You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now a user can have either a read or write permission to a database.
In a scenario where records on the DB represent tokens, we want to add more control on who can insert records, and delete records. Inserting would be like minting, deleting like redeeming.
It is proposed to extend the RW flags on the user-to-db mapping to CRUD - create, read, update, delete.
Another option is to add a 5th flag "A" for "Access" to distinguish between users that can change the ACLs and those that cannot. Or maybe this is better done on the ACLs on the key?
In addition we need to review the relation between the database level permissions and key-level permissions and clearly define the rules:
Right now a user can have either a read or write permission to a database.
In a scenario where records on the DB represent tokens, we want to add more control on who can insert records, and delete records. Inserting would be like minting, deleting like redeeming.
It is proposed to extend the RW flags on the user-to-db mapping to CRUD - create, read, update, delete.
Another option is to add a 5th flag "A" for "Access" to distinguish between users that can change the ACLs and those that cannot. Or maybe this is better done on the ACLs on the key?
In addition we need to review the relation between the database level permissions and key-level permissions and clearly define the rules:
database \ key | Read | ReadWrite | (?) AccessControl
Create ..................... | ? | ? |
Read ......................... | ? | ? |
Update ..................... | ? | ? |
Delete ....................... | ? | ? |
Access ....................... | ? | ? |
The text was updated successfully, but these errors were encountered: