Documentation ¶
Overview ¶
Package consent_mgmt_i provides functionality for sharing assets with other users, groups, or orgs.
Index ¶
- Variables
- func GetConsent(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func GetConsentAssetID(stub cached_stub.CachedStubInterface, consentID string) (string, error)
- func GetConsentID(datatypeID string, targetID string, ownerID string) string
- func GetConsentIDForDatatype(stub cached_stub.CachedStubInterface, ownerID string, targetID string, ...) (string, string, error)
- func GetConsentWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, consentID string, ...) (data_model.Consent, error)
- func GetConsentsWithCallerID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func GetConsentsWithOwnerID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func GetConsentsWithOwnerIDAndDatatypeID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func GetConsentsWithTargetID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func GetConsentsWithTargetIDAndDatatypeID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func GetConsentsWithTargetIDAndOwnerID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func Init(stub cached_stub.CachedStubInterface, logLevel ...shim.LoggingLevel) ([]byte, error)
- func PutConsent(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
- func PutConsentWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, ...) error
- func ValidateConsent(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) (simple_rule.Rule, data_model.Key, error)
Constants ¶
This section is empty.
Variables ¶
var ConsentKeyFunc asset_key_func.AssetKeyPathFunc = func(stub cached_stub.CachedStubInterface, caller data_model.User, consentAsset data_model.Asset) ([]string, error) { keyPath := []string{caller.GetPubPrivKeyId()} publicData := consentPublic{} json.Unmarshal(consentAsset.PublicData, &publicData) if caller.ID == publicData.TargetID { logger.Debug("Caller is target") keyPath = append(keyPath, consentAsset.AssetKeyId) return keyPath, nil } if consentAsset.IsOwner(caller.ID) { logger.Debug("Caller is owner of consent") keyPath = append(keyPath, consentAsset.AssetKeyId) return keyPath, nil } isAdmin, adminPath, _ := user_mgmt_c.IsUserAdminOfGroup(stub, caller.ID, publicData.TargetID) if isAdmin { logger.Debug("Caller is an admin of targer") keyPath, _ = user_mgmt_i.ConvertAdminPathToPrivateKeyPath(adminPath) keyPath = append(keyPath, consentAsset.AssetKeyId) return keyPath, nil } isAdmin, adminPath, _ = user_mgmt_c.IsUserAdminOfGroup(stub, caller.ID, consentAsset.OwnerIds[0]) if isAdmin { logger.Debug("Caller is an admin of consent owner: datatype consent") keyPath, _ = user_mgmt_i.ConvertAdminPathToPrivateKeyPath(adminPath) keyPath = append(keyPath, consentAsset.AssetKeyId) return keyPath, nil } logger.Debug("Failed to get keyPath") return nil, nil }
ConsentKeyFunc finds the keypath in an efficient manner, if caller is owner or target of consent, or admin of either. This function does not handle users who have access through "allowAccess". If you have access through "allowAccess", you should instead get the user object and call other functions as that user.
Functions ¶
func GetConsent ¶
func GetConsent(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsent returns the specified consent asset. Returns an error if no consent is found. Caller can be anyone with access to the consent key.
args: [datatypeID, targetID, ownerID]
datatypeID is the id of the consent datatype. targetID is the id of the consent target. ownerID is the id of the consent owner.
func GetConsentAssetID ¶
func GetConsentAssetID(stub cached_stub.CachedStubInterface, consentID string) (string, error)
GetConsentAssetID returns consent asset ID from consent ID. The returned consent asset ID can be used to get consent asset using asset_mgmt.
func GetConsentID ¶
GetConsentID returns the consent_id.
func GetConsentIDForDatatype ¶
func GetConsentIDForDatatype(stub cached_stub.CachedStubInterface, ownerID string, targetID string, datatypeID string) (string, string, error)
GetConsentIDForDatatype finds consent ID by checking datatype and parents of this datatype_i. returns consentID, consentAssetID, err returns "" if no matching consent is found
func GetConsentWithParams ¶
func GetConsentWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, consentID string, consentKey ...[]byte) (data_model.Consent, error)
GetConsentWithParams returns the consent asset given the consentID ConsentKey is optional if it's not passed in, it will try get consent key using ConsentKeyFunc
func GetConsentsWithCallerID ¶
func GetConsentsWithCallerID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsentsWithCallerID returns a list of consents created by the caller.
args: []
func GetConsentsWithOwnerID ¶
func GetConsentsWithOwnerID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsentsWithOwnerID returns a list of consents, sorted by ownerID.
args: [ownerID]
func GetConsentsWithOwnerIDAndDatatypeID ¶
func GetConsentsWithOwnerIDAndDatatypeID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsentsWithOwnerIDAndDatatypeID returns a list of consents, sorted by ownerID and datatypeID.
args: [ownerID, datatypeID]
func GetConsentsWithTargetID ¶
func GetConsentsWithTargetID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsentsWithTargetID returns a list of consents, sorted by targetID.
args: [targetID]
func GetConsentsWithTargetIDAndDatatypeID ¶
func GetConsentsWithTargetIDAndDatatypeID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsentsWithTargetIDAndDatatypeID returns a list of consents, sorted by targetID and datatypeID.
args: [targetID, datatypeID]
func GetConsentsWithTargetIDAndOwnerID ¶
func GetConsentsWithTargetIDAndOwnerID(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
GetConsentsWithTargetIDAndOwnerID returns a list of consents, sorted by targetID and ownerID.
args: [targetID, ownerID]
func Init ¶
func Init(stub cached_stub.CachedStubInterface, logLevel ...shim.LoggingLevel) ([]byte, error)
Init sets up the consent package by building an index table for consents.
func PutConsent ¶
func PutConsent(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) ([]byte, error)
PutConsent updates an existing consent or adds a new consent. Consent can be given to a datatype (all assets of a particular datatype). Caller must either be the owner of the consent or have access to the owner's private key.
args = [consent, consentKeyB64]
consent is the consent object. consentKeyB64 is only required when creating a new consent. A unique consent key must be used for each new consent.
func PutConsentWithParams ¶
func PutConsentWithParams(stub cached_stub.CachedStubInterface, caller data_model.User, consent data_model.Consent, consentKeyBytes []byte) error
PutConsentWithParams updates an existing consent or adds new consent. It takes consent object data_model.Consent, and consentKeyBytes []byte as arguments instead of args in JSON format.
consent is the consent object. consentKeyBytes is only passed when creating a new consent. A unique consent key must be used for each new consent.
func ValidateConsent ¶
func ValidateConsent(stub cached_stub.CachedStubInterface, caller data_model.User, args []string) (simple_rule.Rule, data_model.Key, error)
ValidateConsent gets the specified consent asset. If consent is found and if it passes the expiration date and access level checks, it returns filter rules and the consent key. Filter rule is a simple rule that contains consent owner ID which can be applied against an asset's owner ID, and either consent asset ID or consent datatype ID which can be applied against asset's datatypeID to filter out assets.
args: [datatypeID, ownerID, targetID, access, currTime]
targetID is the ID of the consent recipient. access is the desired access level that will be validated against the access recorded in the consent object. currTime is the current timestamp generated.
Types ¶
This section is empty.