Permissions
Administrator Configuration
An application relies on many administrator roles to work properly. Different configuration tasks need different administrator roles. The protocol utilizes the AccessControlEnumerable contract provided by OpenZeppelin to grant and revoke roles. The following section explains how to set all the admin roles:
- Call the addAppAdministrator function on the AppManager using the current Super Admin account. It accepts one parameter: the address of the desired appAdministrator. Replace
DESIRED_APP_ADMIN_ADDRESS
in the following cast command with the address that is being granted the role of AppAdmin.
NOTE: If multiple appAdmins are desired, the use of addMultipleAppAdministrator
can be used, but it is recommended to have as few App Admins as possible. It accepts an array of addresses: the addresses of the desired appAdministrators. Replace DESIRED_APP_ADMIN_ADDRESS
in the following cast command with the addresses that are being granted the role of AppAdmin.
- Now that there are addresses granted the
APP_ADMIN_ROLE
, refer to admin roles to setup other desired admin roles (ruleAdmin, riskAdmin, accessTierAdmin, Treasury account) through the respective function in the appManager. This time, you can sign the transactions with any of the addresses that were granted the appAdmin role in the previous steps since it is only addresses with appAdmin privileges that can grant these other admin roles.