权限控制，其本质是对一个mapping状态变量进行修改。

// SPDX-License-Identifier: GPL-3.0

pragma solidity ^0.8.30;

contract AccessPermissions{
    // 授权
    event GrantRole(bytes32 indexed role, address indexed account);
    // 撤销
    event RevokeRole(bytes32 indexed role, address indexed account);

    // role => account => bool
    mapping (bytes32 => mapping (address => bool)) public  roles;

    // 定义角色
    // 0xdf8b4c520ffe197c5343c6f5aec59570151ef9a492f2c624fd45ddde6135ec42
    bytes32 private  constant ADMIN = keccak256(abi.encodePacked("ADMIN"));
    // 0x2db9fd3d099848027c2383d0a083396f6c41510d7acfd92adc99b6cffcf31e96
    bytes32 private  constant USER = keccak256(abi.encodePacked("USER"));

    modifier onlyRole(bytes32 _role){
        require(roles[_role][msg.sender],"not authorized");
        _;
    }

    // 部署合约赋值权限
    constructor(){
        _grantRole(ADMIN, msg.sender);
    }

    function _grantRole(bytes32 _role, address _account) internal {
        roles[_role][_account] = true;
        emit GrantRole(_role, _account);
    }

    function grantRole(bytes32 _role, address _account) external onlyRole(ADMIN){
        _grantRole(_role, _account);
    }

    function _revokeRole(bytes32 _role, address _account) internal {
        roles[_role][_account] = false;
        emit RevokeRole(_role, _account);
    }

    function revokeRole(bytes32 _role, address _account) external onlyRole(ADMIN){
        _revokeRole(_role, _account);
    }
}

权限控制，其本质是对一个mapping状态变量进行修改。

// SPDX-License-Identifier: GPL-3.0

pragma solidity ^0.8.30;

contract AccessPermissions{
    // 授权
    event GrantRole(bytes32 indexed role, address indexed account);
    // 撤销
    event RevokeRole(bytes32 indexed role, address indexed account);

    // role => account => bool
    mapping (bytes32 => mapping (address => bool)) public  roles;

    // 定义角色
    // 0xdf8b4c520ffe197c5343c6f5aec59570151ef9a492f2c624fd45ddde6135ec42
    bytes32 private  constant ADMIN = keccak256(abi.encodePacked("ADMIN"));
    // 0x2db9fd3d099848027c2383d0a083396f6c41510d7acfd92adc99b6cffcf31e96
    bytes32 private  constant USER = keccak256(abi.encodePacked("USER"));

    modifier onlyRole(bytes32 _role){
        require(roles[_role][msg.sender],"not authorized");
        _;
    }

    // 部署合约赋值权限
    constructor(){
        _grantRole(ADMIN, msg.sender);
    }

    function _grantRole(bytes32 _role, address _account) internal {
        roles[_role][_account] = true;
        emit GrantRole(_role, _account);
    }

    function grantRole(bytes32 _role, address _account) external onlyRole(ADMIN){
        _grantRole(_role, _account);
    }

    function _revokeRole(bytes32 _role, address _account) internal {
        roles[_role][_account] = false;
        emit RevokeRole(_role, _account);
    }

    function revokeRole(bytes32 _role, address _account) external onlyRole(ADMIN){
        _revokeRole(_role, _account);
    }
}