Module acl 

Access control lists for ma identities and DID URLs.

An Acl is a list of allow/deny rules keyed by DID URL or fragment. Deny always wins over allow; an identity-level deny covers all DID-URLs under that identity. The wildcard * grants public access.

YAML format

acl:
  - "*"           # public access
  - "did:ma:alice"
  - "!did:ma:eve"
  - "#read"
  - "!#write"

Example

let yaml = "acl:\n  - \"*\"\n  - \"!did:ma:Qmevil\"\n";
let acl = Acl::new_from_yaml(yaml).unwrap();
assert!(acl.is_allowed("did:ma:Qmgood#read"));
assert!(!acl.is_allowed("did:ma:Qmevil#read"));

Structs

Acl

An access control list for an ma entity.

AclPublishWorker