1. 技术文章
  2. How can we give READ access to a particular resource while putting condition on some other resource in ACL file?

How can we give READ access to a particular resource while putting condition on some other resource in ACL file?

雨燕双飞 提交于 2019-12-24 08:47:22

问题


What I want to do is that give READ ACCESS to a particular participant the fields of other participants but putting condition on third resource.

Eg:

rule SampleRule{
       description: "Allow the Participant1 to view Participant2 profile"
       participant(m): "org.sample.blockchain.Participant1"
       operation: READ
       resource(v): "org.sample.blockchain.Participant2"
       condition:(
                  v.getIdentifier() == Record.Participant1.getIdentifier() 
                     && m.getIdentifier() == Record.Participant2.getIdentifier()
                )
       action: ALLOW
    }
    asset Record identified by Id {
       o String Id
       --> Participant1 Participant1
       --> Participant2 Participant2
    }
    participant Participant1 identified by EmailId{
       o String EmailId
       o String Name
       o Integer Age
    }
    participant Participant2 identified by EmailId{
       o String EmailId
       o String Name
       o Integer Age
    }

So here I want to give access of profile of participant2 to participant1 based on some asset record.

Is it possible to this thing in composer and if not what are the other options?


回答1:


I do not believe this is currently possible with Hyperledger Composer. You cannot look up an unrelated asset from within an ACL rule.

However, you can look up the identifier of a related asset. To make this possible, you would need to add a relationship from the participant to the record as follows:

asset Record identified by Id {
    o String Id
    --> Participant1 Participant1
    --> Participant2 Participant2
}

participant Participant1 identified by EmailId{
    o String EmailId
    o String Name
    o Integer Age
    --> Record record // note the new record field
}

You can then access the related record field from an ACL rule:

rule SampleRule {
    description: "Allow the Participant1 to view Participant2 profile"
    participant(m): "org.sample.blockchain.Participant1"
    operation: READ
    resource(v): "org.sample.blockchain.Participant2"
    condition: (
        m.record.getIdentifier() === v.record.getIdentifier()
    )
    action: ALLOW
}

We have a GitHub issue at the moment to resolve the relationships to related assets, which will allow you to look up all fields of a related asset:

https://github.com/hyperledger/composer/issues/1007



来源:https://stackoverflow.com/questions/44581833/how-can-we-give-read-access-to-a-particular-resource-while-putting-condition-on

标签
hyperledger-composer
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!