🔒 Add Only owner Can Burn the ERC-721 Token

[jaglinux]

In current implementation, token id owner or approved owner can burn the respective token.
Limit the burn function to token id owner only.

Signed-off-by: Jagadish Krishnamoorthy jagdish.krishna@gmail.com

PR Checklist

• Because this PR includes a bug fix, relevant tests have been included.
• Because this PR includes a new feature, the change was previously discussed in an issue or in the discussions section.
• I didn't do anything of this.

---

[jaglinux]

IMHO, burn feature should be restricted to owner of token id only.
Submitted PR to fix this. (maybe should have opened issue first ?)

[jaglinux]

Should have rephrased it better. Who controls the right to burn should be left as an option for implementor/ package user to decide.
Given that inheritance methods are not supported, I am not sure of the approach to be taken.

[pcaversaccio]

@jaglinux Thanks for this PR. However, I do not agree that this should be implemented because of the following reasoning:

• The EIP-721 specification does not include how NFTs should be burned. So it's up to the author(s) how to implement it.
• To your point "Who controls the right to burn should be left as an option for the implementor/ package user to decide." -> If you have given an allowance to another user, one can simply use safeTransferFrom/transferFrom & burn (given your implementation) which is the equivalent of what I implemented directly with my burn function. It does not offer any additional security features that are not already existent in the current code base.
• My Vyper code is on purpose written in a composable way - if one desires to implement your feature, the complete logic in the internal function _burn can still be reused and just the external function burn can be adjusted. This will be very powerful once Vyper will support import via modules (VIP: Library Modules vyperlang/vyper#2431).

[jaglinux]

@pcaversaccio Agree with your explanation wrt "import via modules" approach.