Implement access manager

biome.json

@@ -16,7 +16,8 @@
 			"./cache",
 			"./node_modules",
 			"./coverage",
-			"./coverage.json"
+			"./coverage.json",
+			"./ignition/deployments"
 		]
 	}
 }

contracts/ApplicationManager.sol

@@ -2,13 +2,19 @@
 pragma solidity 0.8.26;
 
 import {IApplicationManager} from "./IApplicationManager.sol";
+import {AccessManaged} from "@openzeppelin/contracts/access/manager/AccessManaged.sol";
+import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
 
-contract ApplicationManager is IApplicationManager {
+contract ApplicationManager is
+    IApplicationManager,
+    AccessManaged,
+    ReentrancyGuard
+{
     mapping(uint => Application) private applications;
     mapping(address => bool) private addressUsed;
     uint private nextApplicationId;
 
-    constructor() {}
+    constructor(address initialAuthority) AccessManaged(initialAuthority) {}
 
     function applicationExists(uint id) internal view returns (bool) {
         return applications[id].account != address(0);
@@ -18,40 +24,42 @@
         return nextApplicationId;
     }
 
-    function createApplication(Application memory newApplication) external {
+    function createApplication(
+        Application memory newApplication
+    ) external nonReentrant restricted {
         require(
             !addressUsed[newApplication.account],
             "Address already used for another application"
         );
         applications[nextApplicationId] = newApplication;
         addressUsed[newApplication.account] = true;
         emit ApplicationCreated(
             nextApplicationId,
             applications[nextApplicationId]
         );
         nextApplicationId++;
     }
 
     function updateApplication(
         uint id,
         Application memory updatedApplication
-    ) external {
+    ) external nonReentrant restricted {
         require(applicationExists(id), "Application does not exist");
         require(
             !addressUsed[updatedApplication.account] ||
                 applications[id].account == updatedApplication.account,
-            "Address already used for another application"
+            "Account used by another application"
         );
         applications[id] = updatedApplication;
         emit ApplicationUpdated(id, applications[id]);
     }
 
-    function deleteApplication(uint id) external {
+    function deleteApplication(uint id) external nonReentrant restricted {
         require(applicationExists(id), "Application does not exist");
         addressUsed[applications[id].account] = false;
         emit ApplicationDeleted(id, applications[id]);
         delete applications[id];
     }
 
     function getApplication(
         uint id

contracts/OIDAccessManager.sol

@@ -0,0 +1,11 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity 0.8.26;
+
+// solhint-disable-next-line max-line-length
+import {AccessManagerUpgradeable} from "@openzeppelin/contracts-upgradeable/access/manager/AccessManagerUpgradeable.sol";
+
+contract OIDAccessManager is AccessManagerUpgradeable {
+    function initialize() public initializer {
+        __AccessManager_init(msg.sender);
+    }
+}

ignition/modules/OIDAccessManager.ts

@@ -0,0 +1,17 @@
+import { buildModule } from "@nomicfoundation/hardhat-ignition/modules";
+
+const OIDAccessManagerModule = buildModule("OIDAccessManagerModule", (m) => {
+	// const deployer = m.getAccount(0);
+
+	const manager = m.contract("OIDAccessManager", [], {});
+	m.call(manager, "initialize", []);
+
+	// m.call(manager, "labelRole", [1n, "APP_MANAGER_ROLE"]);
+
+	// console.log(appManager);
+	// m.call(manager, "grantRole", [1n, appManager, 0]);
+
+	return { manager };
+});
+
+export default OIDAccessManagerModule;

package.json

@@ -10,6 +10,8 @@
 		"@nomicfoundation/hardhat-verify": "^2.0.0",
 		"@nomicfoundation/hardhat-viem": "^2.0.0",
 		"@nomiclabs/hardhat-solhint": "^3.1.0",
+		"@openzeppelin/contracts": "^5.0.2",
+		"@openzeppelin/contracts-upgradeable": "^5.0.2",
 		"@types/chai": "^4.2.0",
 		"@types/chai-as-promised": "^7.1.6",
 		"@types/mocha": ">=9.1.0",