search

ssbc / ssb-server

The gossip and replication server for Secure Scuttlebutt - a distributed social network
1.68k stars 164 forks source link

Docs — RPC protocol #736

Open nichoth opened 3 years ago

nichoth commented 3 years ago

Hey. I had a question that I couldn't find here or in the protocol guide. It says that peers replicate by calling createHistoryStream via RPC, but I was curious about where the permissions for RPC are created. For example, you wouldn't be able to call .publish on a remote server, to publish a message under the remote id.

clehner commented 3 years ago

Hi @nichoth,

Plugins specify permissions: https://github.com/ssb-js/secret-stack/blob/main/PLUGINS.md#pluginpermissions-object-optional

To make a method public, it should be included in the anonymous array in the permissions object. e.g. the example in the above linked file makes a localPeers method public:

  permissions: {
    anonymous: [ 'localPeers' ]                                         
  },

createHistoryStream has it specified here: https://github.com/ssbc/ssb-db/blob/master/index.js#L50

anonymous is the permission group that all remote callers are in by default. The local user and ssb-master-authenticated callers can call any method by default.

nichoth commented 3 years ago

thanks @clehner !

stale[bot] commented 3 years ago

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?