Merge pull request #37 from maxnorm/docs/auto-generated-34

[DOCS] Auto-generated Docs Pages

Author: maxnorm

website/docs/library/access/AccessControl/AccessControlFacet.mdx

@@ -1,7 +1,7 @@
 ---
 sidebar_position: 2
 title: "AccessControlFacet"
-description: "Manages role-based access control within a diamond."
+description: "Role-based access control for diamond contracts"
 gitSource: "https://github.com/Perfect-Abstractions/Compose/tree/main/src/access/AccessControl/AccessControlFacet.sol"
 ---
 
@@ -21,18 +21,19 @@ import GradientText from '@site/src/components/ui/GradientText';
 import GradientButton from '@site/src/components/ui/GradientButton';
 
 <DocSubtitle>
-Manages role-based access control within a diamond.
+Role-based access control for diamond contracts
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Role-based access control for granular permission management.
-- Support for batch granting and revoking roles.
-- Extensible with other access control facets like `AccessControlPausableFacet`.
+- Exposes external functions for role management and permission checking.
+- Integrates with diamond storage for persistent role data.
+- Supports batch operations for granting and revoking roles to multiple accounts.
+- Provides functions to check role membership and enforce role requirements.
 </Callout>
 
 ## Overview
 
-The AccessControlFacet provides a robust role-based access control (RBAC) system for Compose diamonds. It allows for granular permission management by defining roles and assigning them to accounts. This facet is crucial for securing sensitive functions and orchestrating complex interactions by enforcing role requirements.
+This facet implements role-based access control for Compose diamonds. It exposes external functions to manage roles and permissions, interacting with diamond storage. Developers add this facet to enforce access control policies across their diamond's functionality.
 
 ---
 
@@ -472,54 +473,55 @@ error AccessControlUnauthorizedSender(address _sender, address _account);
   </Accordion>
 </AccordionGroup>
 
+<!-- Usage Example section commented out for now -->
+<!--
 ## Usage Example
 
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
-{`pragma solidity ^0.8.30;
+{`pragma solidity >=0.8.30;
 
-import {DiamondInit} from "@compose/diamond/DiamondInit.sol";
-import {DiamondCut} from "@compose/diamond/DiamondCut.sol";
-import {AccessControlFacet} from "@compose/access/AccessControl/AccessControlFacet.sol";
-import {Diamond} from "@compose/diamond/Diamond.sol";
+import { IDiamond } from "@compose/diamond/IDiamond.sol";
+import { AccessControlFacet } from "@compose/access/AccessControl/AccessControlFacet.sol";
 
-contract DeployDiamondWithAccessControl is DiamondInit {
-    // Define roles
-    bytes32 constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
-    bytes32 constant OPERATOR_ROLE = keccak256("OPERATOR_ROLE");
+contract DiamondUser {
+    address immutable diamondAddress;
 
-    function deploy() external {
-        // ... diamond deployment logic ...
+    constructor(address _diamondAddress) {
+        diamondAddress = _diamondAddress;
+    }
 
-        // Initialize AccessControlFacet
-        AccessControlFacet accessControlFacet = AccessControlFacet(diamondAddress);
-        accessControlFacet.grantRole(ADMIN_ROLE, msg.sender); // Grant admin role to deployer
-        accessControlFacet.grantRole(OPERATOR_ROLE, address(this)); // Grant operator role to diamond itself
+    function grantAdminRole(address _admin) external {
+        IDiamond(diamondAddress).grantRole(AccessControlFacet.AccessControl.DEFAULT_ADMIN_ROLE(), _admin);
+    }
 
-        // ... other facet initializations ...
+    function checkAdminRole(address _account) external view returns (bool) {
+        return IDiamond(diamondAddress).hasRole(AccessControlFacet.AccessControl.DEFAULT_ADMIN_ROLE(), _account);
     }
 
-    // Example of calling a protected function using requireRole
-    function executeProtectedAction() external {
-        AccessControlFacet accessControlFacet = AccessControlFacet(diamondAddress);
-        accessControlFacet.requireRole(OPERATOR_ROLE, msg.sender);
+    function setRoleAdmin(bytes32 _role, bytes32 _adminRole) external {
+        IDiamond(diamondAddress).setRoleAdmin(_role, _adminRole);
+    }
 
-        // ... protected action logic ...
+    function grantUserRole(bytes32 _role, address _user) external {
+        IDiamond(diamondAddress).grantRole(_role, _user);
     }
 }`}
 </ExpandableCode>
+-->
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Initialize roles and grant them to appropriate accounts during diamond deployment.
-- Use `grantRoleBatch` and `revokeRoleBatch` for efficient mass role management.
-- Define clear hierarchies for roles using `setRoleAdmin` to manage administrative privileges.
+- Initialize role administration and grant initial roles during diamond deployment.
+- Use `grantRole` and `revokeRole` for individual account management.
+- Utilize `grantRoleBatch` and `revokeRoleBatch` for efficient management of multiple accounts.
+- Ensure that roles are properly defined and their admin roles are set to manage permissions effectively.
 </Callout>
 
 ## Security Considerations
 
 <Callout type="warning" title="Security">
-Ensure that role administration is properly secured. The `setRoleAdmin`, `grantRole`, and `revokeRole` functions require the caller to be the admin of the role. Reentrancy is mitigated as role modifications are atomic. Input validation is handled internally by the facet to prevent invalid role or account assignments.
+All state-changing functions (`setRoleAdmin`, `grantRole`, `revokeRole`, `grantRoleBatch`, `revokeRoleBatch`, `renounceRole`) require caller authorization, typically controlled by the role's admin role. The `requireRole` function reverts with `AccessControlUnauthorizedAccount` if the caller lacks the specified role. `renounceRole` reverts with `AccessControlUnauthorizedSender` if the caller is not the account attempting to renounce the role. Follow standard Solidity security practices for input validation.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
@@ -563,4 +565,4 @@ Ensure that role administration is properly secured. The `setRoleAdmin`, `grantR
   <WasThisHelpful pageId="AccessControlFacet" />
 </div>
 
-<LastUpdated date="2025-12-30T15:54:26.223Z" />
+<LastUpdated date="2025-12-30T17:27:36.331Z" />

website/docs/library/access/AccessControl/AccessControlMod.mdx

@@ -1,7 +1,7 @@
 ---
 sidebar_position: 1
 title: "AccessControlMod"
-description: "Manages roles and permissions within a diamond."
+description: "Manage roles and permissions across diamond facets"
 gitSource: "https://github.com/Perfect-Abstractions/Compose/tree/main/src/access/AccessControl/AccessControlMod.sol"
 ---
 
@@ -21,14 +21,14 @@ import GradientText from '@site/src/components/ui/GradientText';
 import GradientButton from '@site/src/components/ui/GradientButton';
 
 <DocSubtitle>
-Manages roles and permissions within a diamond.
+Manage roles and permissions across diamond facets
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Permission management via roles assigned to accounts.
-- Ability to grant and revoke roles dynamically.
-- Built-in check for role existence with `hasRole`.
-- Revert mechanism for unauthorized access attempts via `requireRole`.
+- Internal functions for facet integration.
+- Uses diamond storage pattern for shared state management.
+- No external dependencies, promoting composability.
+- Emits events for role changes, aiding off-chain monitoring.
 </Callout>
 
 <Callout type="info" title="Module Usage">
@@ -37,7 +37,7 @@ This module provides internal functions for use in your custom facets. Import it
 
 ## Overview
 
-The AccessControl module provides a robust system for managing roles and permissions, ensuring that only authorized accounts can perform specific actions. This is crucial for maintaining security and control within a Compose diamond by enabling granular access delegation and revocation.
+This module provides internal functions for managing role-based access control within a diamond proxy. Facets can import and use these functions to grant, revoke, and check roles using shared diamond storage. This ensures consistent access control logic across all facets that depend on this module.
 
 ---
 
@@ -397,53 +397,53 @@ error AccessControlUnauthorizedAccount(address _account, bytes32 _role);
   </Accordion>
 </AccordionGroup>
 
+<!-- Usage Example section commented out for now -->
+<!--
 ## Usage Example
 
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
 {`pragma solidity ^0.8.30;
 
-import { AccessControlMod } from "@compose/access/AccessControl/AccessControlMod";
-import { AccessControlStorage } from "@compose/access/AccessControl/AccessControlStorage";
+import {AccessControlMod, AccessControlStorage} from "@compose/access/AccessControl/AccessControlMod";
 
-contract MyFacet {
+contract MyAccessFacet {
     AccessControlMod internal accessControl;
 
-    // Assuming AccessControlMod is initialized and its storage slot is known
-    constructor(address _diamondProxy) {
-        // Fetch storage location from the diamond proxy
-        address accessControlAddress = _diamondProxy; // Example: If AccessControlMod is a facet itself
-        accessControl = AccessControlMod(accessControlAddress);
+    // Assuming AccessControlMod is deployed and its storage is initialized
+    function initialize(address _accessControlModAddress) external {
+        accessControl = AccessControlMod(_accessControlModAddress);
     }
 
     function grantAdminRole(address _account) external {
-        bytes32 adminRole = keccak256("AccessControl.ADMIN_ROLE"); // Example role
+        bytes32 adminRole = keccak256("COMPOSE_ADMIN_ROLE");
         accessControl.grantRole(adminRole, _account);
     }
 
-    function checkAdminRole(address _account) view external returns (bool) {
-        bytes32 adminRole = keccak256("AccessControl.ADMIN_ROLE"); // Example role
+    function checkIfAdmin(address _account) external view returns (bool) {
+        bytes32 adminRole = keccak256("COMPOSE_ADMIN_ROLE");
         return accessControl.hasRole(adminRole, _account);
     }
 
-    function enforceAdminRole(address _account) view external {
-        bytes32 adminRole = keccak256("AccessControl.ADMIN_ROLE"); // Example role
+    function enforceAdminRole(address _account) external view {
+        bytes32 adminRole = keccak256("COMPOSE_ADMIN_ROLE");
         accessControl.requireRole(adminRole, _account);
     }
 }`}
 </ExpandableCode>
+-->
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Define roles using `bytes32` and `keccak256` for clarity and gas efficiency.
-- Use `requireRole` for immediate enforcement of permissions within functions.
-- Carefully manage the administration of roles using `setRoleAdmin` to prevent unintended privilege escalation.
+- Call `requireRole` to enforce access control checks before executing sensitive operations.
+- Ensure the diamond's storage layout is compatible with the `AccessControlStorage` struct.
+- Handle `AccessControlUnauthorizedAccount` errors to provide clear feedback to users.
 </Callout>
 
 ## Integration Notes
 
 <Callout type="success" title="Shared Storage">
-The AccessControl module utilizes the diamond storage pattern, storing its state at a well-defined slot identified by `keccak256("compose.accesscontrol")`. Facets can access this state by calling the `getStorage()` function or directly interacting with the module's functions, which implicitly read from this storage slot. Ensure that the AccessControl module is correctly initialized and its storage slot is reserved to avoid conflicts with other modules.
+This module utilizes diamond storage at the slot identified by `keccak256("compose.accesscontrol")`. All functions operate on the `AccessControlStorage` struct, which is implicitly managed by the diamond storage pattern. Changes to roles made through this module are immediately visible to all facets that access the same storage slot.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
@@ -481,4 +481,4 @@ The AccessControl module utilizes the diamond storage pattern, storing its state
   <WasThisHelpful pageId="AccessControlMod" />
 </div>
 
-<LastUpdated date="2025-12-30T15:54:22.483Z" />
+<LastUpdated date="2025-12-30T17:27:32.246Z" />

website/docs/library/access/AccessControl/index.mdx

@@ -14,14 +14,14 @@ import Icon from '@site/src/components/ui/Icon';
 <DocCardGrid columns={2}>
   <DocCard
     title="AccessControlFacet"
-    description={"Manages role-based access control within a diamond."}
+    description={"Role-based access control for diamond contracts"}
     href="/docs/library/access/AccessControl/AccessControlFacet"
     icon={<Icon name="book" size={28} />}
     size="medium"
   />
   <DocCard
     title="AccessControlMod"
-    description={"Manages roles and permissions within a diamond."}
+    description={"Manage roles and permissions across diamond facets"}
     href="/docs/library/access/AccessControl/AccessControlMod"
     icon={<Icon name="book" size={28} />}
     size="medium"

website/docs/library/access/AccessControlPausable/AccessControlPausableFacet.mdx

@@ -1,7 +1,7 @@
 ---
 sidebar_position: 2
 title: "AccessControlPausableFacet"
-description: "Control role access and pause/unpause specific roles."
+description: "Manages role pausing and unpausing within a diamond"
 gitSource: "https://github.com/Perfect-Abstractions/Compose/tree/main/src/access/AccessControlPausable/AccessControlPausableFacet.sol"
 ---
 
@@ -21,18 +21,19 @@ import GradientText from '@site/src/components/ui/GradientText';
 import GradientButton from '@site/src/components/ui/GradientButton';
 
 <DocSubtitle>
-Control role access and pause/unpause specific roles.
+Manages role pausing and unpausing within a diamond
 </DocSubtitle>
 
 <Callout type="info" title="Key Features">
-- Allows pausing and unpausing of specific roles, preventing execution of role-bound functions.
-- Integrates seamlessly with existing AccessControl mechanisms.
-- Provides view functions to check the current paused status of any role.
+- Exposes external functions for pausing and unpausing specific roles.
+- Emits `RolePaused` and `RoleUnpaused` events for state changes.
+- Reverts with `AccessControlUnauthorizedAccount` if caller lacks permission to pause/unpause.
+- Reverts with `AccessControlRolePaused` when a paused role is accessed.
 </Callout>
 
 ## Overview
 
-This facet provides granular control over role-based access, allowing specific roles to be temporarily paused. It integrates with the core AccessControl logic to enforce role permissions and adds a pausing mechanism for enhanced operational flexibility. Use this facet to manage temporary disruptions or maintenance periods for specific functionalities tied to roles.
+This facet implements role-based pausing and unpausing for diamond functionality. It exposes external functions to control role states, ensuring operations can be temporarily halted or resumed. Developers integrate this facet to add granular control over role permissions within a diamond.
 
 ---
 
@@ -277,64 +278,55 @@ error AccessControlRolePaused(bytes32 _role);
   </Accordion>
 </AccordionGroup>
 
+<!-- Usage Example section commented out for now -->
+<!--
 ## Usage Example
 
 <ExpandableCode language="solidity" maxLines={20} title="Example Implementation">
-{`pragma solidity ^0.8.30;
+{`pragma solidity >=0.8.30;
 
-import { Diamond } from "@compose/diamond/Diamond";
+import { IDiamond } from "@compose/diamond/IDiamond";
 import { AccessControlPausableFacet } from "@compose/access/AccessControlPausable/AccessControlPausableFacet";
-import { AccessControlFacet } from "@compose/access/AccessControl/AccessControlFacet";
 
-contract MyDiamond is Diamond {
-    constructor(address _diamondAdmin) Diamond( _diamondAdmin) {
-        // ... deployment logic ...
-    }
-
-    function upgrade() public {
-        // Example: Adding AccessControlPausableFacet
-        address[] memory facetsToAdd = new address[](1);
-        facetsToAdd[0] = address(new AccessControlPausableFacet());
+contract DiamondConsumer {
+    address public immutable diamondAddress;
+    bytes32 public constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
 
-        bytes[] memory selectorsToAdd = new bytes[](3);
-        selectorsToAdd[0] = AccessControlPausableFacet.pauseRole.selector;
-        selectorsToAdd[1] = AccessControlPausableFacet.unpauseRole.selector;
-        selectorsToAdd[2] = AccessControlPausableFacet.isRolePaused.selector;
+    constructor(address _diamondAddress) {
+        diamondAddress = _diamondAddress;
+    }
 
-        facetCut(facetsToAdd, selectorsToAdd, new address[](0), new bytes[](0));
+    function pauseAdminRole() external {
+        IDiamond(diamondAddress).pauseRole(ADMIN_ROLE);
     }
 
-    function pauseMyRole() external {
-        AccessControlPausableFacet pausableFacet = AccessControlPausableFacet(address(this));
-        bytes32 myRole = keccak256("MY_ROLE");
-        pausableFacet.pauseRole(myRole);
+    function unpauseAdminRole() external {
+        IDiamond(diamondAddress).unpauseRole(ADMIN_ROLE);
     }
 
-    function unpauseMyRole() external {
-        AccessControlPausableFacet pausableFacet = AccessControlPausableFacet(address(this));
-        bytes32 myRole = keccak256("MY_ROLE");
-        pausableFacet.unpauseRole(myRole);
+    function checkAdminRoleStatus(address _account) external view returns (bool) {
+        return IDiamond(diamondAddress).isRolePaused(ADMIN_ROLE);
     }
 
-    function checkRoleStatus(bytes32 _role) external view returns (bool) {
-        AccessControlPausableFacet pausableFacet = AccessControlPausableFacet(address(this));
-        return pausableFacet.isRolePaused(_role);
+    function enforceAdminRoleNotPaused(address _account) external view {
+        IDiamond(diamondAddress).requireRoleNotPaused(ADMIN_ROLE, _account);
     }
 }`}
 </ExpandableCode>
+-->
 
 ## Best Practices
 
 <Callout type="tip" title="Best Practice">
-- Initialize or upgrade the diamond to include this facet to enable role pausing capabilities.
-- Ensure the caller invoking `pauseRole` and `unpauseRole` has the necessary administrative privileges for the target role.
-- Leverage `requireRoleNotPaused` within other facets or contract logic to dynamically enforce pausing states.
+- Initialize roles and their pausing status during diamond deployment.
+- Enforce `requireRoleNotPaused` checks on sensitive external or internal functions.
+- Grant pausing capabilities only to authorized administrative roles.
 </Callout>
 
 ## Security Considerations
 
 <Callout type="warning" title="Security">
-The `pauseRole` and `unpauseRole` functions are restricted to the admin of the respective role, preventing unauthorized pausing. The `requireRoleNotPaused` function reverts with `AccessControlRolePaused` if the role is paused, ensuring that paused roles cannot be utilized. Ensure that any critical functions protected by roles properly call `requireRoleNotPaused` or equivalent logic to respect the paused state.
+All state-changing functions (`pauseRole`, `unpauseRole`) are protected by implicit access control checks handled by the diamond proxy's dispatch mechanism and the facet's internal logic, ensuring only authorized accounts can modify role pause states. The `requireRoleNotPaused` function includes checks for both account role membership and role pause status, reverting with appropriate errors (`AccessControlUnauthorizedAccount`, `AccessControlRolePaused`) to prevent unauthorized or paused role usage.
 </Callout>
 
 <div style={{marginTop: "3rem", paddingTop: "2rem", borderTop: "1px solid var(--ifm-color-emphasis-200)"}}>
@@ -360,4 +352,4 @@ The `pauseRole` and `unpauseRole` functions are restricted to the admin of the r
   <WasThisHelpful pageId="AccessControlPausableFacet" />
 </div>
 
-<LastUpdated date="2025-12-30T15:54:02.317Z" />
+<LastUpdated date="2025-12-30T17:27:10.923Z" />