Skip to main content

AccessProtected

Multi-admin access control library providing role-based permissions and secure administrative operations for TokenOps contracts.

Library Information

File Location: contracts/libraries/AccessProtected.sol

Usage Pattern:

import {AccessProtected} from "./libraries/AccessProtected.sol";

contract MyContract is AccessProtected {}

Overview

The AccessProtected library provides a sophisticated access control system that supports multiple administrators.

Key Features

  • Multi-admin support - Multiple addresses can have administrative privileges
  • Secure admin management - Protected functions for granting/revoking admin access
  • Event-driven transparency - All admin changes are logged via events
  • Gas-efficient storage - Optimized storage layout for admin management
  • Reentrancy protection - Built-in guards against common attack vectors

Access Levels

Different functions can require different access levels:

  • Public functions - No restrictions
  • Admin-only functions - Requires admin role

Modifiers

Access Control Modifiers

modifier onlyAdmin() {
    if (!_admins[_msgSender()]) revert Errors.AdminAccessRequired();
    _;
}

Core Functions

Constructor

constructor() {
    _admins[_msgSender()] = true;
    adminCount = 1;
    emit AdminAccessSet(_msgSender(), true);
}

setAdmin

function setAdmin(address admin, bool isEnabled) public onlyAdmin {
    if (admin == address(0)) revert Errors.InvalidAddress();
    if (_admins[admin] == isEnabled)
        revert Errors.AdminStatusAlreadyActive();

    if (isEnabled) {
        adminCount++;
    } else {
        if (adminCount <= 1) revert Errors.CannotRemoveLastAdmin();
        adminCount--;
    }

    _admins[admin] = isEnabled;
    emit AdminAccessSet(admin, isEnabled);
}

Parameters:

  • admin: Address to grant admin privileges
  • isEnabled: Whether to grant or revoke admin privileges

Access: Admin only

Effects:

  • Grants admin role to specified address
  • Updates admin tracking arrays
  • Emits AdminAdded event

Example:

// Grant standard admin privileges
vestingManager.addAdmin(0x123...789, true);

// Revoke an existing admin
vestingManager.addAdmin(0x456...012, false);

View Functions

isAdmin

function isAdmin(address _addressToCheck) external view returns (bool) {
    return _admins[_addressToCheck];
}

Parameters:

  • _addressToCheck: Address to check

Returns: True if address has any admin privileges

Events

AdminAdded

event AdminAccessSet(address indexed _admin, bool _enabled);

Emitted when a new admin is added to the system.

Parameters:

  • _admin: Address granted admin privileges
  • _enabled: Whether the admin is enabled or revoked

Security Considerations

Admin Management Security

  • Last admin protection - Cannot remove the last admin to prevent lockout
  • Access control - Only admins can modify admin roles

The AccessProtected library provides a foundation for access control in TokenOps vesting contracts, enabling secure multi-admin operations.