# 权限控制

By [web3zoom](https://paragraph.com/@web3zoom) · 2025-07-21

---

权限控制，其本质是对一个mapping状态变量进行修改。

    // SPDX-License-Identifier: GPL-3.0
    
    pragma solidity ^0.8.30;
    
    contract AccessPermissions{
        // 授权
        event GrantRole(bytes32 indexed role, address indexed account);
        // 撤销
        event RevokeRole(bytes32 indexed role, address indexed account);
    
        // role => account => bool
        mapping (bytes32 => mapping (address => bool)) public  roles;
    
        // 定义角色
        // 0xdf8b4c520ffe197c5343c6f5aec59570151ef9a492f2c624fd45ddde6135ec42
        bytes32 private  constant ADMIN = keccak256(abi.encodePacked("ADMIN"));
        // 0x2db9fd3d099848027c2383d0a083396f6c41510d7acfd92adc99b6cffcf31e96
        bytes32 private  constant USER = keccak256(abi.encodePacked("USER"));
    
        modifier onlyRole(bytes32 _role){
            require(roles[_role][msg.sender],"not authorized");
            _;
        }
    
        // 部署合约赋值权限
        constructor(){
            _grantRole(ADMIN, msg.sender);
        }
    
        function _grantRole(bytes32 _role, address _account) internal {
            roles[_role][_account] = true;
            emit GrantRole(_role, _account);
        }
    
        function grantRole(bytes32 _role, address _account) external onlyRole(ADMIN){
            _grantRole(_role, _account);
        }
    
        function _revokeRole(bytes32 _role, address _account) internal {
            roles[_role][_account] = false;
            emit RevokeRole(_role, _account);
        }
    
        function revokeRole(bytes32 _role, address _account) external onlyRole(ADMIN){
            _revokeRole(_role, _account);
        }
    }

---

*Originally published on [web3zoom](https://paragraph.com/@web3zoom/meBmd5KWBdozB3ZUnUVo)*