Function hdk::capability::create_cap_claim [−][src]
pub fn create_cap_claim(
cap_claim_entry: CapClaimEntry
) -> ExternResult<HeaderHash>
Expand description
Create capability claims on the local source chain.
Wraps the create
HDK function with system type parameters set.
This guards against sending application entry data or setting the wrong entry type.
Capability claims are grant secrets that have been received from someone else. The grant entry is never sent, only the associated secret. The claim should be created on the local source chain so that it can be retrieved for later use.
Grantees of CapGrant
secrets use CapClaim
entries to save the secret.
The CapClaim
contains the secret, tag and issuing agent.
Only the secret should ever be sent back to the issuing agent, everything else is only for local
administering, querying and filtering.
There is no guarantee that any CapClaim
is currently usable without trying it.
The author of the corresponding CapGrant can revoke it at any time or be unreachable on the network.
Any crate::p2p::call_remote
will return a ZomeCallResponse::Unauthorized
when the grantor considers the
secret invalid for the call. The caller is expected to handle this gracefully.
If the author of the CapGrant
is reachable on the network and has not revoked the grant they will allow any
agent with a valid secret and pubkey to crate::p2p::call_remote
externs on the grant author’s machine.
Commits to the grantor’s source chain will be signed by the grantor, even if initiated. by a claimant. Delegating agency to grantee claimants is a serious responsibility!