1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
use bc_xid::Privilege;
use clap::ValueEnum;
#[derive(ValueEnum, Copy, Clone, Debug, PartialEq, Eq, Default)]
pub enum XIDPrivilege {
/// Allow all applicable XID operations
#[default]
All,
//
// Operational Functions
/// Operational: Authenticate as the subject (e.g., log into services)
Auth,
/// Operational: Sign digital communications as the subject
Sign,
/// Operational: Encrypt messages from the subject
Encrypt,
/// Operational: Elide data under the subject's control
Elide,
/// Operational: Issue or revoke verifiable credentials on the subject's
/// authority
Issue,
/// Operational: Access resources under the subject's control
Access,
//
// Management Functions
/// Management: Delegate priviledges to third parties
Delegate,
/// Management: Verify (update) the XID document
Verify,
/// Management: Update service endpoints
Update,
/// Management: Remove the inception key from the XID document
Transfer,
/// Management: Add or remove other verifiers (rotate keys)
Elect,
/// Management: Transition to a new provenance mark chain
Burn,
/// Management: Revoke the XID entirely
Revoke,
}
impl From<XIDPrivilege> for Privilege {
fn from(privilege: XIDPrivilege) -> Self {
match privilege {
XIDPrivilege::All => Privilege::All,
XIDPrivilege::Auth => Privilege::Auth,
XIDPrivilege::Sign => Privilege::Sign,
XIDPrivilege::Encrypt => Privilege::Encrypt,
XIDPrivilege::Elide => Privilege::Elide,
XIDPrivilege::Issue => Privilege::Issue,
XIDPrivilege::Access => Privilege::Access,
XIDPrivilege::Delegate => Privilege::Delegate,
XIDPrivilege::Verify => Privilege::Verify,
XIDPrivilege::Update => Privilege::Update,
XIDPrivilege::Transfer => Privilege::Transfer,
XIDPrivilege::Elect => Privilege::Elect,
XIDPrivilege::Burn => Privilege::Burn,
XIDPrivilege::Revoke => Privilege::Revoke,
}
}
}