Module acl

Expand description

Capability-based access control for ma identities.

An AclMap maps principal strings to CapabilityEntry values. Deny always wins over allow; a wildcard deny closes access to everyone.

§Capabilities

Capabilities are plain strings. Built-in system capabilities:

Capability	Meaning
`"rpc"`	Send RPC messages via `/ma/rpc/0.0.1`
`"ipfs"`	Publish DID documents via `/ma/ipfs/0.0.1`
`"read"`	Read entities, config, and namespace contents
`"create"`	Create new namespaces or entities
`"update"`	Update existing namespaces or entities
`"delete"`	Delete namespaces or entities
`"*"`	Wildcard — grants all capabilities at this level

Entity and namespace ACLs may also use arbitrary capability strings that correspond to verb names or sub-namespace names.

§Key forms in an `AclMap`

Keys are principal strings — exactly one of:

Form	Meaning
`"*"`	Wildcard — matches any caller
`"did:ma:<identity>"`	Bare DID (no fragment)
`"#<local>"`	Local entity identifier
`"+<handle>.<path>"`	Named group of principals (unlimited depth)

§YAML format

acl:
  "*": [rpc, create]          # everyone: RPC + create
  "did:ma:alice": ["*"]        # alice: all capabilities
  "did:ma:bob": [rpc, read]   # bob: restricted
  "did:ma:eve":               # null / absent → explicit deny
  "+carlotta.friends": [rpc]         # group: all members get rpc
  "+alice.project4.admins": ["*"]  # deep path: project4 admins get all caps
  "+alice.enemies":                # group: all members denied

§Example

let mut acl = AclMap::new();
acl.insert("*".to_string(), CapabilityEntry::from_caps(["rpc"]));
acl.insert("did:ma:Qmevil".to_string(), CapabilityEntry::Deny);
assert!(check_cap(&acl, "did:ma:Qmgood", CAP_RPC).is_ok());
assert!(check_cap(&acl, "did:ma:Qmevil", CAP_RPC).is_err());

Enums§

CapabilityEntry: Capability set for a principal in an AclMap.

Constants§

CAP_CREATE: Create new namespaces or entities.
CAP_CRUD: Access the structured CRUD service via /ma/crud/0.0.1.
CAP_DELETE: Delete namespaces or entities.
CAP_INBOX: Deliver messages to an endpoint’s inbox (/ma/inbox/0.0.1).
CAP_IPFS: Publish DID documents via /ma/ipfs/0.0.1.
CAP_READ: Read entities, config, and namespace contents.
CAP_RPC: Send RPC messages via /ma/rpc/0.0.1.
CAP_UPDATE: Update existing namespaces or entities.
GROUP_PREFIX: Sigil that marks a group principal in an AclMap key.

Functions§

check_cap: Check whether caller has capability cap in acl.
is_principal_key: Return true if key is a principal key (identifies who).
is_valid_acl_key: Return true if key is a valid AclMap key.
normalize_principal: Normalise a caller identity for AclMap lookup.
validate_acl_map: Validate all keys in an AclMap, returning a descriptive error for the first invalid key found.

Type Aliases§

AclMap: Capability-based access control map.

Module acl

Module acl Copy item path

§Capabilities

§Key forms in an AclMap

§YAML format

§Example

Enums§

Constants§

Functions§

Type Aliases§

Module acl

§Key forms in an `AclMap`