You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 26, 2021. It is now read-only.
We may want to restrict the amount of the Brick graph that is exposed to a given user.
This is probably the most straightforward way of accomplishing this:
The security principal is a private key; a key maps to a set of permissions.
A key can create new keys with a subset of its permissions. A key can revoke keys it created. There will be a "master" key for an instance of HodDB.
A set of permissions is the set of nodes/edges in a Brick graph that are allowed to be returned for the key making the request. The set is defined as the union of a number of Brick queries. When a key makes a query, the returned results are the intersection of the permission set and the query results. obviously, the permission set can be computed just once whenever the underlying graph changes and cached for further use.
The text was updated successfully, but these errors were encountered:
We may want to restrict the amount of the Brick graph that is exposed to a given user.
This is probably the most straightforward way of accomplishing this:
The security principal is a private key; a key maps to a set of permissions.
A key can create new keys with a subset of its permissions. A key can revoke keys it created. There will be a "master" key for an instance of HodDB.
A set of permissions is the set of nodes/edges in a Brick graph that are allowed to be returned for the key making the request. The set is defined as the union of a number of Brick queries. When a key makes a query, the returned results are the intersection of the permission set and the query results. obviously, the permission set can be computed just once whenever the underlying graph changes and cached for further use.
The text was updated successfully, but these errors were encountered: