You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
dir is the same as objectmap, the loading is changed to the full local protocol stack, that is, dir+inner_path is loaded from the target protocol stack, and the subdir, chunk and file that a dir depends on must be completely in the same protocol stack, and the internal nodes are no longer support complicated search across protocol stacks (consistent with objectmap loading and operation behavior)
NDN
ndn loads data, supports three types
chunk_id
file_id
dir_id+inner-path
The new ACL needs to match the following fields
referer_object
req_path
Several key designs
The minimum granularity of permission control is the file_id/dir_id corresponding to the referer_object, or the chunk_id/file_id/dir_id in the direct request (if the referer_object is empty), finer granularity is not supported
A request supports at most one referer_object to specify the association with the request target; or if no referer_object is specified, multiple referer_objects are no longer supported
Bridge target_object_id and req_path through referer_object to determine the permission of target_object_id, so the permission determination is basically the following two modes
Load a chunk data directly, check the permissions as follows
referer_object is empty
Then use req_path+chunk_id directly for verification, that is, require chunk_id to be linked to root_state
referer_object = file_id
First check if chunk_id exists in file.chunklist
Then use req_path+file_id for verification, that is, the referenced file_id is required to be linked to root_state
referer_object = dir_id + inner_path
First get the corresponding file_id/dir_id through dir_id + inner_path
Check if chunk_id is in file.chunklist or embedded chunk in dir
Then use req_path+file_id or req_path + dir_id for verification, that is, the referenced file_id/dir_id is required to be linked to root_state
for file_id
Load a file data directly, verify the permissions as follows
referer_object is empty
Then use req_path+file_id directly for verification, that is, file_id is required to be linked to root_state
referer_object = dir_id + inner_path
First get the corresponding file_id through dir_id + inner_path
Check if chunk_id is in file.chunklist
Then use req_path + dir_id for verification, that is, the referenced dir_id is required to be linked to root_state and meet the permission requirements
For dir_id+inner_path
Load a file corresponding to the internal path of dir, and the permission check is as follows The referer_object parameter is not accepted in this mode, and the dir_id itself is used directly
Use req_path + dir_id for verification, that is, the referenced dir_id is required to be linked to root_state and meet the permission requirements
The text was updated successfully, but these errors were encountered:
Loading logic of dir+inner-path
dir is the same as objectmap, the loading is changed to the full local protocol stack, that is, dir+inner_path is loaded from the target protocol stack, and the subdir, chunk and file that a dir depends on must be completely in the same protocol stack, and the internal nodes are no longer support complicated search across protocol stacks (consistent with objectmap loading and operation behavior)
NDN
ndn loads data, supports three types
The new ACL needs to match the following fields
Several key designs
for chunk-id
Load a chunk data directly, check the permissions as follows
Then use req_path+chunk_id directly for verification, that is, require chunk_id to be linked to root_state
First check if chunk_id exists in file.chunklist
Then use req_path+file_id for verification, that is, the referenced file_id is required to be linked to root_state
First get the corresponding file_id/dir_id through dir_id + inner_path
Check if chunk_id is in file.chunklist or embedded chunk in dir
Then use req_path+file_id or req_path + dir_id for verification, that is, the referenced file_id/dir_id is required to be linked to root_state
for file_id
Load a file data directly, verify the permissions as follows
Then use req_path+file_id directly for verification, that is, file_id is required to be linked to root_state
First get the corresponding file_id through dir_id + inner_path
Check if chunk_id is in file.chunklist
Then use req_path + dir_id for verification, that is, the referenced dir_id is required to be linked to root_state and meet the permission requirements
For dir_id+inner_path
Load a file corresponding to the internal path of dir, and the permission check is as follows
The referer_object parameter is not accepted in this mode, and the dir_id itself is used directly
Use req_path + dir_id for verification, that is, the referenced dir_id is required to be linked to root_state and meet the permission requirements
The text was updated successfully, but these errors were encountered: