search

reTHINK-project / dev-runtime-core

Javascript Runtime
Apache License 2.0
3 stars 3 forks source link

Policy Engine: subscription authorisation #76

Open pchainho opened 8 years ago

pchainho commented 8 years ago

The policy engine should use the new Message.Body.authboolean attribute to set whether an authorisation policy was enforced with sucess (true) or if no policy was found (true).

For the Data Object Creation / Subscription use cases, the following steps should be performed by the Policy Engine:

data object creation authorisation

1- look for valid policies to be enforced for this data object creation. Different criteria can be used including:

2- set "auth" in Message.body: 2.1- If auth policies found were successfuly enforced set auth=true 2.2- If no auth policies were found set auth=false 2.3- If auth policies found were unsuccessfuly enforced (not authorised) return a failure

3- for 2.1 and 2.2, Request Data Object Address Allocation. This is currently implemented in the Sync Manager and it is a question of cut and paste of source code. @shumy pls place here the source code

4- look for message.body.authorise array and take all HypertyURLs and set as pre-authorised for the authorised data object creation

data object subscription authorisation

1- look for valid policies to be enforced for this data object subscription. Different criteria can be used including: 1.1- user observer:

1.2- data object scheme 1.3- hyperty resource 1.4- user reporter 1.5- time

2- for 1.1 take Message.from and check for pre-authorised Observers previously defined by the Reporter (see above). depending on applicable policy set "Message.body.auth" value: 2.1 - user is pre-authorised set auth=true 2.2 - user is not pre-authorised set auth=false 2.3 - user is not authorised return error

AnaSLCaldeira commented 8 years ago

@pchainho: should Data Object Address Allocation a functionality of the Policy Engine? I believe the Syncher Manager is more suitable, as it manages data objects creation, but I can transfer the code to the Policy Engine if you find it better to.

Apart from this, the remaining points were implemented and committed except for the policy criteria 'hyperty resource'. A while ago we discussed that we needed to have a new field in the messages to specify which is the resource type of the incoming communication out of the ones supported by the hyperty. Is there any way that I can access this information without this field?