bc-xid 0.22.0

Unique, stable, extensible, and verifiable identifiers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

use bc_envelope::prelude::*;
use known_values::*;

use crate::{Error, Result};

#[derive(Debug, Clone, PartialEq, Eq, Hash)]
pub enum Privilege {
    /// Allow all applicable XID operations
    All,

    //
    // Operational Functions
    /// Authenticate as the subject (e.g., log into services)
    Auth,

    /// Sign digital communications as the subject
    Sign,

    /// Encrypt messages from the subject
    Encrypt,

    /// Elide data under the subject's control
    Elide,

    /// Issue or revoke verifiable credentials on the subject's authority
    Issue,

    /// Access resources under the subject's control
    Access,

    //
    // Management Functions
    /// Delegate priviledges to third parties
    Delegate,

    /// Verify (update) the XID document
    Verify,

    /// Update service endpoints
    Update,

    /// Remove the inception key from the XID document
    Transfer,

    /// Add or remove other verifiers (rotate keys)
    Elect,

    /// Transition to a new provenance mark chain
    Burn,

    /// Revoke the XID entirely
    Revoke,
}

impl From<&Privilege> for KnownValue {
    fn from(xid_privilege: &Privilege) -> Self {
        match xid_privilege {
            Privilege::All => PRIVILEGE_ALL,
            Privilege::Auth => PRIVILEGE_AUTH,
            Privilege::Sign => PRIVILEGE_SIGN,
            Privilege::Encrypt => PRIVILEGE_ENCRYPT,
            Privilege::Elide => PRIVILEGE_ELIDE,
            Privilege::Issue => PRIVILEGE_ISSUE,
            Privilege::Access => PRIVILEGE_ACCESS,

            Privilege::Delegate => PRIVILEGE_DELEGATE,
            Privilege::Verify => PRIVILEGE_VERIFY,
            Privilege::Update => PRIVILEGE_UPDATE,
            Privilege::Transfer => PRIVILEGE_TRANSFER,
            Privilege::Elect => PRIVILEGE_ELECT,
            Privilege::Burn => PRIVILEGE_BURN,
            Privilege::Revoke => PRIVILEGE_REVOKE,
        }
    }
}

impl TryFrom<&KnownValue> for Privilege {
    type Error = Error;

    fn try_from(known_value: &KnownValue) -> Result<Self> {
        match known_value.value() {
            PRIVILEGE_ALL_RAW => Ok(Self::All),
            PRIVILEGE_AUTH_RAW => Ok(Self::Auth),
            PRIVILEGE_SIGN_RAW => Ok(Self::Sign),
            PRIVILEGE_ENCRYPT_RAW => Ok(Self::Encrypt),
            PRIVILEGE_ELIDE_RAW => Ok(Self::Elide),
            PRIVILEGE_ISSUE_RAW => Ok(Self::Issue),
            PRIVILEGE_ACCESS_RAW => Ok(Self::Access),

            PRIVILEGE_DELEGATE_RAW => Ok(Self::Delegate),
            PRIVILEGE_VERIFY_RAW => Ok(Self::Verify),
            PRIVILEGE_UPDATE_RAW => Ok(Self::Update),
            PRIVILEGE_TRANSFER_RAW => Ok(Self::Transfer),
            PRIVILEGE_ELECT_RAW => Ok(Self::Elect),
            PRIVILEGE_BURN_RAW => Ok(Self::Burn),
            PRIVILEGE_REVOKE_RAW => Ok(Self::Revoke),

            _ => Err(Error::UnknownPrivilege),
        }
    }
}

impl From<&Privilege> for Envelope {
    fn from(xid_privilege: &Privilege) -> Self {
        Envelope::new(KnownValue::from(xid_privilege))
    }
}

impl TryFrom<Envelope> for Privilege {
    type Error = Error;

    fn try_from(envelope: Envelope) -> Result<Self> {
        let subject = envelope.subject();
        let known_value = subject.try_known_value()?;
        Privilege::try_from(known_value)
    }
}

impl EnvelopeEncodable for Privilege {
    fn into_envelope(self) -> Envelope { Envelope::from(&self) }
}