How can we give READ access to a particular resour

2019-07-29 17:10发布

站内文章 / 前端开发
47 0 0

问题:

What I want to do is that give READ ACCESS to a particular participant the fields of other participants but putting condition on third resource.

Eg:

rule SampleRule{
       description: "Allow the Participant1 to view Participant2 profile"
       participant(m): "org.sample.blockchain.Participant1"
       operation: READ
       resource(v): "org.sample.blockchain.Participant2"
       condition:(
                  v.getIdentifier() == Record.Participant1.getIdentifier() 
                     && m.getIdentifier() == Record.Participant2.getIdentifier()
                )
       action: ALLOW
    }
    asset Record identified by Id {
       o String Id
       --> Participant1 Participant1
       --> Participant2 Participant2
    }
    participant Participant1 identified by EmailId{
       o String EmailId
       o String Name
       o Integer Age
    }
    participant Participant2 identified by EmailId{
       o String EmailId
       o String Name
       o Integer Age
    }

So here I want to give access of profile of participant2 to participant1 based on some asset record.

Is it possible to this thing in composer and if not what are the other options?

回答1:

I do not believe this is currently possible with Hyperledger Composer. You cannot look up an unrelated asset from within an ACL rule.

However, you can look up the identifier of a related asset. To make this possible, you would need to add a relationship from the participant to the record as follows:

asset Record identified by Id {
    o String Id
    --> Participant1 Participant1
    --> Participant2 Participant2
}

participant Participant1 identified by EmailId{
    o String EmailId
    o String Name
    o Integer Age
    --> Record record // note the new record field
}

You can then access the related record field from an ACL rule:

rule SampleRule {
    description: "Allow the Participant1 to view Participant2 profile"
    participant(m): "org.sample.blockchain.Participant1"
    operation: READ
    resource(v): "org.sample.blockchain.Participant2"
    condition: (
        m.record.getIdentifier() === v.record.getIdentifier()
    )
    action: ALLOW
}

We have a GitHub issue at the moment to resolve the relationships to related assets, which will allow you to look up all fields of a related asset:

https://github.com/hyperledger/composer/issues/1007



标签: hyperledger-composer
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~