Git Source Inherits: AccessControlEnumerable, ReentrancyGuard Author: @mpetersoCode55, @ShaneDuncan602, @TJ-Everett, @VoR0220 SPDX-License-Identifier: BUSL-1.1 This contract is a critical component of the Rules Engine, enabling secure and flexible role management. This contract serves as the primary Admin Roles facet for the Rules Engine. It is responsible for managing, mutating, and granting all admin roles, including policy and calling contract admin roles. It enforces role-based access control and ensures proper role assignment and revocation. The contract also provides mechanisms for proposing and confirming new admin roles.

Functions

isPolicyAdmin

Checks if an address is the policy admin for a specific policy ID. 
function isPolicyAdmin(uint256 policyId, address account) public view returns (bool);
Parameters
NameTypeDescription
policyIduint256The ID of the policy.
accountaddressThe address to check for the policy admin role.
Returns
NameTypeDescription
<none>boolbool True if the address has the policy admin role, false otherwise.

generatePolicyAdminRole

Generates and assigns a policy admin role to an address. This function is called internally by the Rules Engine to assign the policy admin role. 
function generatePolicyAdminRole(uint256 policyId, address account) public nonReentrant returns (bytes32);
Parameters
NameTypeDescription
policyIduint256The ID of the policy.
accountaddressThe address to assign the policy admin role.
Returns
NameTypeDescription
<none>bytes32bytes32 The generated admin role identifier.

proposeNewPolicyAdmin

Proposes a new policy admin for a specific policy. 
function proposeNewPolicyAdmin(address newPolicyAdmin, uint256 policyId) public;
Parameters
NameTypeDescription
newPolicyAdminaddressThe address of the proposed new policy admin.
policyIduint256The ID of the policy.

confirmNewPolicyAdmin

Confirms the proposed policy admin for a specific policy. 
function confirmNewPolicyAdmin(uint256 policyId) public;
Parameters
NameTypeDescription
policyIduint256The ID of the policy.

renounceRole

This function is used to renounce Role. It is also preventing policyAdmins from renouncing ther role. They must set another policyAdmin through the function proposeNewPolicyAdmin(). 
function renounceRole(bytes32 role, address account, uint256 policyId) public nonReentrant;
Parameters
NameTypeDescription
rolebytes32the role to renounce.
accountaddressaddress renouncing to the role.
policyIduint256

revokeRole

enforcing the min-1-admin requirement. This function overrides the parent’s revokeRole function. Its purpose is to prevent Policy Admins from being revoked through this “backdoor” which would effectively leave the policy in a Policy Admin-orphan state. 
function revokeRole(bytes32 role, address account, uint256 policyId) public nonReentrant;
Parameters
NameTypeDescription
rolebytes32the role to revoke.
accountaddressaddress of revoked role.
policyIduint256

_grantRolePolicyAdmin

enforcing the min-1-admin requirement for policy admins. Grants a policy admin role to an address. Internal function to assign the policy admin role. 
function _grantRolePolicyAdmin(bytes32 _role, address _account) internal;
Parameters
NameTypeDescription
_rolebytes32The admin role identifier.
_accountaddressThe address to be granted the role.

_generatePolicyAdminRoleId

Generates a unique identifier for a policy admin role. 
function _generatePolicyAdminRoleId(uint256 _policyId, bytes32 _adminRole) internal pure returns (bytes32);
Parameters
NameTypeDescription
_policyIduint256The ID of the policy.
_adminRolebytes32The role constant identifier.
Returns
NameTypeDescription
<none>bytes32bytes32 The generated admin role identifier.

isCallingContractAdmin

Checks if an address is the calling contract admin for a specific contract. 
function isCallingContractAdmin(address _callingContract, address _account) public view returns (bool);
Parameters
NameTypeDescription
_callingContractaddressThe address of the calling contract.
_accountaddressThe address to check for the calling contract admin role.
Returns
NameTypeDescription
<none>boolbool True if the address has the calling contract admin role, false otherwise.

grantCallingContractRole

Grants the calling contract admin role to an address. Call this function from your contract to set the calling contract admin. 
function grantCallingContractRole(address _callingContract, address _account) public nonReentrant returns (bytes32);
Parameters
NameTypeDescription
_callingContractaddressThe address of the calling contract.
_accountaddressThe address to assign the calling contract admin role.
Returns
NameTypeDescription
<none>bytes32bytes32 The generated admin role identifier.

grantCallingContractRoleAccessControl

Function to grant calling contract admin role Call this function when you are the calling contract admin of your contract 
function grantCallingContractRoleAccessControl(address _callingContract, address _account)
    public
    nonReentrant
    returns (bytes32);
Parameters
NameTypeDescription
_callingContractaddresspolicy Id
_accountaddressaddress to assign admin role Id
Returns
NameTypeDescription
<none>bytes32bytes32 adminRoleId

grantCallingContractRoleOwnable

Grants the calling contract admin role to an address. Call this function from your contract to set the calling contract admin. 
function grantCallingContractRoleOwnable(address _callingContract, address _account)
    public
    nonReentrant
    returns (bytes32);
Parameters
NameTypeDescription
_callingContractaddressThe address of the calling contract.
_accountaddressThe address to assign the calling contract admin role.
Returns
NameTypeDescription
<none>bytes32bytes32 The generated admin role identifier.

proposeNewCallingContractAdmin

There can only ever be one Calling Contract Admin per calling contract This function grants the proposed admin role to the newPolicyAdmin address Calling Contract Admin does not have a revoke or renounce function. Only Use Propose and Confirm to transfer Role. 
function proposeNewCallingContractAdmin(address callingContractAddress, address newCallingContractAdmin) public;
Parameters
NameTypeDescription
callingContractAddressaddressaddress of the calling contract.
newCallingContractAdminaddressaddress of new admin.

confirmNewCallingContractAdmin

This function confirms the proposed admin role 
function confirmNewCallingContractAdmin(address callingContractAddress) public;
Parameters
NameTypeDescription
callingContractAddressaddressaddress of the calling contract.

_generateCallingContractAdminRoleId

Generates a unique identifier for a calling contract admin role. 
function _generateCallingContractAdminRoleId(address _callingContract, bytes32 _adminRole)
    internal
    pure
    returns (bytes32);
Parameters
NameTypeDescription
_callingContractaddressThe address of the calling contract.
_adminRolebytes32The role constant identifier.
Returns
NameTypeDescription
<none>bytes32bytes32 The generated admin role identifier.

renounceRole

Overrides the parent’s renounceRole function to disable its public nature. This function is intentionally disabled to enforce role renouncing through specific channels. 
function renounceRole(bytes32 role, address account) public virtual override(AccessControl, IAccessControl);
Parameters
NameTypeDescription
rolebytes32The role to renounce.
accountaddressThe address renouncing the role.

revokeRole

Overrides the parent’s revokeRole function to disable its public nature. This function is intentionally disabled to enforce role revocation through specific channels. 
function revokeRole(bytes32 role, address account) public virtual override(AccessControl, IAccessControl);
Parameters
NameTypeDescription
rolebytes32The role to revoke.
accountaddressThe address of the revoked role.

grantRole

Overrides the parent’s grantRole function to disable its public nature. This function is intentionally disabled to enforce role granting through specific channels. 
function grantRole(bytes32 role, address account) public pure override(AccessControl, IAccessControl);
Parameters
NameTypeDescription
rolebytes32The role to grant.
accountaddressThe address to grant the role to.