_MANAGER *******/ function grantRolesManagerRole(address account) public whenNotPaused { require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "Access Denied: Caller is NOT SUPER ADMIN!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(ROLES_MANAGER, account) == false, "Access Role Duplication: The account is already a Roles Manager!"); grantRole(ROLES_MANAGER, account); grantRole(MINTER_ROLE, account); grantRole(PAUSER_ROLE, account); } function revokeRolesManagerRole(address account) public { require(hasRole(DEFAULT_ADMIN_ROLE, msg.sender), "Access Denied: Caller is NOT SUPER ADMIN!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(ROLES_MANAGER, account), "Revoke Role Failed: The account is NOT a Roles Manager!"); revokeRole(ROLES_MANAGER, account); revokeRole(MINTER_ROLE, account); revokeRole(PAUSER_ROLE, account); } function isRolesManager(address account) public virtual view returns(bool) { return (hasRole(ROLES_MANAGER, account)); } /******* MINTER_ROLE *******/ function grantMinterRole(address account) public whenNotPaused { require(hasRole(ROLES_MANAGER, msg.sender), "Access Denied: Caller is NOT ROLES MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(MINTER_ROLE, account) == false, "Access Role Duplication: The account is already a Minter!"); grantRole(MINTER_ROLE, account); } function revokeMinterRole(address account) public { require(hasRole(ROLES_MANAGER, msg.sender), "Access Denied: Caller is NOT ROLES MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(MINTER_ROLE, account), "Revoke Role Failed: The account is NOT a Minter!"); revokeRole(MINTER_ROLE, account); } function isMinter(address account) public virtual view returns(bool) { return hasRole(MINTER_ROLE, account); } /******* PAUSER_ROLE *******/ function grantPauserRole(address account) public whenNotPaused { require(hasRole(ROLES_MANAGER, msg.sender), "Access Denied: Caller is NOT ROLES MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(PAUSER_ROLE, account) == false, "Access Role Duplication: The account is already a Pauser!"); grantRole(PAUSER_ROLE, account); } function revokePauserRole(address account) public { require(hasRole(ROLES_MANAGER, msg.sender), "Access Denied: Caller is NOT ROLES MANAGER!"); require(account != address(0), "Account: Zero or Invalid address!"); require(hasRole(PAUSER_ROLE, account), "Revoke Role Failed: The account is NOT a Pauser!"); revokeRole(PAUSER_ROLE, account); } function isPauser(address account) public virtual view returns(bool) { return hasRole(PAUSER_ROLE, account); } //----------------------- PAUSER FUNCTIONS -----------------------// function pauseContract() public whenNotPaused { require(hasRole(PAUSER_ROLE, msg.sender), "Access Denied: Caller is NOT PAUSER!"); _pause(); } function unpauseContract() public whenPaused { require(hasRole(PAUSER_ROLE, msg.sender), "Access Denied: Caller is NOT PAUSER!"); _unpause(); } }