Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Script Hooks: assign custom permission to the proxy app #143

Open
0xGabi opened this issue Apr 9, 2020 · 4 comments
Open

Script Hooks: assign custom permission to the proxy app #143

0xGabi opened this issue Apr 9, 2020 · 4 comments
Labels
enhancement New feature or request

Comments

@0xGabi
Copy link
Contributor

0xGabi commented Apr 9, 2020

🚀 Feature
@0xGabi 0xGabi added the enhancement New feature or request label Apr 9, 2020
@sohkai
Copy link
Contributor

sohkai commented Apr 14, 2020

Just wondering, is it not possible to do this at the moment? Or do we not have good utilities to make this easy?

@dapplion
Copy link
Contributor

Proposal

Expose a hook called setPermissions which allows the user to customize the permission setting. The API could be similar to the app installer where a custom utility function is passed as an argument to minimize code. For example:

hooks: {
  setPermissions: async function ( { setPermission }, bre) {
    await setPermission("INCREMENT_ROLE", anotherAppInstance.address)
    await setPermission("DECREMENT_ROLE", "0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")
    
    // Possible keyword shortcuts
    await setPermission("ANOTHER_ROLE", "me")
    await setPermission("ANOTHER_ROLE", "rootAccount")
    await setPermission("ANOTHER_ROLE", "any")
    await setPermission("ANOTHER_ROLE", "anyEntity")
  }
}

@0xGabi
Copy link
Contributor Author

0xGabi commented Apr 14, 2020

is it not possible to do this at the moment?

At this moment we assign all permission open for the proxy app. Then you can customize it on the client but not from the script.

@dapplion I like that approach. In my opinion just allowing any, anyEntity keyword. And otherwise an entity address.

@sohkai
Copy link
Contributor

sohkai commented Apr 16, 2020

Expose a hook called setPermissions

When in the hooks lifecycle would this happen? I'm primarily curious if this hook would work for setting permissions in any other apps installed rather than only scoped to the current app.

We should also default to the normal behaviour if this hook is not defined (and probably log that we're defaulting the behaviour?).

await setPermission("INCREMENT_ROLE", anotherAppInstance.address)

We may want to be careful about just using a string, but almost all apps should be exposing these as getters and so we could do an eth_call to see what the return is, and, failing that, use the hash (and warn that we couldn't find it on the app!)

// Possible keyword shortcuts

I like these! Depending on how we've communicated, I would use only one of me or rootAccount. Technically you can still get these values from the BRE, right?

However, I wonder if it'd be nicer to use an object mapping for the set of allowed values, so it's easier for the person to know if they're using a correct value. E.g. we've previously made a proxy for error mappings and could do something similar here that will throw if an incorrect value was attempted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sohkai @0xGabi @dapplion