Skip to content

Add PodAdmin gateway - expose admin fns and veto#587

Merged
thomas-waite merged 39 commits intofeat-governance-upgradefrom
feat-multiple-pod-admins
Mar 23, 2022
Merged

Add PodAdmin gateway - expose admin fns and veto#587
thomas-waite merged 39 commits intofeat-governance-upgradefrom
feat-multiple-pod-admins

Conversation

@thomas-waite
Copy link
Contributor

@thomas-waite thomas-waite commented Mar 15, 2022
edited
Loading

Summary

Introduces a PodAdminGateway contract, which is set as the PodAdmin address for all deployed Orca pods.

It is introduced for three reasons:

  • Allow a given pod to have it's admin functionality exposed to several TribeRoles
  • Enable hierarchy amongst pods. There is a concept of a "specific admin role", the role for which is calculated deterministically. This allows higher ranking pods to be given a higher a special role to administer lower ranking pods
  • Enable pod proposals to be vetoed by higher ranking pods

The goal is for the pods to have the following TribeRoles with the following admin priviledges :

  • addMember(): GOVERNOR, POD_ADMIN and specific pod admins granted this granular role
  • removeMember(): GOVERNOR, POD_ADMIN, GUARDIAN and specific pod admins granted this granular role
  • veto(): GOVERNOR, POD_VETO_ADMIN, GUARDIAN and specific pod admins granted this role

@thomas-waite thomas-waite requested a review from a team as a code owner March 15, 2022 16:37
@thomas-waite thomas-waite self-assigned this Mar 15, 2022
@thomas-waite thomas-waite changed the base branch from develop to feat-governance-upgrade March 15, 2022 16:38
@thomas-waite thomas-waite changed the title Enable multiple pod admins Enable multiple pod admins through a gateway Mar 16, 2022
@thomas-waite thomas-waite force-pushed the feat-multiple-pod-admins branch from ef1ca5d to 7f9f80c Compare March 16, 2022 20:20
@thomas-waite thomas-waite mentioned this pull request Mar 16, 2022
Merged
ElliotFriedman
ElliotFriedman reviewed Mar 16, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 16, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 16, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 16, 2022
View reviewed changes
@Joeysantoro
Copy link
Contributor

Joeysantoro commented Mar 17, 2022
edited
Loading

I think a much more scalable architecture would be to hash the podId with some salt like "ORCA_POD" and have that role be the "specific pod admin". We'd only need at most one of these roles per pod. Instead of giving ROLE_ADMIN the control over this, perhaps a better role would be "POD_ADMIN" which specifically can do all of these things. The POD_ADMIN should also be able to grant these role specific admins. So then we have the following admin priviledges for all pods:

AddMember(): GOVERNOR and POD_ADMIN and "specific pod admin"
RemoveMember(): above plus "GUARDIAN"

@thomas-waite thomas-waite changed the title Enable multiple pod admins through a gateway 3) Enable multiple pod admins through a gateway Mar 21, 2022
@thomas-waite
Copy link
Contributor Author

thomas-waite commented Mar 21, 2022

I think a much more scalable architecture would be to hash the podId with some salt like "ORCA_POD" and have that role be the "specific pod admin". We'd only need at most one of these roles per pod. Instead of giving ROLE_ADMIN the control over this, perhaps a better role would be "POD_ADMIN" which specifically can do all of these things. The POD_ADMIN should also be able to grant these role specific admins. So then we have the following admin priviledges for all pods:

AddMember(): GOVERNOR and POD_ADMIN and "specific pod admin" RemoveMember(): above plus "GUARDIAN"

This makes sense and I like it, it's more scaleable as you say. Implementing

@thomas-waite thomas-waite changed the title 3) Enable multiple pod admins through a gateway Add PodAdmin gateway - expose admin fns and veto Mar 22, 2022
Joeysantoro
Joeysantoro reviewed Mar 22, 2022
View reviewed changes
Joeysantoro
Joeysantoro reviewed Mar 22, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 22, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 22, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 22, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 22, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 22, 2022
View reviewed changes
ElliotFriedman
ElliotFriedman reviewed Mar 22, 2022
View reviewed changes
@thomas-waite thomas-waite merged commit 20bf199 into feat-governance-upgrade Mar 23, 2022
@thomas-waite thomas-waite deleted the feat-multiple-pod-admins branch March 23, 2022 18:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Joeysantoro Joeysantoro Joeysantoro left review comments

+1 more reviewer

@ElliotFriedman ElliotFriedman ElliotFriedman left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@thomas-waite thomas-waite

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@thomas-waite @Joeysantoro @ElliotFriedman

Comments