Asset Tokenization Studio Team
AccessControlOperational
Variant of AccessControl for proxy facets only. Identical to AccessControl except every state-changing function requires onlyOperational as its first modifier. Use AccessControl (without onlyOperational) for direct-inheritance consumers such as DiamondCutManager that do not operate through the ResolverProxy pattern.
Implements IAccessControl. Intended to be inherited exclusively by AccessControlFacet.
function applyRoles(bytes32[] _roles, bool[] _actives, address _account) external nonpayableApplies multiple role grants or revocations to an account in a single transaction.
Requires the token to be operational and unpaused, equal-length arrays, and no duplicate role entries. Per-role admin checks are enforced inside the storage layer.
| Name | Type | Description |
|---|---|---|
| _roles | bytes32[] | Array of role identifiers to process. |
| _actives | bool[] | Corresponding flags; true grants the role, false revokes it. |
| _account | address | The account to which roles are applied. |
function getRoleCountFor(address _account) external view returns (uint256 roleCount_)Returns the number of roles currently assigned to an account.
| Name | Type | Description |
|---|---|---|
| _account | address | The account to query. |
| Name | Type | Description |
|---|---|---|
| roleCount_ | uint256 | The number of roles held by _account. |
function getRoleMemberCount(bytes32 _role) external view returns (uint256 memberCount_)Returns the number of accounts currently holding a role.
| Name | Type | Description |
|---|---|---|
| _role | bytes32 | The role identifier to query. |
| Name | Type | Description |
|---|---|---|
| memberCount_ | uint256 | The number of accounts assigned to _role. |
function getRoleMembers(bytes32 _role, uint256 _pageIndex, uint256 _pageLength) external view returns (address[] members_)Returns a paginated slice of accounts holding a role.
_The list offset is computed as \_pageIndex _ \_pageLength. Returns an empty array when the offset meets or exceeds the member count for the role.*
| Name | Type | Description |
|---|---|---|
| _role | bytes32 | The role identifier to query. |
| _pageIndex | uint256 | Zero-based page index. |
| _pageLength | uint256 | Maximum number of addresses to return per page. |
| Name | Type | Description |
|---|---|---|
| members_ | address[] | Array of account addresses holding _role for the requested page. |
function getRolesFor(address _account, uint256 _pageIndex, uint256 _pageLength) external view returns (bytes32[] roles_)Returns a paginated slice of roles assigned to an account.
_The list offset is computed as \_pageIndex _ \_pageLength. Returns an empty array when the offset meets or exceeds the role count for the account.*
| Name | Type | Description |
|---|---|---|
| _account | address | The account to query. |
| _pageIndex | uint256 | Zero-based page index. |
| _pageLength | uint256 | Maximum number of roles to return per page. |
| Name | Type | Description |
|---|---|---|
| roles_ | bytes32[] | Array of role identifiers held by _account for the requested page. |
function grantRole(bytes32 _role, address _account) external nonpayable returns (bool success_)Grants a role to an account.
Requires the token to be operational and unpaused, and the caller to hold the admin role of _role.
| Name | Type | Description |
|---|---|---|
| _role | bytes32 | The role identifier to grant. |
| _account | address | The account to receive the role. |
| Name | Type | Description |
|---|---|---|
| success_ | bool | True if the role was successfully granted. |
function hasRole(bytes32 _role, address _account) external view returns (bool)Checks whether an account holds a specific role.
| Name | Type | Description |
|---|---|---|
| _role | bytes32 | The role identifier to check. |
| _account | address | The account to check. |
| Name | Type | Description |
|---|---|---|
| _0 | bool | True if _account holds _role, false otherwise. |
function initializeAccessControl() external nonpayableInitialises the AccessControl capability on the token.
Callable once; subsequent calls revert with FacetAlreadyRegistered. Requires DEFAULT_ADMIN_ROLE. Called by the factory during deployment.
function renounceRole(bytes32 _role) external nonpayable returns (bool success_)Allows the caller to renounce a role held by their own account.
Requires the token to be operational and unpaused. No admin role required; acts on msg.sender. Reverts with CannotRenounceSoleAdmin if the caller is the sole DEFAULT_ADMIN_ROLE holder.
| Name | Type | Description |
|---|---|---|
| _role | bytes32 | The role identifier to renounce. |
| Name | Type | Description |
|---|---|---|
| success_ | bool | True if the role was successfully renounced. |
function revokeRole(bytes32 _role, address _account) external nonpayable returns (bool success_)Revokes a role from an account.
Requires the token to be operational and unpaused, and the caller to hold the admin role of _role.
| Name | Type | Description |
|---|---|---|
| _role | bytes32 | The role identifier to revoke. |
| _account | address | The account to lose the role. |
| Name | Type | Description |
|---|---|---|
| success_ | bool | True if the role was successfully revoked. |
event AccessControlInitialized()Emitted once when the AccessControl capability is initialised on a token.
Fires exclusively from initializeAccessControl after the registration succeeds.
event RoleGranted(address indexed operator, address indexed account, bytes32 indexed role)Emitted when a role is granted to an account.
| Name | Type | Description |
|---|---|---|
operator indexed |
address | The address that performed the grant. |
account indexed |
address | The account that received the role. |
role indexed |
bytes32 | The role that was granted. |
event RoleRenounced(address indexed account, bytes32 indexed role)Emitted when an account voluntarily renounces a role it holds.
| Name | Type | Description |
|---|---|---|
account indexed |
address | The account that renounced the role. |
role indexed |
bytes32 | The role that was renounced. |
event RoleRevoked(address indexed operator, address indexed account, bytes32 indexed role)Emitted when a role is revoked from an account.
| Name | Type | Description |
|---|---|---|
operator indexed |
address | The address that performed the revocation. |
account indexed |
address | The account from which the role was revoked. |
role indexed |
bytes32 | The role that was revoked. |
event RolesApplied(bytes32[] requestedRoles, bool[] requestedStates, address account, bytes32[] appliedRoles, bool[] appliedStates)Emitted when multiple roles are applied to an account in a single operation.
| Name | Type | Description |
|---|---|---|
| requestedRoles | bytes32[] | The roles that were submitted by the caller. |
| requestedStates | bool[] | Corresponding grant/revoke flags; true means granted, false revoked. |
| account | address | The account to which the roles were applied. |
| appliedRoles | bytes32[] | The subset of requestedRoles whose state effectively changed. |
| appliedStates | bool[] | The corresponding final state for each effectively applied role. |
error AccountAssignedToRole(bytes32 role, address account)Thrown when attempting to grant a role to an account that already holds it.
| Name | Type | Description |
|---|---|---|
| role | bytes32 | The role the account already holds. |
| account | address | The account already assigned to the role. |
error AccountHasNoRole(address account, bytes32 role)Thrown when an account does not hold a required role.
| Name | Type | Description |
|---|---|---|
| account | address | The account that lacks the role. |
| role | bytes32 | The role that is not held. |
error AccountHasNoRoles(address account, bytes32[] roles)Thrown when an account does not hold any of the specified roles.
| Name | Type | Description |
|---|---|---|
| account | address | The account that lacks the roles. |
| roles | bytes32[] | The roles that are not held. |
error AccountNotAssignedToRole(bytes32 role, address account)Thrown when attempting to revoke or renounce a role from an account that does not hold it.
| Name | Type | Description |
|---|---|---|
| role | bytes32 | The role the account does not hold. |
| account | address | The account not assigned to the role. |
error AssetNotOperational(bytes32 configId, uint256 versionId)Raised by InitializerStorageWrapper.checkOperational (and the related isConfigVersionOperational helper) when an operation is attempted on a configuration version that has not yet been marked operational.
| Name | Type | Description |
|---|---|---|
| configId | bytes32 | Resolver-proxy configuration whose operational status was checked. |
| versionId | uint256 | Configuration version whose operational status was checked. |
error CannotRenounceSoleAdmin()Thrown when the sole holder of DEFAULT_ADMIN_ROLE attempts to renounce it, which would permanently lock all admin-gated functions.
error ContradictoryValuesInArray(uint256 lowerIndex, uint256 upperIndex)Reverts when ordered array values contradict expected ordering.
Indicates that two indexed values cannot both satisfy the required monotonic or range invariant.
| Name | Type | Description |
|---|---|---|
| lowerIndex | uint256 | Lower array index involved in the contradiction. |
| upperIndex | uint256 | Upper array index involved in the contradiction. |
error Deactivated()Thrown when an operation guarded by onlyActivated is attempted on a token whose deactivation flag has already been set.
error FacetAlreadyRegistered(bytes32 facetId, uint256 lastVersion)Raised when an initialiser tries to register a facet that already has a non-zero last registered version (i.e. the facet is being re-initialised on a fresh install).
| Name | Type | Description |
|---|---|---|
| facetId | bytes32 | Identifier of the offending facet. |
| lastVersion | uint256 | Last version recorded for that facet at the time of the check. |
error IsPaused()Thrown when an operation that requires the token to be unpaused is attempted while the token is paused (own flag or any external pause contract).
error RolesAndActivesLengthMismatch(uint256 rolesLength, uint256 activesLength)Thrown when the roles and actives arrays passed to applyRoles differ in length.
| Name | Type | Description |
|---|---|---|
| rolesLength | uint256 | Length of the roles array. |
| activesLength | uint256 | Length of the actives array. |
error UnrecognizedResolverProxyVersion(bytes8 _resolverProxyVersion)Thrown when the provided proxy version does not match any BLR compatible standard.
| Name | Type | Description |
|---|---|---|
| _resolverProxyVersion | bytes8 | proxy version that is not compatible with the BLR. |
error WalletRecovered()Thrown when attempting to recover a wallet that has already been recovered.