在基于角色的访问控制智能合约中修改和分配角色 - OpenZeppelin Docs

在基于角色的访问控制智能合约中修改和分配角色

Defender 允许你无缝地监督和管理大规模的合约权限，并且能够以精细的粒度查看和控制访问权限。本教程展示了如何添加智能合约以查看和管理其角色，包括分配和移除角色。

前提条件

• OpenZeppelin Defender 账户。你可以在这里注册 Defender。

• 任何外部钱包（如 Metamask），其中包含在 Sepolia 中持有资金的 EOA。

1. 添加合约

1. 在 Web 浏览器中打开 Defender 地址簿。

2. 使用以下值填写表单，然后单击“创建”：

• 名称：Access Control Factory

• 网络：Sepolia

• 地址：0xF909B3dBB525fDe7C3e8cd59FbECF3D42c217454

3. 导航到交易提案。

4. 使用以下值填写 常规信息 部分：

• 名称：Create Access Control contract

• 目标合约：Access Control Factory

5. 对于 函数 部分，选择 create 函数。

6. 打开 审批流程 部分，单击输入字段，然后选择 Create Approval Process。

7. 使用以下值填写审批流程表单，然后单击 Save Changes：

• 名称：Access Control Admin

• 类型：EOA

• 地址：你的钱包 EOA 地址

8. 使用创建的审批流程的 EOA 地址连接你的钱包，然后单击 Submit Transaction Proposal。

9. 单击 Create Access Control contract 交易提案。

10. 单击右上角的 Approve and Execute 按钮，并在你的钱包上确认交易。

11. 向下滚动到执行结果下，将鼠标悬停在第一个合约上以复制其地址。

12. 导航到 Defender https://defender.openzeppelin.com/v2/#/address-book/new地址簿，window=_blank]，以添加你新创建的合约。

13. 使用以下值填写表单，然后单击 Create：

• 名称：Access Control Contract

• 网络：Sepolia

• 地址：从上一步复制的合约地址

• ABI：复制并粘贴以下内容

[{"inputs": [],"stateMutability": "nonpayable","type": "constructor"},{"inputs": [],"name": "AccessControlBadConfirmation","type": "error"},{"inputs": [{"internalType": "address","name": "account","type": "address"},{"internalType": "bytes32","name": "neededRole","type": "bytes32"}],"name": "AccessControlUnauthorizedAccount","type": "error"},{"anonymous": false,"inputs": [{"indexed": true,"internalType": "bytes32","name": "role","type": "bytes32"},{"indexed": true,"internalType": "bytes32","name": "previousAdminRole","type": "bytes32"},{"indexed": true,"internalType": "bytes32","name": "newAdminRole","type": "bytes32"}],"name": "RoleAdminChanged","type": "event"},{"anonymous": false,"inputs": [{"indexed": true,"internalType": "bytes32","name": "role","type": "bytes32"},{"indexed": true,"internalType": "address","name": "account","type": "address"},{"indexed": true,"internalType": "address","name": "sender","type": "address"}],"name": "RoleGranted","type": "event"},{"anonymous": false,"inputs": [{"indexed": true,"internalType": "bytes32","name": "role","type": "bytes32"},{"indexed": true,"internalType": "address","name": "account","type": "address"},{"indexed": true,"internalType": "address","name": "sender","type": "address"}],"name": "RoleRevoked","type": "event"},{"inputs": [],"name": "DEFAULT_ADMIN_ROLE","outputs": [{"internalType": "bytes32","name": "","type": "bytes32"}],"stateMutability": "view","type": "function"},{"inputs": [],"name": "RANDOM_ROLE","outputs": [{"internalType": "bytes32","name": "","type": "bytes32"}],"stateMutability": "view","type": "function"},{"inputs": [{"internalType": "bytes32","name": "role","type": "bytes32"}],"name": "getRoleAdmin","outputs": [{"internalType": "bytes32","name": "","type": "bytes32"}],"stateMutability": "view","type": "function"},{"inputs": [{"internalType": "bytes32","name": "role","type": "bytes32"},{"internalType": "address","name": "account","type": "address"}],"name": "grantRole","outputs": [],"stateMutability": "nonpayable","type": "function"},{"inputs": [{"internalType": "bytes32","name": "role","type": "bytes32"},{"internalType": "address","name": "account","type": "address"}],"name": "hasRole","outputs": [{"internalType": "bool","name": "","type": "bool"}],"stateMutability": "view","type": "function"},{"inputs": [{"internalType": "bytes32","name": "role","type": "bytes32"},{"internalType": "address","name": "callerConfirmation","type": "address"}],"name": "renounceRole","outputs": [],"stateMutability": "nonpayable","type": "function"},{"inputs": [{"internalType": "bytes32","name": "role","type": "bytes32"},{"internalType": "address","name": "account","type": "address"}],"name": "revokeRole","outputs": [],"stateMutability": "nonpayable","type": "function"},{"inputs": [{"internalType": "bytes4","name": "interfaceId","type": "bytes4"}],"name": "supportsInterface","outputs": [{"internalType": "bool","name": "","type": "bool"}],"stateMutability": "view","type": "function"}]

14. 导航到访问控制页面。

15. 观察你新添加的合约，其中包含持有管理员角色的地址数量。

16. 点击合约卡片。

2. 查看和修改角色

在你的合约特定页面中，你可以看到持有 DEFAULT_ADMIN_ROLE 角色的地址，该角色是你用来部署合约的审批流程中的 EOA 地址。 要进行更改，请单击该角色并输入新地址（或者，如果要从该角色中删除地址，则删除一个地址）。 按照以下步骤将新地址添加到 DEFAULT_ADMIN_ROLE：

1. 单击 DEFAULT_ADMIN_ROLE 角色。

2. 从下拉菜单中选择任何地址或添加一个新地址。

3. 向下滚动并单击 Select an Approval Process。

4. 选择你的 Access Control Admin 审批流程。

5. 检查你的钱包是否与正确的 EOA 地址连接。 如果没有，请单击该字段下方的按钮以连接你的钱包。

6. 单击 Save Changes 并在你的钱包上确认交易。

7. 等待交易执行完毕，并检查新地址是否持有 DEFAULT_ADMIN_ROLE 角色。

对于可拥有的合约，你只能使用与当前所有者的地址匹配的审批流程来更改 Owner 角色。 当使用多重签名作为审批流程时，你将在页面右侧看到待处理的提案。

该页面每分钟同步一次，并在修改角色时更新。

后续步骤

恭喜你！ 你可以导入其他合约并修改其角色。

参考文献

• 访问控制文档

• 访问控制工厂

• 访问控制合约

← 动作

工作流 →

• 原文链接： docs.openzeppelin.com/de...
• 登链社区 AI 助手，为大家转译优秀英文文章，如有翻译不通的地方，还请包涵～