Need a way to prevent an app from *accidentally* removing its own enrollment

gkc commented 2 months ago

Is your feature request related to a problem? Please describe.

Possibility that a user, managing enrollments, accidentally revokes their current enrollment. This would be super annoying and difficult, perhaps impossible to recover from.

Describe the solution you'd like

enroll:revoke throws an exception if the enrollment being revoked is the current connection's enrollment
add an extra parameter to allow the user (or app) to make the revoke request with some sort of "yes I know what I'm doing" flag e.g. 'force' or 'revokeself'
this flag could be added to EnrollParams
or we could modify the enroll verb syntax to allow enroll:revoke:revokeself:$enrollParamsJson or enroll:revoke:force:$enrollParamsJson

Describe alternatives you've considered

No response

Additional context

No response

murali-shris commented 2 months ago

@gkc 1) if enrollment being revoked is current connection enrollment 1.1 enroll:revoke:{"enrollmentId":"123"} - throw Exception 1.2 enroll:revoke:force:{"enrollmentId":"123"} - revoke the enrollment 2) if enrollment being revoked is some other client enrollment 2.1 enroll:revoke:{"enrollmentId":"123"} - revoke the enrollment 2.2 enroll:revoke:force:{"enrollmentId":"123"} - revoke the enrollment

Are these scenarios correct?

gkc commented 2 months ago

Yes they are

atsign-foundation / at_server