github.com/muhammedhassanm/blockchain@v0.0.0-20200120143007-697261defd4d/Decentralized-Energy-Composer-master/permissions.acl

github.com/muhammedhassanm/blockchain@v0.0.0-20200120143007-697261defd4d/Decentralized-Energy-Composer-master/permissions.acl (about)

     1  /**
     2   * Access control rules for decentralized-energy-network
     3   */
     4  
     5  
     6  //Residents to have access only to their own account
     7  rule ResidentAccessOwnRecord {
     8      description: "Allow residents to access only their profile"
     9      participant(p): "org.decentralized.energy.network.Resident"
    10      operation: READ, UPDATE, DELETE
    11      resource(r): "org.decentralized.energy.network.Resident"
    12      condition: (r.getIdentifier() === p.getIdentifier())
    13      action: ALLOW
    14  }
    15  
    16  
    17  //Residents to have read only access to other Residents
    18  rule ResidentReadAccessResidents {
    19      description: "Allow residents read access to other residents"
    20      participant: "org.decentralized.energy.network.Resident"
    21      operation: READ
    22      resource: "org.decentralized.energy.network.Resident"
    23      action: ALLOW
    24  }
    25  
    26  //Residents to have read only access to other Banks
    27  rule ResidentReadAccessBanks {
    28      description: "Allow residents read access to other banks"
    29      participant: "org.decentralized.energy.network.Resident"
    30      operation: READ
    31      resource: "org.decentralized.energy.network.Bank"
    32      action: ALLOW
    33  }
    34  
    35  //Residents to have read only access to other Utility Companies
    36  rule ResidentReadAccessUtilityCompanies {
    37      description: "Allow residents read access to other utility companies"
    38      participant: "org.decentralized.energy.network.Resident"
    39      operation: READ
    40      resource: "org.decentralized.energy.network.UtilityCompany"
    41      action: ALLOW
    42  }
    43  
    44  
    45  //Residents to have read access to all coins assets
    46  rule ResidentAccessCoinsRecord {
    47      description: "Allow residents read access to all coins assets"
    48      participant: "org.decentralized.energy.network.Resident"
    49      operation: READ
    50      resource: "org.decentralized.energy.network.Coins"
    51      action: ALLOW
    52  }
    53  
    54  //Residents to have read access to all energy assets
    55  rule ResidentAccessEnergyRecord {
    56      description: "Allow residents read access to all energy assets"
    57      participant: "org.decentralized.energy.network.Resident"
    58      operation: READ
    59      resource: "org.decentralized.energy.network.Energy"
    60      action: ALLOW
    61  }
    62  
    63  //Residents to have read access to all cash assets
    64  rule ResidentAccessCashRecord {
    65      description: "Allow residents read access to all cash assets"
    66      participant: "org.decentralized.energy.network.Resident"
    67      operation: READ
    68      resource: "org.decentralized.energy.network.Cash"
    69      action: ALLOW
    70  }
    71  
    72  
    73  //Banks to have access to their own account
    74  rule BankAccessOwnRecord {
    75      description: "Allow banks to access only their profile"
    76      participant(p): "org.decentralized.energy.network.Bank"
    77      operation: READ, UPDATE, DELETE
    78      resource(r): "org.decentralized.energy.network.Bank"
    79      condition: (r.getIdentifier() === p.getIdentifier())
    80      action: ALLOW
    81  }
    82  
    83  //Banks to have read only access to other Banks
    84  rule BankReadAccessBanks {
    85      description: "Allow banks read access to other Banks"
    86      participant: "org.decentralized.energy.network.Bank"
    87      operation: READ
    88      resource: "org.decentralized.energy.network.Bank"
    89      action: ALLOW
    90  }
    91  
    92  //Banks to have read only access to other Residents
    93  rule BankReadAccessResidents {
    94      description: "Allow banks read access to other Residents"
    95      participant: "org.decentralized.energy.network.Bank"
    96      operation: READ
    97      resource: "org.decentralized.energy.network.Resident"
    98      action: ALLOW
    99  }
   100  
   101  //Banks to have read access to all coins assets
   102  rule BankAccessCoinsRecord {
   103      description: "Allow banks read access to all coins assets"
   104      participant: "org.decentralized.energy.network.Bank"
   105      operation: READ
   106      resource: "org.decentralized.energy.network.Coins"
   107      action: ALLOW
   108  }
   109  
   110  //Banks to have read/update access to all cash assets
   111  rule BankAccessCashRecord {
   112      description: "Allow banks read access to all cash assets"
   113      participant: "org.decentralized.energy.network.Bank"
   114      operation: READ
   115      resource: "org.decentralized.energy.network.Cash"
   116      action: ALLOW
   117  }
   118  
   119  
   120  //Utility Companies to have access to their own account
   121  rule UtilityCompanyAccessOwnRecord {
   122      description: "Allow utilty company to access only their profile"
   123      participant(p): "org.decentralized.energy.network.UtilityCompany"
   124      operation: READ, UPDATE, DELETE
   125      resource(r): "org.decentralized.energy.network.UtilityCompany"
   126      condition: (r.getIdentifier() === p.getIdentifier())
   127      action: ALLOW
   128  }
   129  
   130  //Utility Companies to have read only access to other Utility Companies
   131  rule UtilityCompanyReadAccessUtilityCompanies {
   132      description: "Allow utility companies read access to other Utility Companies"
   133      participant: "org.decentralized.energy.network.UtilityCompany"
   134      operation: READ
   135      resource: "org.decentralized.energy.network.UtilityCompany"
   136      action: ALLOW
   137  }
   138  
   139  //Utility Companies to have read only access to other Residents
   140  rule UtilityCompanyReadAccessResidents {
   141      description: "Allow utility companies read access to other Residents"
   142      participant: "org.decentralized.energy.network.UtilityCompany"
   143      operation: READ
   144      resource: "org.decentralized.energy.network.Resident"
   145      action: ALLOW
   146  }
   147  
   148  //Utility Companies to have read access to all coins assets
   149  rule UtilityCompanyAccessCoinsRecord {
   150      description: "Allow utility companies read access to all coins assets"
   151      participant: "org.decentralized.energy.network.UtilityCompany"
   152      operation: READ
   153      resource: "org.decentralized.energy.network.Coins"
   154      action: ALLOW
   155  }
   156  
   157  //Utility Companies to have read/update access to all energy assets
   158  rule UtilityCompanyAccessEnergyRecord {
   159      description: "Allow utility companies read access to all energy assets"
   160      participant: "org.decentralized.energy.network.UtilityCompany"
   161      operation: READ
   162      resource: "org.decentralized.energy.network.Energy"
   163      action: ALLOW
   164  }
   165  
   166  rule SystemACL {
   167    description:  "System ACL to permit all access"
   168    participant: "org.hyperledger.composer.system.Participant"
   169    operation: ALL
   170    resource: "org.hyperledger.composer.system.**"
   171    action: ALLOW
   172  }
   173  
   174  rule NetworkAdminUser {
   175      description: "Grant business network administrators full access to user resources"
   176      participant: "org.hyperledger.composer.system.NetworkAdmin"
   177      operation: ALL
   178      resource: "**"
   179      action: ALLOW
   180  }
   181  
   182  rule NetworkAdminSystem {
   183      description: "Grant business network administrators full access to system resources"
   184      participant: "org.hyperledger.composer.system.NetworkAdmin"
   185      operation: ALL
   186      resource: "org.hyperledger.composer.system.**"
   187      action: ALLOW
   188  }