// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { CannotAuthoriseSelf, UnAuthorized } from "../Errors/GenericErrors.sol";
/// @title Access Library
/// @author LI.FI (https://li.fi)
/// @notice Provides functionality for managing method level access control
library LibAccess {
/// Types ///
bytes32 internal constant NAMESPACE =
keccak256("com.lifi.library.access.management");
/// Storage ///
struct AccessStorage {
mapping(bytes4 => mapping(address => bool)) execAccess;
}
/// Events ///
event AccessGranted(address indexed account, bytes4 indexed method);
event AccessRevoked(address indexed account, bytes4 indexed method);
/// @dev Fetch local storage
function accessStorage()
internal
pure
returns (AccessStorage storage accStor)
{
bytes32 position = NAMESPACE;
// solhint-disable-next-line no-inline-assembly
assembly {
accStor.slot := position
}
}
/// @notice Gives an address permission to execute a method
/// @param selector The method selector to execute
/// @param executor The address to grant permission to
function addAccess(bytes4 selector, address executor) internal {
if (executor == address(this)) {
revert CannotAuthoriseSelf();
}
AccessStorage storage accStor = accessStorage();
accStor.execAccess[selector][executor] = true;
emit AccessGranted(executor, selector);
}
/// @notice Revokes permission to execute a method
/// @param selector The method selector to execute
/// @param executor The address to revoke permission from
function removeAccess(bytes4 selector, address executor) internal {
AccessStorage storage accStor = accessStorage();
accStor.execAccess[selector][executor] = false;
emit AccessRevoked(executor, selector);
}
/// @notice Enforces access control by reverting if `msg.sender`
/// has not been given permission to execute `msg.sig`
function enforceAccessControl() internal view {
AccessStorage storage accStor = accessStorage();
if (accStor.execAccess[msg.sig][msg.sender] != true)
revert UnAuthorized();
}
}