This repository has been archived by the owner on Sep 30, 2023. It is now read-only.
Permissions based on identity and new identity providers #31
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
May be misunderstanding new identity providers, but it seem like the permissions, specifically write permission in this example should be based on the identity id and then use the identity provider to verify. Orbitdb keys are provisioned upon use and in different systems identities may be used across differing contexts (or have revocation, rotations, etc) where there will be different local orbitdb keys for signing (for same id). So seems like permissions would be based on identity id not the orbitdb pubkey. ( i saw the orbit identity provider where these are one and the same). And why verify identity in orbitdb AC if not using that identity for access control.
This code was just for context and explanation, not tested yet. Two changes, one, used identity.id for permissions, and then in ipfs access controller if using identity.id, also verify identity.
If the explanation above was intended functionality I can finish creating and testing this PR.