:github-icon: pass:[] :AccessControl: pass:normal[xref:access.adoc#AccessControl[`AccessControl`]] :Ownable: pass:normal[xref:access.adoc#Ownable[`Ownable`]] :xref-Ownable-onlyOwner--: xref:access.adoc#Ownable-onlyOwner-- :xref-Ownable-constructor--: xref:access.adoc#Ownable-constructor-- :xref-Ownable-owner--: xref:access.adoc#Ownable-owner-- :xref-Ownable-_checkOwner--: xref:access.adoc#Ownable-_checkOwner-- :xref-Ownable-renounceOwnership--: xref:access.adoc#Ownable-renounceOwnership-- :xref-Ownable-transferOwnership-address-: xref:access.adoc#Ownable-transferOwnership-address- :xref-Ownable-_transferOwnership-address-: xref:access.adoc#Ownable-_transferOwnership-address- :xref-Ownable-OwnershipTransferred-address-address-: xref:access.adoc#Ownable-OwnershipTransferred-address-address- :xref-Ownable2Step-pendingOwner--: xref:access.adoc#Ownable2Step-pendingOwner-- :xref-Ownable2Step-transferOwnership-address-: xref:access.adoc#Ownable2Step-transferOwnership-address- :xref-Ownable2Step-_transferOwnership-address-: xref:access.adoc#Ownable2Step-_transferOwnership-address- :xref-Ownable2Step-acceptOwnership--: xref:access.adoc#Ownable2Step-acceptOwnership-- :xref-Ownable-owner--: xref:access.adoc#Ownable-owner-- :xref-Ownable-_checkOwner--: xref:access.adoc#Ownable-_checkOwner-- :xref-Ownable-renounceOwnership--: xref:access.adoc#Ownable-renounceOwnership-- :xref-Ownable2Step-OwnershipTransferStarted-address-address-: xref:access.adoc#Ownable2Step-OwnershipTransferStarted-address-address- :xref-Ownable-OwnershipTransferred-address-address-: xref:access.adoc#Ownable-OwnershipTransferred-address-address- :xref-IAccessControl-hasRole-bytes32-address-: xref:access.adoc#IAccessControl-hasRole-bytes32-address- :xref-IAccessControl-getRoleAdmin-bytes32-: xref:access.adoc#IAccessControl-getRoleAdmin-bytes32- :xref-IAccessControl-grantRole-bytes32-address-: xref:access.adoc#IAccessControl-grantRole-bytes32-address- :xref-IAccessControl-revokeRole-bytes32-address-: xref:access.adoc#IAccessControl-revokeRole-bytes32-address- :xref-IAccessControl-renounceRole-bytes32-address-: xref:access.adoc#IAccessControl-renounceRole-bytes32-address- :xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-: xref:access.adoc#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32- :xref-IAccessControl-RoleGranted-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleGranted-bytes32-address-address- :xref-IAccessControl-RoleRevoked-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleRevoked-bytes32-address-address- :AccessControl-_setRoleAdmin: pass:normal[xref:access.adoc#AccessControl-_setRoleAdmin-bytes32-bytes32-[`AccessControl._setRoleAdmin`]] :AccessControl-_setupRole: pass:normal[xref:access.adoc#AccessControl-_setupRole-bytes32-address-[`AccessControl._setupRole`]] :AccessControlEnumerable: pass:normal[xref:access.adoc#AccessControlEnumerable[`AccessControlEnumerable`]] :AccessControlDefaultAdminRules: pass:normal[xref:access.adoc#AccessControlDefaultAdminRules[`AccessControlDefaultAdminRules`]] :xref-AccessControl-onlyRole-bytes32-: xref:access.adoc#AccessControl-onlyRole-bytes32- :xref-AccessControl-supportsInterface-bytes4-: xref:access.adoc#AccessControl-supportsInterface-bytes4- :xref-AccessControl-hasRole-bytes32-address-: xref:access.adoc#AccessControl-hasRole-bytes32-address- :xref-AccessControl-_checkRole-bytes32-: xref:access.adoc#AccessControl-_checkRole-bytes32- :xref-AccessControl-_checkRole-bytes32-address-: xref:access.adoc#AccessControl-_checkRole-bytes32-address- :xref-AccessControl-getRoleAdmin-bytes32-: xref:access.adoc#AccessControl-getRoleAdmin-bytes32- :xref-AccessControl-grantRole-bytes32-address-: xref:access.adoc#AccessControl-grantRole-bytes32-address- :xref-AccessControl-revokeRole-bytes32-address-: xref:access.adoc#AccessControl-revokeRole-bytes32-address- :xref-AccessControl-renounceRole-bytes32-address-: xref:access.adoc#AccessControl-renounceRole-bytes32-address- :xref-AccessControl-_setupRole-bytes32-address-: xref:access.adoc#AccessControl-_setupRole-bytes32-address- :xref-AccessControl-_setRoleAdmin-bytes32-bytes32-: xref:access.adoc#AccessControl-_setRoleAdmin-bytes32-bytes32- :xref-AccessControl-_grantRole-bytes32-address-: xref:access.adoc#AccessControl-_grantRole-bytes32-address- :xref-AccessControl-_revokeRole-bytes32-address-: xref:access.adoc#AccessControl-_revokeRole-bytes32-address- :xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-: xref:access.adoc#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32- :xref-IAccessControl-RoleGranted-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleGranted-bytes32-address-address- :xref-IAccessControl-RoleRevoked-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleRevoked-bytes32-address-address- :IERC165-supportsInterface: pass:normal[xref:utils.adoc#IERC165-supportsInterface-bytes4-[`IERC165.supportsInterface`]] :AccessControl: pass:normal[xref:access.adoc#AccessControl[`AccessControl`]] :AccessControl: pass:normal[xref:access.adoc#AccessControl[`AccessControl`]] :xref-AccessControlCrossChain-_checkRole-bytes32-: xref:access.adoc#AccessControlCrossChain-_checkRole-bytes32- :xref-AccessControlCrossChain-_crossChainRoleAlias-bytes32-: xref:access.adoc#AccessControlCrossChain-_crossChainRoleAlias-bytes32- :xref-CrossChainEnabled-_isCrossChain--: xref:crosschain.adoc#CrossChainEnabled-_isCrossChain-- :xref-CrossChainEnabled-_crossChainSender--: xref:crosschain.adoc#CrossChainEnabled-_crossChainSender-- :xref-AccessControl-supportsInterface-bytes4-: xref:access.adoc#AccessControl-supportsInterface-bytes4- :xref-AccessControl-hasRole-bytes32-address-: xref:access.adoc#AccessControl-hasRole-bytes32-address- :xref-AccessControl-_checkRole-bytes32-address-: xref:access.adoc#AccessControl-_checkRole-bytes32-address- :xref-AccessControl-getRoleAdmin-bytes32-: xref:access.adoc#AccessControl-getRoleAdmin-bytes32- :xref-AccessControl-grantRole-bytes32-address-: xref:access.adoc#AccessControl-grantRole-bytes32-address- :xref-AccessControl-revokeRole-bytes32-address-: xref:access.adoc#AccessControl-revokeRole-bytes32-address- :xref-AccessControl-renounceRole-bytes32-address-: xref:access.adoc#AccessControl-renounceRole-bytes32-address- :xref-AccessControl-_setupRole-bytes32-address-: xref:access.adoc#AccessControl-_setupRole-bytes32-address- :xref-AccessControl-_setRoleAdmin-bytes32-bytes32-: xref:access.adoc#AccessControl-_setRoleAdmin-bytes32-bytes32- :xref-AccessControl-_grantRole-bytes32-address-: xref:access.adoc#AccessControl-_grantRole-bytes32-address- :xref-AccessControl-_revokeRole-bytes32-address-: xref:access.adoc#AccessControl-_revokeRole-bytes32-address- :xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-: xref:access.adoc#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32- :xref-IAccessControl-RoleGranted-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleGranted-bytes32-address-address- :xref-IAccessControl-RoleRevoked-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleRevoked-bytes32-address-address- :AccessControl-_checkRole: pass:normal[xref:access.adoc#AccessControl-_checkRole-bytes32-address-[`AccessControl._checkRole`]] :xref-IAccessControlEnumerable-getRoleMember-bytes32-uint256-: xref:access.adoc#IAccessControlEnumerable-getRoleMember-bytes32-uint256- :xref-IAccessControlEnumerable-getRoleMemberCount-bytes32-: xref:access.adoc#IAccessControlEnumerable-getRoleMemberCount-bytes32- :xref-IAccessControl-hasRole-bytes32-address-: xref:access.adoc#IAccessControl-hasRole-bytes32-address- :xref-IAccessControl-getRoleAdmin-bytes32-: xref:access.adoc#IAccessControl-getRoleAdmin-bytes32- :xref-IAccessControl-grantRole-bytes32-address-: xref:access.adoc#IAccessControl-grantRole-bytes32-address- :xref-IAccessControl-revokeRole-bytes32-address-: xref:access.adoc#IAccessControl-revokeRole-bytes32-address- :xref-IAccessControl-renounceRole-bytes32-address-: xref:access.adoc#IAccessControl-renounceRole-bytes32-address- :xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-: xref:access.adoc#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32- :xref-IAccessControl-RoleGranted-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleGranted-bytes32-address-address- :xref-IAccessControl-RoleRevoked-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleRevoked-bytes32-address-address- :AccessControl: pass:normal[xref:access.adoc#AccessControl[`AccessControl`]] :xref-AccessControlEnumerable-supportsInterface-bytes4-: xref:access.adoc#AccessControlEnumerable-supportsInterface-bytes4- :xref-AccessControlEnumerable-getRoleMember-bytes32-uint256-: xref:access.adoc#AccessControlEnumerable-getRoleMember-bytes32-uint256- :xref-AccessControlEnumerable-getRoleMemberCount-bytes32-: xref:access.adoc#AccessControlEnumerable-getRoleMemberCount-bytes32- :xref-AccessControlEnumerable-_grantRole-bytes32-address-: xref:access.adoc#AccessControlEnumerable-_grantRole-bytes32-address- :xref-AccessControlEnumerable-_revokeRole-bytes32-address-: xref:access.adoc#AccessControlEnumerable-_revokeRole-bytes32-address- :xref-AccessControl-hasRole-bytes32-address-: xref:access.adoc#AccessControl-hasRole-bytes32-address- :xref-AccessControl-_checkRole-bytes32-: xref:access.adoc#AccessControl-_checkRole-bytes32- :xref-AccessControl-_checkRole-bytes32-address-: xref:access.adoc#AccessControl-_checkRole-bytes32-address- :xref-AccessControl-getRoleAdmin-bytes32-: xref:access.adoc#AccessControl-getRoleAdmin-bytes32- :xref-AccessControl-grantRole-bytes32-address-: xref:access.adoc#AccessControl-grantRole-bytes32-address- :xref-AccessControl-revokeRole-bytes32-address-: xref:access.adoc#AccessControl-revokeRole-bytes32-address- :xref-AccessControl-renounceRole-bytes32-address-: xref:access.adoc#AccessControl-renounceRole-bytes32-address- :xref-AccessControl-_setupRole-bytes32-address-: xref:access.adoc#AccessControl-_setupRole-bytes32-address- :xref-AccessControl-_setRoleAdmin-bytes32-bytes32-: xref:access.adoc#AccessControl-_setRoleAdmin-bytes32-bytes32- :xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-: xref:access.adoc#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32- :xref-IAccessControl-RoleGranted-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleGranted-bytes32-address-address- :xref-IAccessControl-RoleRevoked-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleRevoked-bytes32-address-address- :IERC165-supportsInterface: pass:normal[xref:utils.adoc#IERC165-supportsInterface-bytes4-[`IERC165.supportsInterface`]] :AccessControl: pass:normal[xref:access.adoc#AccessControl[`AccessControl`]] :AccessControl: pass:normal[xref:access.adoc#AccessControl[`AccessControl`]] :xref-AccessControlDefaultAdminRules-constructor-uint48-address-: xref:access.adoc#AccessControlDefaultAdminRules-constructor-uint48-address- :xref-AccessControlDefaultAdminRules-supportsInterface-bytes4-: xref:access.adoc#AccessControlDefaultAdminRules-supportsInterface-bytes4- :xref-AccessControlDefaultAdminRules-owner--: xref:access.adoc#AccessControlDefaultAdminRules-owner-- :xref-AccessControlDefaultAdminRules-grantRole-bytes32-address-: xref:access.adoc#AccessControlDefaultAdminRules-grantRole-bytes32-address- :xref-AccessControlDefaultAdminRules-revokeRole-bytes32-address-: xref:access.adoc#AccessControlDefaultAdminRules-revokeRole-bytes32-address- :xref-AccessControlDefaultAdminRules-renounceRole-bytes32-address-: xref:access.adoc#AccessControlDefaultAdminRules-renounceRole-bytes32-address- :xref-AccessControlDefaultAdminRules-_grantRole-bytes32-address-: xref:access.adoc#AccessControlDefaultAdminRules-_grantRole-bytes32-address- :xref-AccessControlDefaultAdminRules-_revokeRole-bytes32-address-: xref:access.adoc#AccessControlDefaultAdminRules-_revokeRole-bytes32-address- :xref-AccessControlDefaultAdminRules-_setRoleAdmin-bytes32-bytes32-: xref:access.adoc#AccessControlDefaultAdminRules-_setRoleAdmin-bytes32-bytes32- :xref-AccessControlDefaultAdminRules-defaultAdmin--: xref:access.adoc#AccessControlDefaultAdminRules-defaultAdmin-- :xref-AccessControlDefaultAdminRules-pendingDefaultAdmin--: xref:access.adoc#AccessControlDefaultAdminRules-pendingDefaultAdmin-- :xref-AccessControlDefaultAdminRules-defaultAdminDelay--: xref:access.adoc#AccessControlDefaultAdminRules-defaultAdminDelay-- :xref-AccessControlDefaultAdminRules-pendingDefaultAdminDelay--: xref:access.adoc#AccessControlDefaultAdminRules-pendingDefaultAdminDelay-- :xref-AccessControlDefaultAdminRules-defaultAdminDelayIncreaseWait--: xref:access.adoc#AccessControlDefaultAdminRules-defaultAdminDelayIncreaseWait-- :xref-AccessControlDefaultAdminRules-beginDefaultAdminTransfer-address-: xref:access.adoc#AccessControlDefaultAdminRules-beginDefaultAdminTransfer-address- :xref-AccessControlDefaultAdminRules-_beginDefaultAdminTransfer-address-: xref:access.adoc#AccessControlDefaultAdminRules-_beginDefaultAdminTransfer-address- :xref-AccessControlDefaultAdminRules-cancelDefaultAdminTransfer--: xref:access.adoc#AccessControlDefaultAdminRules-cancelDefaultAdminTransfer-- :xref-AccessControlDefaultAdminRules-_cancelDefaultAdminTransfer--: xref:access.adoc#AccessControlDefaultAdminRules-_cancelDefaultAdminTransfer-- :xref-AccessControlDefaultAdminRules-acceptDefaultAdminTransfer--: xref:access.adoc#AccessControlDefaultAdminRules-acceptDefaultAdminTransfer-- :xref-AccessControlDefaultAdminRules-_acceptDefaultAdminTransfer--: xref:access.adoc#AccessControlDefaultAdminRules-_acceptDefaultAdminTransfer-- :xref-AccessControlDefaultAdminRules-changeDefaultAdminDelay-uint48-: xref:access.adoc#AccessControlDefaultAdminRules-changeDefaultAdminDelay-uint48- :xref-AccessControlDefaultAdminRules-_changeDefaultAdminDelay-uint48-: xref:access.adoc#AccessControlDefaultAdminRules-_changeDefaultAdminDelay-uint48- :xref-AccessControlDefaultAdminRules-rollbackDefaultAdminDelay--: xref:access.adoc#AccessControlDefaultAdminRules-rollbackDefaultAdminDelay-- :xref-AccessControlDefaultAdminRules-_rollbackDefaultAdminDelay--: xref:access.adoc#AccessControlDefaultAdminRules-_rollbackDefaultAdminDelay-- :xref-AccessControlDefaultAdminRules-_delayChangeWait-uint48-: xref:access.adoc#AccessControlDefaultAdminRules-_delayChangeWait-uint48- :xref-AccessControl-hasRole-bytes32-address-: xref:access.adoc#AccessControl-hasRole-bytes32-address- :xref-AccessControl-_checkRole-bytes32-: xref:access.adoc#AccessControl-_checkRole-bytes32- :xref-AccessControl-_checkRole-bytes32-address-: xref:access.adoc#AccessControl-_checkRole-bytes32-address- :xref-AccessControl-getRoleAdmin-bytes32-: xref:access.adoc#AccessControl-getRoleAdmin-bytes32- :xref-AccessControl-_setupRole-bytes32-address-: xref:access.adoc#AccessControl-_setupRole-bytes32-address- :xref-IAccessControlDefaultAdminRules-DefaultAdminTransferScheduled-address-uint48-: xref:access.adoc#IAccessControlDefaultAdminRules-DefaultAdminTransferScheduled-address-uint48- :xref-IAccessControlDefaultAdminRules-DefaultAdminTransferCanceled--: xref:access.adoc#IAccessControlDefaultAdminRules-DefaultAdminTransferCanceled-- :xref-IAccessControlDefaultAdminRules-DefaultAdminDelayChangeScheduled-uint48-uint48-: xref:access.adoc#IAccessControlDefaultAdminRules-DefaultAdminDelayChangeScheduled-uint48-uint48- :xref-IAccessControlDefaultAdminRules-DefaultAdminDelayChangeCanceled--: xref:access.adoc#IAccessControlDefaultAdminRules-DefaultAdminDelayChangeCanceled-- :xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-: xref:access.adoc#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32- :xref-IAccessControl-RoleGranted-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleGranted-bytes32-address-address- :xref-IAccessControl-RoleRevoked-bytes32-address-address-: xref:access.adoc#IAccessControl-RoleRevoked-bytes32-address-address- :IERC165-supportsInterface: pass:normal[xref:utils.adoc#IERC165-supportsInterface-bytes4-[`IERC165.supportsInterface`]] :IERC5313-owner: pass:normal[xref:interfaces.adoc#IERC5313-owner--[`IERC5313.owner`]] :AccessControl-grantRole: pass:normal[xref:access.adoc#AccessControl-grantRole-bytes32-address-[`AccessControl.grantRole`]] :AccessControl-revokeRole: pass:normal[xref:access.adoc#AccessControl-revokeRole-bytes32-address-[`AccessControl.revokeRole`]] :AccessControl-renounceRole: pass:normal[xref:access.adoc#AccessControl-renounceRole-bytes32-address-[`AccessControl.renounceRole`]] :AccessControl-_grantRole: pass:normal[xref:access.adoc#AccessControl-_grantRole-bytes32-address-[`AccessControl._grantRole`]] :AccessControl-_revokeRole: pass:normal[xref:access.adoc#AccessControl-_revokeRole-bytes32-address-[`AccessControl._revokeRole`]] :AccessControl-_setRoleAdmin: pass:normal[xref:access.adoc#AccessControl-_setRoleAdmin-bytes32-bytes32-[`AccessControl._setRoleAdmin`]] = Access Control [.readme-notice] NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/api/access This directory provides ways to restrict who can access the functions of a contract or when they can do it. - {AccessControl} provides a general role based access control mechanism. Multiple hierarchical roles can be created and assigned each to multiple accounts. - {Ownable} is a simpler mechanism with a single owner "role" that can be assigned to a single account. This simpler mechanism can be useful for quick tests but projects with production concerns are likely to outgrow it. == Authorization :OwnershipTransferred: pass:normal[xref:#Ownable-OwnershipTransferred-address-address-[`++OwnershipTransferred++`]] :constructor: pass:normal[xref:#Ownable-constructor--[`++constructor++`]] :onlyOwner: pass:normal[xref:#Ownable-onlyOwner--[`++onlyOwner++`]] :owner: pass:normal[xref:#Ownable-owner--[`++owner++`]] :_checkOwner: pass:normal[xref:#Ownable-_checkOwner--[`++_checkOwner++`]] :renounceOwnership: pass:normal[xref:#Ownable-renounceOwnership--[`++renounceOwnership++`]] :transferOwnership: pass:normal[xref:#Ownable-transferOwnership-address-[`++transferOwnership++`]] :_transferOwnership: pass:normal[xref:#Ownable-_transferOwnership-address-[`++_transferOwnership++`]] [.contract] [[Ownable]] === `++Ownable++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/Ownable.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/Ownable.sol"; ``` Contract module which provides a basic access control mechanism, where there is an account (an owner) that can be granted exclusive access to specific functions. By default, the owner account will be the one that deploys the contract. This can later be changed with {transferOwnership}. This module is used through inheritance. It will make available the modifier `onlyOwner`, which can be applied to your functions to restrict their use to the owner. [.contract-index] .Modifiers -- * {xref-Ownable-onlyOwner--}[`++onlyOwner()++`] -- [.contract-index] .Functions -- * {xref-Ownable-constructor--}[`++constructor()++`] * {xref-Ownable-owner--}[`++owner()++`] * {xref-Ownable-_checkOwner--}[`++_checkOwner()++`] * {xref-Ownable-renounceOwnership--}[`++renounceOwnership()++`] * {xref-Ownable-transferOwnership-address-}[`++transferOwnership(newOwner)++`] * {xref-Ownable-_transferOwnership-address-}[`++_transferOwnership(newOwner)++`] -- [.contract-index] .Events -- * {xref-Ownable-OwnershipTransferred-address-address-}[`++OwnershipTransferred(previousOwner, newOwner)++`] -- [.contract-item] [[Ownable-onlyOwner--]] ==== `[.contract-item-name]#++onlyOwner++#++()++` [.item-kind]#modifier# Throws if called by any account other than the owner. [.contract-item] [[Ownable-constructor--]] ==== `[.contract-item-name]#++constructor++#++()++` [.item-kind]#internal# Initializes the contract setting the deployer as the initial owner. [.contract-item] [[Ownable-owner--]] ==== `[.contract-item-name]#++owner++#++() → address++` [.item-kind]#public# Returns the address of the current owner. [.contract-item] [[Ownable-_checkOwner--]] ==== `[.contract-item-name]#++_checkOwner++#++()++` [.item-kind]#internal# Throws if the sender is not the owner. [.contract-item] [[Ownable-renounceOwnership--]] ==== `[.contract-item-name]#++renounceOwnership++#++()++` [.item-kind]#public# Leaves the contract without owner. It will not be possible to call `onlyOwner` functions. Can only be called by the current owner. NOTE: Renouncing ownership will leave the contract without an owner, thereby disabling any functionality that is only available to the owner. [.contract-item] [[Ownable-transferOwnership-address-]] ==== `[.contract-item-name]#++transferOwnership++#++(address newOwner)++` [.item-kind]#public# Transfers ownership of the contract to a new account (`newOwner`). Can only be called by the current owner. [.contract-item] [[Ownable-_transferOwnership-address-]] ==== `[.contract-item-name]#++_transferOwnership++#++(address newOwner)++` [.item-kind]#internal# Transfers ownership of the contract to a new account (`newOwner`). Internal function without access restriction. [.contract-item] [[Ownable-OwnershipTransferred-address-address-]] ==== `[.contract-item-name]#++OwnershipTransferred++#++(address indexed previousOwner, address indexed newOwner)++` [.item-kind]#event# :OwnershipTransferStarted: pass:normal[xref:#Ownable2Step-OwnershipTransferStarted-address-address-[`++OwnershipTransferStarted++`]] :pendingOwner: pass:normal[xref:#Ownable2Step-pendingOwner--[`++pendingOwner++`]] :transferOwnership: pass:normal[xref:#Ownable2Step-transferOwnership-address-[`++transferOwnership++`]] :_transferOwnership: pass:normal[xref:#Ownable2Step-_transferOwnership-address-[`++_transferOwnership++`]] :acceptOwnership: pass:normal[xref:#Ownable2Step-acceptOwnership--[`++acceptOwnership++`]] [.contract] [[Ownable2Step]] === `++Ownable2Step++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/Ownable2Step.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/Ownable2Step.sol"; ``` Contract module which provides access control mechanism, where there is an account (an owner) that can be granted exclusive access to specific functions. By default, the owner account will be the one that deploys the contract. This can later be changed with {transferOwnership} and {acceptOwnership}. This module is used through inheritance. It will make available all functions from parent (Ownable). [.contract-index] .Functions -- * {xref-Ownable2Step-pendingOwner--}[`++pendingOwner()++`] * {xref-Ownable2Step-transferOwnership-address-}[`++transferOwnership(newOwner)++`] * {xref-Ownable2Step-_transferOwnership-address-}[`++_transferOwnership(newOwner)++`] * {xref-Ownable2Step-acceptOwnership--}[`++acceptOwnership()++`] [.contract-subindex-inherited] .Ownable * {xref-Ownable-owner--}[`++owner()++`] * {xref-Ownable-_checkOwner--}[`++_checkOwner()++`] * {xref-Ownable-renounceOwnership--}[`++renounceOwnership()++`] -- [.contract-index] .Events -- * {xref-Ownable2Step-OwnershipTransferStarted-address-address-}[`++OwnershipTransferStarted(previousOwner, newOwner)++`] [.contract-subindex-inherited] .Ownable * {xref-Ownable-OwnershipTransferred-address-address-}[`++OwnershipTransferred(previousOwner, newOwner)++`] -- [.contract-item] [[Ownable2Step-pendingOwner--]] ==== `[.contract-item-name]#++pendingOwner++#++() → address++` [.item-kind]#public# Returns the address of the pending owner. [.contract-item] [[Ownable2Step-transferOwnership-address-]] ==== `[.contract-item-name]#++transferOwnership++#++(address newOwner)++` [.item-kind]#public# Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one. Can only be called by the current owner. [.contract-item] [[Ownable2Step-_transferOwnership-address-]] ==== `[.contract-item-name]#++_transferOwnership++#++(address newOwner)++` [.item-kind]#internal# Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner. Internal function without access restriction. [.contract-item] [[Ownable2Step-acceptOwnership--]] ==== `[.contract-item-name]#++acceptOwnership++#++()++` [.item-kind]#public# The new owner accepts the ownership transfer. [.contract-item] [[Ownable2Step-OwnershipTransferStarted-address-address-]] ==== `[.contract-item-name]#++OwnershipTransferStarted++#++(address indexed previousOwner, address indexed newOwner)++` [.item-kind]#event# :RoleAdminChanged: pass:normal[xref:#IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-[`++RoleAdminChanged++`]] :RoleGranted: pass:normal[xref:#IAccessControl-RoleGranted-bytes32-address-address-[`++RoleGranted++`]] :RoleRevoked: pass:normal[xref:#IAccessControl-RoleRevoked-bytes32-address-address-[`++RoleRevoked++`]] :hasRole: pass:normal[xref:#IAccessControl-hasRole-bytes32-address-[`++hasRole++`]] :getRoleAdmin: pass:normal[xref:#IAccessControl-getRoleAdmin-bytes32-[`++getRoleAdmin++`]] :grantRole: pass:normal[xref:#IAccessControl-grantRole-bytes32-address-[`++grantRole++`]] :revokeRole: pass:normal[xref:#IAccessControl-revokeRole-bytes32-address-[`++revokeRole++`]] :renounceRole: pass:normal[xref:#IAccessControl-renounceRole-bytes32-address-[`++renounceRole++`]] [.contract] [[IAccessControl]] === `++IAccessControl++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/IAccessControl.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/IAccessControl.sol"; ``` External interface of AccessControl declared to support ERC165 detection. [.contract-index] .Functions -- * {xref-IAccessControl-hasRole-bytes32-address-}[`++hasRole(role, account)++`] * {xref-IAccessControl-getRoleAdmin-bytes32-}[`++getRoleAdmin(role)++`] * {xref-IAccessControl-grantRole-bytes32-address-}[`++grantRole(role, account)++`] * {xref-IAccessControl-revokeRole-bytes32-address-}[`++revokeRole(role, account)++`] * {xref-IAccessControl-renounceRole-bytes32-address-}[`++renounceRole(role, account)++`] -- [.contract-index] .Events -- * {xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-}[`++RoleAdminChanged(role, previousAdminRole, newAdminRole)++`] * {xref-IAccessControl-RoleGranted-bytes32-address-address-}[`++RoleGranted(role, account, sender)++`] * {xref-IAccessControl-RoleRevoked-bytes32-address-address-}[`++RoleRevoked(role, account, sender)++`] -- [.contract-item] [[IAccessControl-hasRole-bytes32-address-]] ==== `[.contract-item-name]#++hasRole++#++(bytes32 role, address account) → bool++` [.item-kind]#external# Returns `true` if `account` has been granted `role`. [.contract-item] [[IAccessControl-getRoleAdmin-bytes32-]] ==== `[.contract-item-name]#++getRoleAdmin++#++(bytes32 role) → bytes32++` [.item-kind]#external# Returns the admin role that controls `role`. See {grantRole} and {revokeRole}. To change a role's admin, use {AccessControl-_setRoleAdmin}. [.contract-item] [[IAccessControl-grantRole-bytes32-address-]] ==== `[.contract-item-name]#++grantRole++#++(bytes32 role, address account)++` [.item-kind]#external# Grants `role` to `account`. If `account` had not been already granted `role`, emits a {RoleGranted} event. Requirements: - the caller must have ``role``'s admin role. [.contract-item] [[IAccessControl-revokeRole-bytes32-address-]] ==== `[.contract-item-name]#++revokeRole++#++(bytes32 role, address account)++` [.item-kind]#external# Revokes `role` from `account`. If `account` had been granted `role`, emits a {RoleRevoked} event. Requirements: - the caller must have ``role``'s admin role. [.contract-item] [[IAccessControl-renounceRole-bytes32-address-]] ==== `[.contract-item-name]#++renounceRole++#++(bytes32 role, address account)++` [.item-kind]#external# Revokes `role` from the calling account. Roles are often managed via {grantRole} and {revokeRole}: this function's purpose is to provide a mechanism for accounts to lose their privileges if they are compromised (such as when a trusted device is misplaced). If the calling account had been granted `role`, emits a {RoleRevoked} event. Requirements: - the caller must be `account`. [.contract-item] [[IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-]] ==== `[.contract-item-name]#++RoleAdminChanged++#++(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole)++` [.item-kind]#event# Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole` `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite {RoleAdminChanged} not being emitted signaling this. _Available since v3.1._ [.contract-item] [[IAccessControl-RoleGranted-bytes32-address-address-]] ==== `[.contract-item-name]#++RoleGranted++#++(bytes32 indexed role, address indexed account, address indexed sender)++` [.item-kind]#event# Emitted when `account` is granted `role`. `sender` is the account that originated the contract call, an admin role bearer except when using {AccessControl-_setupRole}. [.contract-item] [[IAccessControl-RoleRevoked-bytes32-address-address-]] ==== `[.contract-item-name]#++RoleRevoked++#++(bytes32 indexed role, address indexed account, address indexed sender)++` [.item-kind]#event# Emitted when `account` is revoked `role`. `sender` is the account that originated the contract call: - if using `revokeRole`, it is the admin role bearer - if using `renounceRole`, it is the role bearer (i.e. `account`) :RoleData: pass:normal[xref:#AccessControl-RoleData[`++RoleData++`]] :DEFAULT_ADMIN_ROLE: pass:normal[xref:#AccessControl-DEFAULT_ADMIN_ROLE-bytes32[`++DEFAULT_ADMIN_ROLE++`]] :onlyRole: pass:normal[xref:#AccessControl-onlyRole-bytes32-[`++onlyRole++`]] :supportsInterface: pass:normal[xref:#AccessControl-supportsInterface-bytes4-[`++supportsInterface++`]] :hasRole: pass:normal[xref:#AccessControl-hasRole-bytes32-address-[`++hasRole++`]] :_checkRole: pass:normal[xref:#AccessControl-_checkRole-bytes32-[`++_checkRole++`]] :_checkRole: pass:normal[xref:#AccessControl-_checkRole-bytes32-address-[`++_checkRole++`]] :getRoleAdmin: pass:normal[xref:#AccessControl-getRoleAdmin-bytes32-[`++getRoleAdmin++`]] :grantRole: pass:normal[xref:#AccessControl-grantRole-bytes32-address-[`++grantRole++`]] :revokeRole: pass:normal[xref:#AccessControl-revokeRole-bytes32-address-[`++revokeRole++`]] :renounceRole: pass:normal[xref:#AccessControl-renounceRole-bytes32-address-[`++renounceRole++`]] :_setupRole: pass:normal[xref:#AccessControl-_setupRole-bytes32-address-[`++_setupRole++`]] :_setRoleAdmin: pass:normal[xref:#AccessControl-_setRoleAdmin-bytes32-bytes32-[`++_setRoleAdmin++`]] :_grantRole: pass:normal[xref:#AccessControl-_grantRole-bytes32-address-[`++_grantRole++`]] :_revokeRole: pass:normal[xref:#AccessControl-_revokeRole-bytes32-address-[`++_revokeRole++`]] [.contract] [[AccessControl]] === `++AccessControl++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/AccessControl.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/AccessControl.sol"; ``` Contract module that allows children to implement role-based access control mechanisms. This is a lightweight version that doesn't allow enumerating role members except through off-chain means by accessing the contract event logs. Some applications may benefit from on-chain enumerability, for those cases see {AccessControlEnumerable}. Roles are referred to by their `bytes32` identifier. These should be exposed in the external API and be unique. The best way to achieve this is by using `public constant` hash digests: ```solidity bytes32 public constant MY_ROLE = keccak256("MY_ROLE"); ``` Roles can be used to represent a set of permissions. To restrict access to a function call, use {hasRole}: ```solidity function foo() public { require(hasRole(MY_ROLE, msg.sender)); ... } ``` Roles can be granted and revoked dynamically via the {grantRole} and {revokeRole} functions. Each role has an associated admin role, and only accounts that have a role's admin role can call {grantRole} and {revokeRole}. By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means that only accounts with this role will be able to grant or revoke other roles. More complex role relationships can be created by using {_setRoleAdmin}. WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to grant and revoke this role. Extra precautions should be taken to secure accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules} to enforce additional security measures for this role. [.contract-index] .Modifiers -- * {xref-AccessControl-onlyRole-bytes32-}[`++onlyRole(role)++`] -- [.contract-index] .Functions -- * {xref-AccessControl-supportsInterface-bytes4-}[`++supportsInterface(interfaceId)++`] * {xref-AccessControl-hasRole-bytes32-address-}[`++hasRole(role, account)++`] * {xref-AccessControl-_checkRole-bytes32-}[`++_checkRole(role)++`] * {xref-AccessControl-_checkRole-bytes32-address-}[`++_checkRole(role, account)++`] * {xref-AccessControl-getRoleAdmin-bytes32-}[`++getRoleAdmin(role)++`] * {xref-AccessControl-grantRole-bytes32-address-}[`++grantRole(role, account)++`] * {xref-AccessControl-revokeRole-bytes32-address-}[`++revokeRole(role, account)++`] * {xref-AccessControl-renounceRole-bytes32-address-}[`++renounceRole(role, account)++`] * {xref-AccessControl-_setupRole-bytes32-address-}[`++_setupRole(role, account)++`] * {xref-AccessControl-_setRoleAdmin-bytes32-bytes32-}[`++_setRoleAdmin(role, adminRole)++`] * {xref-AccessControl-_grantRole-bytes32-address-}[`++_grantRole(role, account)++`] * {xref-AccessControl-_revokeRole-bytes32-address-}[`++_revokeRole(role, account)++`] [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IAccessControl -- [.contract-index] .Events -- [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IAccessControl * {xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-}[`++RoleAdminChanged(role, previousAdminRole, newAdminRole)++`] * {xref-IAccessControl-RoleGranted-bytes32-address-address-}[`++RoleGranted(role, account, sender)++`] * {xref-IAccessControl-RoleRevoked-bytes32-address-address-}[`++RoleRevoked(role, account, sender)++`] -- [.contract-item] [[AccessControl-onlyRole-bytes32-]] ==== `[.contract-item-name]#++onlyRole++#++(bytes32 role)++` [.item-kind]#modifier# Modifier that checks that an account has a specific role. Reverts with a standardized message including the required role. The format of the revert reason is given by the following regular expression: /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/ _Available since v4.1._ [.contract-item] [[AccessControl-supportsInterface-bytes4-]] ==== `[.contract-item-name]#++supportsInterface++#++(bytes4 interfaceId) → bool++` [.item-kind]#public# See {IERC165-supportsInterface}. [.contract-item] [[AccessControl-hasRole-bytes32-address-]] ==== `[.contract-item-name]#++hasRole++#++(bytes32 role, address account) → bool++` [.item-kind]#public# Returns `true` if `account` has been granted `role`. [.contract-item] [[AccessControl-_checkRole-bytes32-]] ==== `[.contract-item-name]#++_checkRole++#++(bytes32 role)++` [.item-kind]#internal# Revert with a standard message if `_msgSender()` is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier. Format of the revert message is described in {_checkRole}. _Available since v4.6._ [.contract-item] [[AccessControl-_checkRole-bytes32-address-]] ==== `[.contract-item-name]#++_checkRole++#++(bytes32 role, address account)++` [.item-kind]#internal# Revert with a standard message if `account` is missing `role`. The format of the revert reason is given by the following regular expression: /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/ [.contract-item] [[AccessControl-getRoleAdmin-bytes32-]] ==== `[.contract-item-name]#++getRoleAdmin++#++(bytes32 role) → bytes32++` [.item-kind]#public# Returns the admin role that controls `role`. See {grantRole} and {revokeRole}. To change a role's admin, use {_setRoleAdmin}. [.contract-item] [[AccessControl-grantRole-bytes32-address-]] ==== `[.contract-item-name]#++grantRole++#++(bytes32 role, address account)++` [.item-kind]#public# Grants `role` to `account`. If `account` had not been already granted `role`, emits a {RoleGranted} event. Requirements: - the caller must have ``role``'s admin role. May emit a {RoleGranted} event. [.contract-item] [[AccessControl-revokeRole-bytes32-address-]] ==== `[.contract-item-name]#++revokeRole++#++(bytes32 role, address account)++` [.item-kind]#public# Revokes `role` from `account`. If `account` had been granted `role`, emits a {RoleRevoked} event. Requirements: - the caller must have ``role``'s admin role. May emit a {RoleRevoked} event. [.contract-item] [[AccessControl-renounceRole-bytes32-address-]] ==== `[.contract-item-name]#++renounceRole++#++(bytes32 role, address account)++` [.item-kind]#public# Revokes `role` from the calling account. Roles are often managed via {grantRole} and {revokeRole}: this function's purpose is to provide a mechanism for accounts to lose their privileges if they are compromised (such as when a trusted device is misplaced). If the calling account had been revoked `role`, emits a {RoleRevoked} event. Requirements: - the caller must be `account`. May emit a {RoleRevoked} event. [.contract-item] [[AccessControl-_setupRole-bytes32-address-]] ==== `[.contract-item-name]#++_setupRole++#++(bytes32 role, address account)++` [.item-kind]#internal# Grants `role` to `account`. If `account` had not been already granted `role`, emits a {RoleGranted} event. Note that unlike {grantRole}, this function doesn't perform any checks on the calling account. May emit a {RoleGranted} event. [WARNING] ==== This function should only be called from the constructor when setting up the initial roles for the system. Using this function in any other way is effectively circumventing the admin system imposed by {AccessControl}. ==== NOTE: This function is deprecated in favor of {_grantRole}. [.contract-item] [[AccessControl-_setRoleAdmin-bytes32-bytes32-]] ==== `[.contract-item-name]#++_setRoleAdmin++#++(bytes32 role, bytes32 adminRole)++` [.item-kind]#internal# Sets `adminRole` as ``role``'s admin role. Emits a {RoleAdminChanged} event. [.contract-item] [[AccessControl-_grantRole-bytes32-address-]] ==== `[.contract-item-name]#++_grantRole++#++(bytes32 role, address account)++` [.item-kind]#internal# Grants `role` to `account`. Internal function without access restriction. May emit a {RoleGranted} event. [.contract-item] [[AccessControl-_revokeRole-bytes32-address-]] ==== `[.contract-item-name]#++_revokeRole++#++(bytes32 role, address account)++` [.item-kind]#internal# Revokes `role` from `account`. Internal function without access restriction. May emit a {RoleRevoked} event. :CROSSCHAIN_ALIAS: pass:normal[xref:#AccessControlCrossChain-CROSSCHAIN_ALIAS-bytes32[`++CROSSCHAIN_ALIAS++`]] :_checkRole: pass:normal[xref:#AccessControlCrossChain-_checkRole-bytes32-[`++_checkRole++`]] :_crossChainRoleAlias: pass:normal[xref:#AccessControlCrossChain-_crossChainRoleAlias-bytes32-[`++_crossChainRoleAlias++`]] [.contract] [[AccessControlCrossChain]] === `++AccessControlCrossChain++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/AccessControlCrossChain.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/AccessControlCrossChain.sol"; ``` An extension to {AccessControl} with support for cross-chain access management. For each role, is extension implements an equivalent "aliased" role that is used for restricting calls originating from other chains. For example, if a function `myFunction` is protected by `onlyRole(SOME_ROLE)`, and if an address `x` has role `SOME_ROLE`, it would be able to call `myFunction` directly. A wallet or contract at the same address on another chain would however not be able to call this function. In order to do so, it would require to have the role `_crossChainRoleAlias(SOME_ROLE)`. This aliasing is required to protect against multiple contracts living at the same address on different chains but controlled by conflicting entities. _Available since v4.6._ [.contract-index] .Functions -- * {xref-AccessControlCrossChain-_checkRole-bytes32-}[`++_checkRole(role)++`] * {xref-AccessControlCrossChain-_crossChainRoleAlias-bytes32-}[`++_crossChainRoleAlias(role)++`] [.contract-subindex-inherited] .CrossChainEnabled * {xref-CrossChainEnabled-_isCrossChain--}[`++_isCrossChain()++`] * {xref-CrossChainEnabled-_crossChainSender--}[`++_crossChainSender()++`] [.contract-subindex-inherited] .AccessControl * {xref-AccessControl-supportsInterface-bytes4-}[`++supportsInterface(interfaceId)++`] * {xref-AccessControl-hasRole-bytes32-address-}[`++hasRole(role, account)++`] * {xref-AccessControl-_checkRole-bytes32-address-}[`++_checkRole(role, account)++`] * {xref-AccessControl-getRoleAdmin-bytes32-}[`++getRoleAdmin(role)++`] * {xref-AccessControl-grantRole-bytes32-address-}[`++grantRole(role, account)++`] * {xref-AccessControl-revokeRole-bytes32-address-}[`++revokeRole(role, account)++`] * {xref-AccessControl-renounceRole-bytes32-address-}[`++renounceRole(role, account)++`] * {xref-AccessControl-_setupRole-bytes32-address-}[`++_setupRole(role, account)++`] * {xref-AccessControl-_setRoleAdmin-bytes32-bytes32-}[`++_setRoleAdmin(role, adminRole)++`] * {xref-AccessControl-_grantRole-bytes32-address-}[`++_grantRole(role, account)++`] * {xref-AccessControl-_revokeRole-bytes32-address-}[`++_revokeRole(role, account)++`] [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IAccessControl -- [.contract-index] .Events -- [.contract-subindex-inherited] .CrossChainEnabled [.contract-subindex-inherited] .AccessControl [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IAccessControl * {xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-}[`++RoleAdminChanged(role, previousAdminRole, newAdminRole)++`] * {xref-IAccessControl-RoleGranted-bytes32-address-address-}[`++RoleGranted(role, account, sender)++`] * {xref-IAccessControl-RoleRevoked-bytes32-address-address-}[`++RoleRevoked(role, account, sender)++`] -- [.contract-item] [[AccessControlCrossChain-_checkRole-bytes32-]] ==== `[.contract-item-name]#++_checkRole++#++(bytes32 role)++` [.item-kind]#internal# See {AccessControl-_checkRole}. [.contract-item] [[AccessControlCrossChain-_crossChainRoleAlias-bytes32-]] ==== `[.contract-item-name]#++_crossChainRoleAlias++#++(bytes32 role) → bytes32++` [.item-kind]#internal# Returns the aliased role corresponding to `role`. :getRoleMember: pass:normal[xref:#IAccessControlEnumerable-getRoleMember-bytes32-uint256-[`++getRoleMember++`]] :getRoleMemberCount: pass:normal[xref:#IAccessControlEnumerable-getRoleMemberCount-bytes32-[`++getRoleMemberCount++`]] [.contract] [[IAccessControlEnumerable]] === `++IAccessControlEnumerable++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/IAccessControlEnumerable.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/IAccessControlEnumerable.sol"; ``` External interface of AccessControlEnumerable declared to support ERC165 detection. [.contract-index] .Functions -- * {xref-IAccessControlEnumerable-getRoleMember-bytes32-uint256-}[`++getRoleMember(role, index)++`] * {xref-IAccessControlEnumerable-getRoleMemberCount-bytes32-}[`++getRoleMemberCount(role)++`] [.contract-subindex-inherited] .IAccessControl * {xref-IAccessControl-hasRole-bytes32-address-}[`++hasRole(role, account)++`] * {xref-IAccessControl-getRoleAdmin-bytes32-}[`++getRoleAdmin(role)++`] * {xref-IAccessControl-grantRole-bytes32-address-}[`++grantRole(role, account)++`] * {xref-IAccessControl-revokeRole-bytes32-address-}[`++revokeRole(role, account)++`] * {xref-IAccessControl-renounceRole-bytes32-address-}[`++renounceRole(role, account)++`] -- [.contract-index] .Events -- [.contract-subindex-inherited] .IAccessControl * {xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-}[`++RoleAdminChanged(role, previousAdminRole, newAdminRole)++`] * {xref-IAccessControl-RoleGranted-bytes32-address-address-}[`++RoleGranted(role, account, sender)++`] * {xref-IAccessControl-RoleRevoked-bytes32-address-address-}[`++RoleRevoked(role, account, sender)++`] -- [.contract-item] [[IAccessControlEnumerable-getRoleMember-bytes32-uint256-]] ==== `[.contract-item-name]#++getRoleMember++#++(bytes32 role, uint256 index) → address++` [.item-kind]#external# Returns one of the accounts that have `role`. `index` must be a value between 0 and {getRoleMemberCount}, non-inclusive. Role bearers are not sorted in any particular way, and their ordering may change at any point. WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure you perform all queries on the same block. See the following https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post] for more information. [.contract-item] [[IAccessControlEnumerable-getRoleMemberCount-bytes32-]] ==== `[.contract-item-name]#++getRoleMemberCount++#++(bytes32 role) → uint256++` [.item-kind]#external# Returns the number of accounts that have `role`. Can be used together with {getRoleMember} to enumerate all bearers of a role. :supportsInterface: pass:normal[xref:#AccessControlEnumerable-supportsInterface-bytes4-[`++supportsInterface++`]] :getRoleMember: pass:normal[xref:#AccessControlEnumerable-getRoleMember-bytes32-uint256-[`++getRoleMember++`]] :getRoleMemberCount: pass:normal[xref:#AccessControlEnumerable-getRoleMemberCount-bytes32-[`++getRoleMemberCount++`]] :_grantRole: pass:normal[xref:#AccessControlEnumerable-_grantRole-bytes32-address-[`++_grantRole++`]] :_revokeRole: pass:normal[xref:#AccessControlEnumerable-_revokeRole-bytes32-address-[`++_revokeRole++`]] [.contract] [[AccessControlEnumerable]] === `++AccessControlEnumerable++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/AccessControlEnumerable.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/AccessControlEnumerable.sol"; ``` Extension of {AccessControl} that allows enumerating the members of each role. [.contract-index] .Functions -- * {xref-AccessControlEnumerable-supportsInterface-bytes4-}[`++supportsInterface(interfaceId)++`] * {xref-AccessControlEnumerable-getRoleMember-bytes32-uint256-}[`++getRoleMember(role, index)++`] * {xref-AccessControlEnumerable-getRoleMemberCount-bytes32-}[`++getRoleMemberCount(role)++`] * {xref-AccessControlEnumerable-_grantRole-bytes32-address-}[`++_grantRole(role, account)++`] * {xref-AccessControlEnumerable-_revokeRole-bytes32-address-}[`++_revokeRole(role, account)++`] [.contract-subindex-inherited] .AccessControl * {xref-AccessControl-hasRole-bytes32-address-}[`++hasRole(role, account)++`] * {xref-AccessControl-_checkRole-bytes32-}[`++_checkRole(role)++`] * {xref-AccessControl-_checkRole-bytes32-address-}[`++_checkRole(role, account)++`] * {xref-AccessControl-getRoleAdmin-bytes32-}[`++getRoleAdmin(role)++`] * {xref-AccessControl-grantRole-bytes32-address-}[`++grantRole(role, account)++`] * {xref-AccessControl-revokeRole-bytes32-address-}[`++revokeRole(role, account)++`] * {xref-AccessControl-renounceRole-bytes32-address-}[`++renounceRole(role, account)++`] * {xref-AccessControl-_setupRole-bytes32-address-}[`++_setupRole(role, account)++`] * {xref-AccessControl-_setRoleAdmin-bytes32-bytes32-}[`++_setRoleAdmin(role, adminRole)++`] [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IAccessControlEnumerable [.contract-subindex-inherited] .IAccessControl -- [.contract-index] .Events -- [.contract-subindex-inherited] .AccessControl [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IAccessControlEnumerable [.contract-subindex-inherited] .IAccessControl * {xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-}[`++RoleAdminChanged(role, previousAdminRole, newAdminRole)++`] * {xref-IAccessControl-RoleGranted-bytes32-address-address-}[`++RoleGranted(role, account, sender)++`] * {xref-IAccessControl-RoleRevoked-bytes32-address-address-}[`++RoleRevoked(role, account, sender)++`] -- [.contract-item] [[AccessControlEnumerable-supportsInterface-bytes4-]] ==== `[.contract-item-name]#++supportsInterface++#++(bytes4 interfaceId) → bool++` [.item-kind]#public# See {IERC165-supportsInterface}. [.contract-item] [[AccessControlEnumerable-getRoleMember-bytes32-uint256-]] ==== `[.contract-item-name]#++getRoleMember++#++(bytes32 role, uint256 index) → address++` [.item-kind]#public# Returns one of the accounts that have `role`. `index` must be a value between 0 and {getRoleMemberCount}, non-inclusive. Role bearers are not sorted in any particular way, and their ordering may change at any point. WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure you perform all queries on the same block. See the following https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post] for more information. [.contract-item] [[AccessControlEnumerable-getRoleMemberCount-bytes32-]] ==== `[.contract-item-name]#++getRoleMemberCount++#++(bytes32 role) → uint256++` [.item-kind]#public# Returns the number of accounts that have `role`. Can be used together with {getRoleMember} to enumerate all bearers of a role. [.contract-item] [[AccessControlEnumerable-_grantRole-bytes32-address-]] ==== `[.contract-item-name]#++_grantRole++#++(bytes32 role, address account)++` [.item-kind]#internal# Overload {_grantRole} to track enumerable memberships [.contract-item] [[AccessControlEnumerable-_revokeRole-bytes32-address-]] ==== `[.contract-item-name]#++_revokeRole++#++(bytes32 role, address account)++` [.item-kind]#internal# Overload {_revokeRole} to track enumerable memberships :constructor: pass:normal[xref:#AccessControlDefaultAdminRules-constructor-uint48-address-[`++constructor++`]] :supportsInterface: pass:normal[xref:#AccessControlDefaultAdminRules-supportsInterface-bytes4-[`++supportsInterface++`]] :owner: pass:normal[xref:#AccessControlDefaultAdminRules-owner--[`++owner++`]] :grantRole: pass:normal[xref:#AccessControlDefaultAdminRules-grantRole-bytes32-address-[`++grantRole++`]] :revokeRole: pass:normal[xref:#AccessControlDefaultAdminRules-revokeRole-bytes32-address-[`++revokeRole++`]] :renounceRole: pass:normal[xref:#AccessControlDefaultAdminRules-renounceRole-bytes32-address-[`++renounceRole++`]] :_grantRole: pass:normal[xref:#AccessControlDefaultAdminRules-_grantRole-bytes32-address-[`++_grantRole++`]] :_revokeRole: pass:normal[xref:#AccessControlDefaultAdminRules-_revokeRole-bytes32-address-[`++_revokeRole++`]] :_setRoleAdmin: pass:normal[xref:#AccessControlDefaultAdminRules-_setRoleAdmin-bytes32-bytes32-[`++_setRoleAdmin++`]] :defaultAdmin: pass:normal[xref:#AccessControlDefaultAdminRules-defaultAdmin--[`++defaultAdmin++`]] :pendingDefaultAdmin: pass:normal[xref:#AccessControlDefaultAdminRules-pendingDefaultAdmin--[`++pendingDefaultAdmin++`]] :defaultAdminDelay: pass:normal[xref:#AccessControlDefaultAdminRules-defaultAdminDelay--[`++defaultAdminDelay++`]] :pendingDefaultAdminDelay: pass:normal[xref:#AccessControlDefaultAdminRules-pendingDefaultAdminDelay--[`++pendingDefaultAdminDelay++`]] :defaultAdminDelayIncreaseWait: pass:normal[xref:#AccessControlDefaultAdminRules-defaultAdminDelayIncreaseWait--[`++defaultAdminDelayIncreaseWait++`]] :beginDefaultAdminTransfer: pass:normal[xref:#AccessControlDefaultAdminRules-beginDefaultAdminTransfer-address-[`++beginDefaultAdminTransfer++`]] :_beginDefaultAdminTransfer: pass:normal[xref:#AccessControlDefaultAdminRules-_beginDefaultAdminTransfer-address-[`++_beginDefaultAdminTransfer++`]] :cancelDefaultAdminTransfer: pass:normal[xref:#AccessControlDefaultAdminRules-cancelDefaultAdminTransfer--[`++cancelDefaultAdminTransfer++`]] :_cancelDefaultAdminTransfer: pass:normal[xref:#AccessControlDefaultAdminRules-_cancelDefaultAdminTransfer--[`++_cancelDefaultAdminTransfer++`]] :acceptDefaultAdminTransfer: pass:normal[xref:#AccessControlDefaultAdminRules-acceptDefaultAdminTransfer--[`++acceptDefaultAdminTransfer++`]] :_acceptDefaultAdminTransfer: pass:normal[xref:#AccessControlDefaultAdminRules-_acceptDefaultAdminTransfer--[`++_acceptDefaultAdminTransfer++`]] :changeDefaultAdminDelay: pass:normal[xref:#AccessControlDefaultAdminRules-changeDefaultAdminDelay-uint48-[`++changeDefaultAdminDelay++`]] :_changeDefaultAdminDelay: pass:normal[xref:#AccessControlDefaultAdminRules-_changeDefaultAdminDelay-uint48-[`++_changeDefaultAdminDelay++`]] :rollbackDefaultAdminDelay: pass:normal[xref:#AccessControlDefaultAdminRules-rollbackDefaultAdminDelay--[`++rollbackDefaultAdminDelay++`]] :_rollbackDefaultAdminDelay: pass:normal[xref:#AccessControlDefaultAdminRules-_rollbackDefaultAdminDelay--[`++_rollbackDefaultAdminDelay++`]] :_delayChangeWait: pass:normal[xref:#AccessControlDefaultAdminRules-_delayChangeWait-uint48-[`++_delayChangeWait++`]] [.contract] [[AccessControlDefaultAdminRules]] === `++AccessControlDefaultAdminRules++` link:https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.9.5/contracts/access/AccessControlDefaultAdminRules.sol[{github-icon},role=heading-link] [.hljs-theme-light.nopadding] ```solidity import "@openzeppelin/contracts/access/AccessControlDefaultAdminRules.sol"; ``` Extension of {AccessControl} that allows specifying special rules to manage the `DEFAULT_ADMIN_ROLE` holder, which is a sensitive role with special permissions over other roles that may potentially have privileged rights in the system. If a specific role doesn't have an admin role assigned, the holder of the `DEFAULT_ADMIN_ROLE` will have the ability to grant it and revoke it. This contract implements the following risk mitigations on top of {AccessControl}: * Only one account holds the `DEFAULT_ADMIN_ROLE` since deployment until it's potentially renounced. * Enforces a 2-step process to transfer the `DEFAULT_ADMIN_ROLE` to another account. * Enforces a configurable delay between the two steps, with the ability to cancel before the transfer is accepted. * The delay can be changed by scheduling, see {changeDefaultAdminDelay}. * It is not possible to use another role to manage the `DEFAULT_ADMIN_ROLE`. Example usage: ```solidity contract MyToken is AccessControlDefaultAdminRules { constructor() AccessControlDefaultAdminRules( 3 days, msg.sender // Explicit initial `DEFAULT_ADMIN_ROLE` holder ) {} } ``` _Available since v4.9._ [.contract-index] .Functions -- * {xref-AccessControlDefaultAdminRules-constructor-uint48-address-}[`++constructor(initialDelay, initialDefaultAdmin)++`] * {xref-AccessControlDefaultAdminRules-supportsInterface-bytes4-}[`++supportsInterface(interfaceId)++`] * {xref-AccessControlDefaultAdminRules-owner--}[`++owner()++`] * {xref-AccessControlDefaultAdminRules-grantRole-bytes32-address-}[`++grantRole(role, account)++`] * {xref-AccessControlDefaultAdminRules-revokeRole-bytes32-address-}[`++revokeRole(role, account)++`] * {xref-AccessControlDefaultAdminRules-renounceRole-bytes32-address-}[`++renounceRole(role, account)++`] * {xref-AccessControlDefaultAdminRules-_grantRole-bytes32-address-}[`++_grantRole(role, account)++`] * {xref-AccessControlDefaultAdminRules-_revokeRole-bytes32-address-}[`++_revokeRole(role, account)++`] * {xref-AccessControlDefaultAdminRules-_setRoleAdmin-bytes32-bytes32-}[`++_setRoleAdmin(role, adminRole)++`] * {xref-AccessControlDefaultAdminRules-defaultAdmin--}[`++defaultAdmin()++`] * {xref-AccessControlDefaultAdminRules-pendingDefaultAdmin--}[`++pendingDefaultAdmin()++`] * {xref-AccessControlDefaultAdminRules-defaultAdminDelay--}[`++defaultAdminDelay()++`] * {xref-AccessControlDefaultAdminRules-pendingDefaultAdminDelay--}[`++pendingDefaultAdminDelay()++`] * {xref-AccessControlDefaultAdminRules-defaultAdminDelayIncreaseWait--}[`++defaultAdminDelayIncreaseWait()++`] * {xref-AccessControlDefaultAdminRules-beginDefaultAdminTransfer-address-}[`++beginDefaultAdminTransfer(newAdmin)++`] * {xref-AccessControlDefaultAdminRules-_beginDefaultAdminTransfer-address-}[`++_beginDefaultAdminTransfer(newAdmin)++`] * {xref-AccessControlDefaultAdminRules-cancelDefaultAdminTransfer--}[`++cancelDefaultAdminTransfer()++`] * {xref-AccessControlDefaultAdminRules-_cancelDefaultAdminTransfer--}[`++_cancelDefaultAdminTransfer()++`] * {xref-AccessControlDefaultAdminRules-acceptDefaultAdminTransfer--}[`++acceptDefaultAdminTransfer()++`] * {xref-AccessControlDefaultAdminRules-_acceptDefaultAdminTransfer--}[`++_acceptDefaultAdminTransfer()++`] * {xref-AccessControlDefaultAdminRules-changeDefaultAdminDelay-uint48-}[`++changeDefaultAdminDelay(newDelay)++`] * {xref-AccessControlDefaultAdminRules-_changeDefaultAdminDelay-uint48-}[`++_changeDefaultAdminDelay(newDelay)++`] * {xref-AccessControlDefaultAdminRules-rollbackDefaultAdminDelay--}[`++rollbackDefaultAdminDelay()++`] * {xref-AccessControlDefaultAdminRules-_rollbackDefaultAdminDelay--}[`++_rollbackDefaultAdminDelay()++`] * {xref-AccessControlDefaultAdminRules-_delayChangeWait-uint48-}[`++_delayChangeWait(newDelay)++`] [.contract-subindex-inherited] .AccessControl * {xref-AccessControl-hasRole-bytes32-address-}[`++hasRole(role, account)++`] * {xref-AccessControl-_checkRole-bytes32-}[`++_checkRole(role)++`] * {xref-AccessControl-_checkRole-bytes32-address-}[`++_checkRole(role, account)++`] * {xref-AccessControl-getRoleAdmin-bytes32-}[`++getRoleAdmin(role)++`] * {xref-AccessControl-_setupRole-bytes32-address-}[`++_setupRole(role, account)++`] [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IERC5313 [.contract-subindex-inherited] .IAccessControlDefaultAdminRules [.contract-subindex-inherited] .IAccessControl -- [.contract-index] .Events -- [.contract-subindex-inherited] .AccessControl [.contract-subindex-inherited] .ERC165 [.contract-subindex-inherited] .IERC165 [.contract-subindex-inherited] .IERC5313 [.contract-subindex-inherited] .IAccessControlDefaultAdminRules * {xref-IAccessControlDefaultAdminRules-DefaultAdminTransferScheduled-address-uint48-}[`++DefaultAdminTransferScheduled(newAdmin, acceptSchedule)++`] * {xref-IAccessControlDefaultAdminRules-DefaultAdminTransferCanceled--}[`++DefaultAdminTransferCanceled()++`] * {xref-IAccessControlDefaultAdminRules-DefaultAdminDelayChangeScheduled-uint48-uint48-}[`++DefaultAdminDelayChangeScheduled(newDelay, effectSchedule)++`] * {xref-IAccessControlDefaultAdminRules-DefaultAdminDelayChangeCanceled--}[`++DefaultAdminDelayChangeCanceled()++`] [.contract-subindex-inherited] .IAccessControl * {xref-IAccessControl-RoleAdminChanged-bytes32-bytes32-bytes32-}[`++RoleAdminChanged(role, previousAdminRole, newAdminRole)++`] * {xref-IAccessControl-RoleGranted-bytes32-address-address-}[`++RoleGranted(role, account, sender)++`] * {xref-IAccessControl-RoleRevoked-bytes32-address-address-}[`++RoleRevoked(role, account, sender)++`] -- [.contract-item] [[AccessControlDefaultAdminRules-constructor-uint48-address-]] ==== `[.contract-item-name]#++constructor++#++(uint48 initialDelay, address initialDefaultAdmin)++` [.item-kind]#internal# Sets the initial values for {defaultAdminDelay} and {defaultAdmin} address. [.contract-item] [[AccessControlDefaultAdminRules-supportsInterface-bytes4-]] ==== `[.contract-item-name]#++supportsInterface++#++(bytes4 interfaceId) → bool++` [.item-kind]#public# See {IERC165-supportsInterface}. [.contract-item] [[AccessControlDefaultAdminRules-owner--]] ==== `[.contract-item-name]#++owner++#++() → address++` [.item-kind]#public# See {IERC5313-owner}. [.contract-item] [[AccessControlDefaultAdminRules-grantRole-bytes32-address-]] ==== `[.contract-item-name]#++grantRole++#++(bytes32 role, address account)++` [.item-kind]#public# See {AccessControl-grantRole}. Reverts for `DEFAULT_ADMIN_ROLE`. [.contract-item] [[AccessControlDefaultAdminRules-revokeRole-bytes32-address-]] ==== `[.contract-item-name]#++revokeRole++#++(bytes32 role, address account)++` [.item-kind]#public# See {AccessControl-revokeRole}. Reverts for `DEFAULT_ADMIN_ROLE`. [.contract-item] [[AccessControlDefaultAdminRules-renounceRole-bytes32-address-]] ==== `[.contract-item-name]#++renounceRole++#++(bytes32 role, address account)++` [.item-kind]#public# See {AccessControl-renounceRole}. For the `DEFAULT_ADMIN_ROLE`, it only allows renouncing in two steps by first calling {beginDefaultAdminTransfer} to the `address(0)`, so it's required that the {pendingDefaultAdmin} schedule has also passed when calling this function. After its execution, it will not be possible to call `onlyRole(DEFAULT_ADMIN_ROLE)` functions. NOTE: Renouncing `DEFAULT_ADMIN_ROLE` will leave the contract without a {defaultAdmin}, thereby disabling any functionality that is only available for it, and the possibility of reassigning a non-administrated role. [.contract-item] [[AccessControlDefaultAdminRules-_grantRole-bytes32-address-]] ==== `[.contract-item-name]#++_grantRole++#++(bytes32 role, address account)++` [.item-kind]#internal# See {AccessControl-_grantRole}. For `DEFAULT_ADMIN_ROLE`, it only allows granting if there isn't already a {defaultAdmin} or if the role has been previously renounced. NOTE: Exposing this function through another mechanism may make the `DEFAULT_ADMIN_ROLE` assignable again. Make sure to guarantee this is the expected behavior in your implementation. [.contract-item] [[AccessControlDefaultAdminRules-_revokeRole-bytes32-address-]] ==== `[.contract-item-name]#++_revokeRole++#++(bytes32 role, address account)++` [.item-kind]#internal# See {AccessControl-_revokeRole}. [.contract-item] [[AccessControlDefaultAdminRules-_setRoleAdmin-bytes32-bytes32-]] ==== `[.contract-item-name]#++_setRoleAdmin++#++(bytes32 role, bytes32 adminRole)++` [.item-kind]#internal# See {AccessControl-_setRoleAdmin}. Reverts for `DEFAULT_ADMIN_ROLE`. [.contract-item] [[AccessControlDefaultAdminRules-defaultAdmin--]] ==== `[.contract-item-name]#++defaultAdmin++#++() → address++` [.item-kind]#public# Returns the address of the current `DEFAULT_ADMIN_ROLE` holder. [.contract-item] [[AccessControlDefaultAdminRules-pendingDefaultAdmin--]] ==== `[.contract-item-name]#++pendingDefaultAdmin++#++() → address newAdmin, uint48 schedule++` [.item-kind]#public# Returns a tuple of a `newAdmin` and an accept schedule. After the `schedule` passes, the `newAdmin` will be able to accept the {defaultAdmin} role by calling {acceptDefaultAdminTransfer}, completing the role transfer. A zero value only in `acceptSchedule` indicates no pending admin transfer. NOTE: A zero address `newAdmin` means that {defaultAdmin} is being renounced. [.contract-item] [[AccessControlDefaultAdminRules-defaultAdminDelay--]] ==== `[.contract-item-name]#++defaultAdminDelay++#++() → uint48++` [.item-kind]#public# Returns the delay required to schedule the acceptance of a {defaultAdmin} transfer started. This delay will be added to the current timestamp when calling {beginDefaultAdminTransfer} to set the acceptance schedule. NOTE: If a delay change has been scheduled, it will take effect as soon as the schedule passes, making this function returns the new delay. See {changeDefaultAdminDelay}. [.contract-item] [[AccessControlDefaultAdminRules-pendingDefaultAdminDelay--]] ==== `[.contract-item-name]#++pendingDefaultAdminDelay++#++() → uint48 newDelay, uint48 schedule++` [.item-kind]#public# Returns a tuple of `newDelay` and an effect schedule. After the `schedule` passes, the `newDelay` will get into effect immediately for every new {defaultAdmin} transfer started with {beginDefaultAdminTransfer}. A zero value only in `effectSchedule` indicates no pending delay change. NOTE: A zero value only for `newDelay` means that the next {defaultAdminDelay} will be zero after the effect schedule. [.contract-item] [[AccessControlDefaultAdminRules-defaultAdminDelayIncreaseWait--]] ==== `[.contract-item-name]#++defaultAdminDelayIncreaseWait++#++() → uint48++` [.item-kind]#public# Maximum time in seconds for an increase to {defaultAdminDelay} (that is scheduled using {changeDefaultAdminDelay}) to take effect. Default to 5 days. When the {defaultAdminDelay} is scheduled to be increased, it goes into effect after the new delay has passed with the purpose of giving enough time for reverting any accidental change (i.e. using milliseconds instead of seconds) that may lock the contract. However, to avoid excessive schedules, the wait is capped by this function and it can be overrode for a custom {defaultAdminDelay} increase scheduling. IMPORTANT: Make sure to add a reasonable amount of time while overriding this value, otherwise, there's a risk of setting a high new delay that goes into effect almost immediately without the possibility of human intervention in the case of an input error (eg. set milliseconds instead of seconds). [.contract-item] [[AccessControlDefaultAdminRules-beginDefaultAdminTransfer-address-]] ==== `[.contract-item-name]#++beginDefaultAdminTransfer++#++(address newAdmin)++` [.item-kind]#public# Starts a {defaultAdmin} transfer by setting a {pendingDefaultAdmin} scheduled for acceptance after the current timestamp plus a {defaultAdminDelay}. Requirements: - Only can be called by the current {defaultAdmin}. Emits a DefaultAdminRoleChangeStarted event. [.contract-item] [[AccessControlDefaultAdminRules-_beginDefaultAdminTransfer-address-]] ==== `[.contract-item-name]#++_beginDefaultAdminTransfer++#++(address newAdmin)++` [.item-kind]#internal# See {beginDefaultAdminTransfer}. Internal function without access restriction. [.contract-item] [[AccessControlDefaultAdminRules-cancelDefaultAdminTransfer--]] ==== `[.contract-item-name]#++cancelDefaultAdminTransfer++#++()++` [.item-kind]#public# Cancels a {defaultAdmin} transfer previously started with {beginDefaultAdminTransfer}. A {pendingDefaultAdmin} not yet accepted can also be cancelled with this function. Requirements: - Only can be called by the current {defaultAdmin}. May emit a DefaultAdminTransferCanceled event. [.contract-item] [[AccessControlDefaultAdminRules-_cancelDefaultAdminTransfer--]] ==== `[.contract-item-name]#++_cancelDefaultAdminTransfer++#++()++` [.item-kind]#internal# See {cancelDefaultAdminTransfer}. Internal function without access restriction. [.contract-item] [[AccessControlDefaultAdminRules-acceptDefaultAdminTransfer--]] ==== `[.contract-item-name]#++acceptDefaultAdminTransfer++#++()++` [.item-kind]#public# Completes a {defaultAdmin} transfer previously started with {beginDefaultAdminTransfer}. After calling the function: - `DEFAULT_ADMIN_ROLE` should be granted to the caller. - `DEFAULT_ADMIN_ROLE` should be revoked from the previous holder. - {pendingDefaultAdmin} should be reset to zero values. Requirements: - Only can be called by the {pendingDefaultAdmin}'s `newAdmin`. - The {pendingDefaultAdmin}'s `acceptSchedule` should've passed. [.contract-item] [[AccessControlDefaultAdminRules-_acceptDefaultAdminTransfer--]] ==== `[.contract-item-name]#++_acceptDefaultAdminTransfer++#++()++` [.item-kind]#internal# See {acceptDefaultAdminTransfer}. Internal function without access restriction. [.contract-item] [[AccessControlDefaultAdminRules-changeDefaultAdminDelay-uint48-]] ==== `[.contract-item-name]#++changeDefaultAdminDelay++#++(uint48 newDelay)++` [.item-kind]#public# Initiates a {defaultAdminDelay} update by setting a {pendingDefaultAdminDelay} scheduled for getting into effect after the current timestamp plus a {defaultAdminDelay}. This function guarantees that any call to {beginDefaultAdminTransfer} done between the timestamp this method is called and the {pendingDefaultAdminDelay} effect schedule will use the current {defaultAdminDelay} set before calling. The {pendingDefaultAdminDelay}'s effect schedule is defined in a way that waiting until the schedule and then calling {beginDefaultAdminTransfer} with the new delay will take at least the same as another {defaultAdmin} complete transfer (including acceptance). The schedule is designed for two scenarios: - When the delay is changed for a larger one the schedule is `block.timestamp + newDelay` capped by {defaultAdminDelayIncreaseWait}. - When the delay is changed for a shorter one, the schedule is `block.timestamp + (current delay - new delay)`. A {pendingDefaultAdminDelay} that never got into effect will be canceled in favor of a new scheduled change. Requirements: - Only can be called by the current {defaultAdmin}. Emits a DefaultAdminDelayChangeScheduled event and may emit a DefaultAdminDelayChangeCanceled event. [.contract-item] [[AccessControlDefaultAdminRules-_changeDefaultAdminDelay-uint48-]] ==== `[.contract-item-name]#++_changeDefaultAdminDelay++#++(uint48 newDelay)++` [.item-kind]#internal# See {changeDefaultAdminDelay}. Internal function without access restriction. [.contract-item] [[AccessControlDefaultAdminRules-rollbackDefaultAdminDelay--]] ==== `[.contract-item-name]#++rollbackDefaultAdminDelay++#++()++` [.item-kind]#public# Cancels a scheduled {defaultAdminDelay} change. Requirements: - Only can be called by the current {defaultAdmin}. May emit a DefaultAdminDelayChangeCanceled event. [.contract-item] [[AccessControlDefaultAdminRules-_rollbackDefaultAdminDelay--]] ==== `[.contract-item-name]#++_rollbackDefaultAdminDelay++#++()++` [.item-kind]#internal# See {rollbackDefaultAdminDelay}. Internal function without access restriction. [.contract-item] [[AccessControlDefaultAdminRules-_delayChangeWait-uint48-]] ==== `[.contract-item-name]#++_delayChangeWait++#++(uint48 newDelay) → uint48++` [.item-kind]#internal# Returns the amount of seconds to wait after the `newDelay` will become the new {defaultAdminDelay}. The value returned guarantees that if the delay is reduced, it will go into effect after a wait that honors the previously set delay. See {defaultAdminDelayIncreaseWait}.