ObjectAuthorization

Inherits: IObjectAuthorization, OmniRegistryErrors, Initializable

Manages directional authorization rules for object relations. Grants define who can initiate a relation (from or to) based on various criteria, such as ownership, token holding, delegation, or external contract verification.

State Variables

OBJECTAUTHORIZATION_STORAGE_LOCATION

Deterministic storage slot per ERC-7201

bytes32 private constant OBJECTAUTHORIZATION_STORAGE_LOCATION =
    0x66533e6d1966c5548931afa2a923bcafa00e1e6794f41ca0f03bbc3ab865ab00

Functions

_getObjectAuthorizationStorage

function _getObjectAuthorizationStorage() private pure returns (ObjectAuthorizationStorage storage $);

__ObjectAuthorization_init

function __ObjectAuthorization_init() internal onlyInitializing;

grantFrom

Issues a grant to allow initiating relations from a tail object

function grantFrom(uint128 tail, RelationGrant memory grant) external;

Parameters

Name	Type	Description
`tail`	`uint128`	Tail object ID
`grant`	`RelationGrant`	Grant details

revokeFrom

Revokes a previously issued from grant

function revokeFrom(uint128 tail, uint32 grantId) external;

Parameters

Name	Type	Description
`tail`	`uint128`	Tail object ID
`grantId`	`uint32`	Grant ID to revoke

grantTo

Issues a grant to allow accepting relations to a head object

function grantTo(uint128 head, RelationGrant memory grant) external;

Parameters

Name	Type	Description
`head`	`uint128`	Head object ID
`grant`	`RelationGrant`	Grant details

revokeTo

Revokes a previously issued to grant

function revokeTo(uint128 head, uint32 grantId) external;

Parameters

Name	Type	Description
`head`	`uint128`	Head object ID
`grantId`	`uint32`	Grant ID to revoke

allowFrom

Checks whether a sender is authorized to initiate a relation from a tail object

function allowFrom(uint32 grantId, address sender, uint128 tail, uint64 rel, uint64 headKind, uint64 headSet)
    external
    view
    returns (bool allow);

Parameters

Name	Type	Description
`grantId`	`uint32`	Grant ID to check
`sender`	`address`	Address attempting the action
`tail`	`uint128`	Tail object ID
`rel`	`uint64`	Relation ID
`headKind`	`uint64`	Kind ID of the target (head) object
`headSet`	`uint64`	Set ID of the target (head) object

Returns

Name	Type	Description
`allow`	`bool`	allowed True if authorized

allowTo

Checks whether a sender is authorized to accept a relation to a head object

function allowTo(uint32 grantId, address sender, uint128 head, uint64 rel, uint64 tailKind, uint64 tailSet)
    external
    view
    returns (bool);

Parameters

Name	Type	Description
`grantId`	`uint32`	Grant ID to check
`sender`	`address`	Address attempting the action
`head`	`uint128`	Head object ID
`rel`	`uint64`	Relation ID
`tailKind`	`uint64`	Kind ID of the source (tail) object
`tailSet`	`uint64`	Set ID of the source (tail) object

Returns

Name	Type	Description
`<none>`	`bool`	allowed True if authorized

_objectInfo

function _objectInfo(uint64 set, uint64 id)
    internal
    view
    virtual
    returns (Descriptor memory meta, address setContract, address owner);

_objectInfo

function _objectInfo(uint128 sid)
    private
    view
    returns (uint64 id, Descriptor memory meta, address setContract, address owner);

_validateHolder

function _validateHolder(address holder, bytes32 holding) internal view virtual returns (bool);

_validateGrantSpec

function _validateGrantSpec(RelationGrant memory grant) private view;

_validateGrant

function _validateGrant(
    RelationGrant memory grant,
    address sender,
    uint128 sid,
    uint64 rel,
    uint64 kind,
    uint64 set
) private view returns (bool);

_grantKey

function _grantKey(uint8 direction, uint128 sid, uint32 grantId) private pure returns (uint256);

_pointerKey

function _pointerKey(uint8 direction, uint128 sid) private pure returns (uint256);

Structs

GrantPointer

struct GrantPointer {
    uint32 lastId;
    uint32 minValidId;
}

ObjectAuthorizationStorage

Note: storage-location: erc7201:every.storage.ObjectAuthorization

struct ObjectAuthorizationStorage {
    mapping(uint256 => GrantPointer) pointers; // dir_sid_00 => pointer
    mapping(uint256 => RelationGrant) grants; // dir_sid_id => grant
}

Enums

Direction

enum Direction {
    None,
    From,
    To
}

GrantStatus

enum GrantStatus {
    None,
    Granted,
    Revoked
}

Keyboard shortcuts

Every Protocol – Core