# Module `0x1::role`
A generic module for role-based access control (RBAC).
- [Resource `Role`](#0x1_role_Role)
- [Constants](#@Constants_0)
- [Function `assign_role`](#0x1_role_assign_role)
- [Function `revoke_role`](#0x1_role_revoke_role)
- [Function `has_role`](#0x1_role_has_role)
- [Function `assert_has_role`](#0x1_role_assert_has_role)
use 0x1::error;
use 0x1::signer;
## Resource `Role`
struct Role<Type> has key
Fields
-
dummy_field: bool
-
## Constants
const EROLE: u64 = 0;
## Function `assign_role`
Assign the role to the account. The caller must pass a witness, so is
expected to be a function of the module that defines Type.
public fun assign_role<Type>(to: &signer, _witness: &Type)
Implementation
public fun assign_role<Type>(to: &signer, _witness: &Type) {
assert!(!has_role<Type>(signer::address_of(to)), error::already_exists(EROLE));
move_to<Role<Type>>(to, Role<Type>{});
}
## Function `revoke_role`
Revoke the role from the account. The caller must pass a witness, so is
expected to be a function of the module that defines Type.
public fun revoke_role<Type>(from: &signer, _witness: &Type)
Implementation
public fun revoke_role<Type>(from: &signer, _witness: &Type) acquires Role {
assert!(has_role<Type>(signer::address_of(from)), error::not_found(EROLE));
let Role<Type>{} = move_from<Role<Type>>(signer::address_of(from));
}
## Function `has_role`
Return true iff the address has the role.
public fun has_role<Type>(addr: address): bool
Implementation
public fun has_role<Type>(addr: address): bool {
exists<Role<Type>>(addr)
}
## Function `assert_has_role`
assert! that the account has the role.
public fun assert_has_role<Type>(account: &signer)
Implementation
public fun assert_has_role<Type>(account: &signer) {
assert!(has_role<Type>(signer::address_of(account)), error::not_found(EROLE));
}