permission.move

address 0xDF1 {
module A {
    resource struct Permission<Action> {
        action: Action
    }

    public fun create<Action>(action: Action): Permission<Action> {
        Permission<Action> { action }
    }

    public fun destroy<Action>(permission: Permission<Action>): Action {
        let Permission { action } = permission;
        action
    }
}

module B {

    use 0xDF1::A::{Self, Permission};

    resource struct AccessPermission {

    }

    // ... some code for granting ...

    public fun request_permission(account: &signer): Permission<AccessPermission> {
        assert(0x1::Signer::address_of(account) == 0xDF1, 0);

        A::create(AccessPermission {})
    }

    /// This function unpacks and then packs the permission
    public fun check_permission(
        permission: Permission<AccessPermission>
    ): (bool, Permission<AccessPermission>) {
        // if that code executes it obviously means that everything went okay
        let action = A::destroy<AccessPermission>(permission);

        // but we could do some additional checks, say
        // assert(action.can_do, 100);
        // if we had something inside of course

        (true, A::create<AccessPermission>(action))
    }
}
}