0

At the Hyperledger Composer github, they give an example of a conditional ACL script with an optional transaction clause. In the example they provide, it's operations access to the asset owner and INITIATOR of the transaction.

rule SampleConditionalRuleWithTransaction { description: "Description of the ACL rule" participant(m): "org.example.SampleParticipant" operation: READ, CREATE, UPDATE resource(v): "org.example.SampleAsset" transaction(tx): "org.example.SampleTransaction" condition: (v.owner.getIdentifier() == m.getIdentifier()) action: ALLOW }

What if I want the 'recipient' of the transaction, to be given READ rights to the transaction initiator's assets? For example, a participant transaction that authorizes or revokes a regulators read rights to the transaction initiators (owner/participant's) assets.

Thanks for any help provided!

Brad S.
  • 1
  • 2
  • Have you seen this tutorial which covers ACLs in more detail? https://hyperledger.github.io/composer/next/tutorials/acl-trading.html Note that this doc is in the 'next' stream of the documentation i.e. Composer v0.18.*, but it should work fine with composer v0.16.* in the 'latest' stream. – R Thatcher Mar 12 '18 at 17:53
  • I hadn't seen this. The permissions examples in your link don't address what I'm looking for, quite. I know I can set up permissions that are more persistent for a regulator participant, but wanted a permission that is granted and revoked through a transaction by the asset owner/participant. Thank you very much for your reply! – Brad S. Mar 12 '18 at 22:38

1 Answers1

0

In an asset definition you can have a field, allowed_viewer field and based on that you can have define rules to view the asset

Example In the cto file,

asset Commodity identified by tradingSymbol {
  o String tradingSymbol
  o String description
  o String mainExchange
  o Double quantity
  o Trader[] allowed_viewer
  --> Trader owner
}

In acl file

rule R1a_Traderview {
  description: "Everyone in allowed_viewer can view"
  participant(p): "org.example.trading.Trader"
  operation: READ
  resource(r): "org.example.trading.Commodity"
  condition: (r.allowed_viewer.indexOf(p.getIdentifier())>=0)
  action: ALLOW
}
swaraj jena
  • 21
  • 4