search

urbit / shrub

An operating function (Prototype)
https://urbit.org
MIT License
28 stars 2 forks source link

Circles as full-featured ACLs #23

Open tiller-tolbus opened 3 months ago

tiller-tolbus commented 3 months ago

A circle should be able to handle all of the general cases of access control over a resource, so that a resource can pull in a single %circle dependency and have all of the information it needs to approve or reject a request or command.

Here is a design that could work:

A circle denotes a set of exceptions to an established access level and rule. For example, a feed application knows that it is pulling in a circle dependency to determine who is able to read from (subscribe to) the feed. The circle only informs the application of membership. 

|%
::  assumed quantities 
+$  rule  ?(%public %private)
+$  level ?(%read %write)

::  circle-specific
+$  circle  (set exception)
+$  exception
  $%
    %ship  (set ship)
    %moon  (set ship)  ::  ship and all moons of ship
    %sein  (set ship)  :: ship and all sponsored by ship
    %rank  rank
  ==
--

This design probably sucks and could be refined. The way Clay does access control is interesting and could be copied, but we want to be able to discriminate on the basis of moon, sein, and rank as well.

hanfel-dovned commented 2 months ago

After discussing this, we determined that this should likely be built into Shrubbery core.

tiller-tolbus commented 2 months ago

@hanfel-dovned did Liam confirm this is on the roadmap?

tiller-tolbus commented 1 month ago

Re-opening and awaiting confirmation on core roadmap