[INDY-1554] Need to enhance write permissions for Revocation transactions - Hyperledger JIRA

XML

Word

Printable

Details

Type: Task
Status: Complete
Priority: Medium
Resolution: Done
Affects Version/s: None
Fix Version/s: 1.7.1
Component/s: None
Labels:
None

Epic Link:
Configurable Auth Rules
Sprint:
Ev-Node 19.05, Ev-Node 19.06
Documentation Impact:
Unset

Description

As of now, there are no write permissions for REVOC_REG_DEF and REVOC_REG_ENTRY txns.

https://github.com/hyperledger/indy-node/blob/master/indy_node/test/nym_txn/test_nym_auth_rules.py

Accepatance criteria:

Add tests and enhance permissions so that

if ANYONE_CAN_WRITE=True
- REVOC_REG_DEF:
  - Anyone can create new REVOC_REG_DEF
  - Only owners can edit existing REVOC_REG_DEF
- REVOC_REG_ENTRY:
  - Only the owner of the corresponding REVOC_REG_DEF can create new REVOC_REG_ENTRY
  - Only owners can edit existing REVOC_REG_ENTRY
if ANYONE_CAN_WRITE=False
- REVOC_REG_DEF:
  - Only Trustee/Steward/TrustAnchor can create new REVOC_REG_DEF
  - Only owners can edit existing REVOC_REG_DEF
- REVOC_REG_ENTRY:
  - Only the owner of the corresponding REVOC_REG_DEF can create new REVOC_REG_ENTRY
  - Only owners can edit existing REVOC_REG_ENTRY

Integration tests makes sense to do in a similar way as for NYM: https://github.com/hyperledger/indy-node/blob/master/indy_node/test/nym_txn/test_nym_auth_rules.py

Attachments

Issue Links

relates to

INDY-1528 Trust anchor permission not needed for ledger writes

Complete

INDY-1957 Confirm that Trust Anchor role works as intended

Complete

INDY-2030 ID sent by client in Revoc txns must match the TXN_ID in the txn

New

Activity

People

Assignee:: Vladimir Shishkin

Reporter:: Alexander Shcherbakov

Watchers:: Alexander Shcherbakov, Cam Parra, Vladimir Shishkin

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Aug/18 2:08 PM

Updated:: 29/Mar/19 8:34 PM

Resolved:: 29/Mar/19 8:34 PM