ObjectAuthorization

Handles fine-grained authorization for object relations. Grants control who can initiate (from) or accept (to) object-to-object relations, scoped by direction, relation ID, kind, and set.

Functions

grantFrom

Issues a grant to allow initiating relations from a tail object

function grantFrom(uint128 tail, RelationGrant memory grant) external;

Parameters

Name	Type	Description
`tail`	`uint128`	Tail object ID
`grant`	`RelationGrant`	Grant details

revokeFrom

Revokes a previously issued from grant

function revokeFrom(uint128 tail, uint32 grantId) external;

Parameters

Name	Type	Description
`tail`	`uint128`	Tail object ID
`grantId`	`uint32`	Grant ID to revoke

grantTo

Issues a grant to allow accepting relations to a head object

function grantTo(uint128 head, RelationGrant memory grant) external;

Parameters

Name	Type	Description
`head`	`uint128`	Head object ID
`grant`	`RelationGrant`	Grant details

revokeTo

Revokes a previously issued to grant

function revokeTo(uint128 head, uint32 grantId) external;

Parameters

Name	Type	Description
`head`	`uint128`	Head object ID
`grantId`	`uint32`	Grant ID to revoke

allowFrom

Checks whether a sender is authorized to initiate a relation from a tail object

function allowFrom(uint32 grantId, address sender, uint128 tail, uint64 rel, uint64 headKind, uint64 headSet)
    external
    view
    returns (bool allowed);

Parameters

Name	Type	Description
`grantId`	`uint32`	Grant ID to check
`sender`	`address`	Address attempting the action
`tail`	`uint128`	Tail object ID
`rel`	`uint64`	Relation ID
`headKind`	`uint64`	Kind ID of the target (head) object
`headSet`	`uint64`	Set ID of the target (head) object

Returns

Name	Type	Description
`allowed`	`bool`	True if authorized

allowTo

Checks whether a sender is authorized to accept a relation to a head object

function allowTo(uint32 grantId, address sender, uint128 head, uint64 rel, uint64 tailKind, uint64 tailSet)
    external
    view
    returns (bool allowed);

Parameters

Name	Type	Description
`grantId`	`uint32`	Grant ID to check
`sender`	`address`	Address attempting the action
`head`	`uint128`	Head object ID
`rel`	`uint64`	Relation ID
`tailKind`	`uint64`	Kind ID of the source (tail) object
`tailSet`	`uint64`	Set ID of the source (tail) object

Returns

Name	Type	Description
`allowed`	`bool`	True if authorized

Events

GrantFrom

Emitted when a grant is issued to authorize initiating a relation from a tail object

event GrantFrom(uint128 tail, RelationGrant grant);

Parameters

Name	Type	Description
`tail`	`uint128`	Tail object ID (initiator)
`grant`	`RelationGrant`	Grant definition

RevokeFrom

Emitted when a grant from a tail object is revoked

event RevokeFrom(uint128 tail, uint32 grantId);

Parameters

Name	Type	Description
`tail`	`uint128`	Tail object ID (initiator)
`grantId`	`uint32`	ID of the revoked grant

GrantTo

Emitted when a grant is issued to authorize accepting a relation to a head object

event GrantTo(uint128 head, RelationGrant grant);

Parameters

Name	Type	Description
`head`	`uint128`	Head object ID (receiver)
`grant`	`RelationGrant`	Grant definition

RevokeTo

Emitted when a grant to a head object is revoked

event RevokeTo(uint128 head, uint32 grantId);

Parameters

Name	Type	Description
`head`	`uint128`	Head object ID (receiver)
`grantId`	`uint32`	ID of the revoked grant

Core

Periphery

Deployment

Functions

grantFrom

revokeFrom

grantTo

revokeTo

allowFrom

allowTo

Events

GrantFrom

RevokeFrom

GrantTo

RevokeTo

Core

Periphery

Deployment

​Functions

​grantFrom

​revokeFrom

​grantTo

​revokeTo

​allowFrom

​allowTo

​Events

​GrantFrom

​RevokeFrom

​GrantTo

​RevokeTo

Functions

grantFrom

revokeFrom

grantTo

revokeTo

allowFrom

allowTo

Events

GrantFrom

RevokeFrom

GrantTo

RevokeTo