rkhamis commented 5 years ago

In this storycard, we expect the behavior to be:

User ACLs:

properties of user:
- threebot_id
- email
- pubkey
- ipaddr
behavior of access:
- Read
- Write

Circle ACLs:

properties of user:
- name
- description
- user_members (corresponds to users)
- circle_members (correspondes to circles)
behavior of access:
- Read
- Write

This means that if a user has write access, but the circle is read-only, the user keeps the right access
if the circle gives right access, all its users have right access, even if the user itself has only read-only access. Thereby, getting write access.

BolaNasr commented 5 years ago

Access Control List

An access-control list (ACL), with BCDB, is a list of permissions attached to an object. An ACL specifies which users or circles are granted access to objects

User ACLs:

properties of user:
- threebot_id
- email
- pubkey
- ipaddr
behavior of access:
- Read (r)
- Write (w)

Circle ACLs (groups):

properties of user:
- name
- description
- email
- threebot_id
- user_members (corresponds to users)
- circle_members (correspondes to circles)
behavior of access:
- Read
- Write

example

bcdb = j.data.bcdb.get("test")

#create user
u = bcdb.user.new()
u.name = "kds_1"
u.email = "user1@me.com" 
u.threebot_id = "user1.ibiza"
u.save()

#create circle
g = bcdb.circle.new()
g.name = "circle_1"
g.email = "circle1@me.com"
g.dm_id = "circle1.ibiza"
g.user_members = [1] # you can add all users need
g.save()

# create new model and will add our acl to this model
schema = """
    @url = despiegk.test5.acl
    name = "" 
    an_id = 0
        """

model = bcdb.model_get_from_schema(schema)
a = model.new()

# that will add right to the circle and all users in the circle
a.acl.rights_set(userids=[], circleids=[1], rights="rw")

assert a.acl.rights_check(1, "r") is True
assert a.acl.rights_check(1, "rw") is True
assert a.acl.rights_check(1, "w") is True

run the test

j.data.bcdb.test(name="acl")

siddiquagig commented 5 years ago

Ran the test :

JSX> j.data.bcdb.test("acls")

Go the following error:

acls

My code is on the latest and this is a new installation.

3BOTDEVEL:3bot:jumpscaleX: git log -1
commit 2de63cfe6d9f79a45d80bd3eebc7e9367ea05e30 (HEAD -> development_jumpscale, origin/development_jumpscale)
Author: kristof de spiegeleer <>
Date:   Sun Jul 28 10:24:14 2019 +0200

    isntaller fix for root install

3BOTDEVEL:3bot:digitalmeX: git log -1
commit dc0feede4c2e389076e78019234c461a6ae17abe (HEAD -> development_jumpscale, origin/development_jumpscale)
Author: kristof de spiegeleer <>
Date:   Sat Jul 27 12:24:08 2019 +0200

    reformat?

BolaNasr commented 5 years ago

@siddiquagig please check you system or your old data you have it works good ( i have last commit)

siddiquagig commented 5 years ago

Working now, Tried on a new installation again.

acl2

3BOTDEVEL:test:jumpscaleX: git log -1
commit 95f10743d28bc5508036ad5bb263e9fe7a08271b (grafted, HEAD -> development_jumpscale, origin/development_jumpscale)
Author: kristof de spiegeleer <>
Date:   Sun Jul 28 15:52:34 2019 +0200

    Merge branch 'development_jumpscale' of github.com:threefoldtech/jumpscaleX into development_jumpscale

threefoldtecharchive / jumpscaleX_archived

ACLs #748

Access Control List

User ACLs:

Circle ACLs (groups):

example

run the test