Hyperledger Fabric How to give full read access to all participants

0 votes

ACL:

rule NetworkAdminUser {
    description: "Grant business network administrators full access to user resources"
    participant: "org.hyperledger.composer.system.NetworkAdmin"
    operation: ALL
    resource: "**"
    action: ALLOW
}

rule NetworkAdminSystem {
    description: "Grant business network administrators full access to system resources"
    participant: "org.hyperledger.composer.system.NetworkAdmin"
    operation: ALL
    resource: "org.hyperledger.composer.system.**"
    action: ALLOW
}

rule SystemACL {
  description:  "System ACL to permit all access"
  participant: "org.hyperledger.composer.system.Participant"
  operation: ALL
  resource: "org.hyperledger.composer.system.**"
  action: ALLOW
}

rule transaction {
    description: "Allow participants full access to transactions"
    participant: "org.acme.shipping.participants.Person"
    operation: ALL
    resource: "org.acme.shipping.transactions.**"
    action: ALLOW
}

rule containers {
    description: "Allow participants access to containers owned by their company"
    participant(p): "org.acme.shipping.participants.Person"
    operation: ALL
    resource(c): "org.acme.shipping.assets.**"
    condition: (c.owner.getIdentifier() == p.company.getIdentifier())
    action: ALLOW
}

rule border {
    description: "Allow Border access to containers"
    participant(p): "org.acme.shipping.participants.Person"
    operation: READ
    resource: "org.acme.shipping.assets.**"
    condition: (p.company.type == "BORDER")
    action: ALLOW
}

Participant model file:

namespace org.acme.shipping.participants

participant Company identified by cid {
  o String cid
  o String name
  o CompanyType type
}

enum CompanyType {
  o BORDER
  o COURIER
  o SHIPPER
}

participant Person identified by id {
  o String id
  o String name
  --> Company company
}

Company type: BORDER (enum)

How can I do this?

Nov 9, 2018 in Blockchain by digger
 • 26,740 points 1,069 views

1 answer to this question.

0 votes

To do this, you must first provide READ access to the Person's own company using

rule readCompany {
    description: "Allow Read Access to Person's Own Company"
    participant(p): "org.acme.shipping.participants.Person"
    operation: READ
    resource(comp): "org.acme.shipping.participants.Company"
    condition: (p.company.getIdentifier() == comp.getIdentifier())
    action: ALLOW
}

Then can grant access to all the containers to the persons belonging to company of type Border using your same rule as

rule border {
    description: "Allow Border access to containers"
    participant(p): "org.acme.shipping.participants.Person"
    operation: READ
    resource: "org.acme.shipping.assets.**"
    condition: (p.company.type == "BORDER")
    action: ALLOW
}
answered Nov 9, 2018 by Omkar
 • 69,210 points

Related Questions In Blockchain

0 votes
1 answer

How to Delete All Cars form hyperledger Fabric and modify its arguments the chaincode and set the path to existing folder of chaincode

First, you will have to make changes ...READ MORE

answered Mar 25, 2019 in Blockchain by Kiran
 3,557 views
0 votes
1 answer

how to connect a web browser with the hyperledger fabric running blockchain peer container please give answers with step by step commands

Hello, It is not possible to connect a ...READ MORE

answered May 26, 2020 in Blockchain by anonymous
 934 views
+15 votes
5 answers

How to add Org or peer in Org dynamically in Hyperledger fabric?

I know it is a bit late ...READ MORE

answered Jul 27, 2018 in Blockchain by Omkar
 • 69,210 points
edited Jul 22, 2019 by Omkar 4,523 views
0 votes
1 answer

How do I use hyperledger fabric blockchain to build my own application?

To use fabric I would recommend you ...READ MORE

answered May 17, 2018 in Blockchain by Johnathon
 • 9,090 points 914 views
0 votes
1 answer

Hyperledger Sawtooth vs Quorum in concurrency and speed Ask

Summary: Both should provide similar reliability of ...READ MORE

answered Sep 26, 2018 in IoT (Internet of Things) by Upasana
 • 8,620 points 1,232 views
0 votes
0 answers

How to add a new organisation to an existing channel in hyperledger fabric without creating a new node/peer for that organisation. Can we add a organisation which does not contain any nodes?

May 2, 2019 in Blockchain by anonymous
 4,814 views
0 votes
1 answer

Invalid Batch or signature in Savtooth

This will solve your problem import org.apache.commons.codec.binary.Hex; Transaction txn ...READ MORE

answered Aug 1, 2018 in Blockchain by digger
 • 26,740 points 724 views
+1 vote
1 answer

What'd be the best database to store data on blockchain?

To read and add data you can ...READ MORE

answered Apr 25, 2018 in Blockchain by Christine
 • 15,790 points 1,281 views
0 votes
1 answer

Hyperledger Fabric: How to access transaction ID in invoke function?

You can access transaction ID in Invoke ...READ MORE

answered Nov 5, 2018 in Blockchain by Omkar
 • 69,210 points 2,176 views
0 votes
1 answer

Hyperledger Fabric: How to Enable Full Logging in Balance Transfer?

This is how you can do it. ...READ MORE

answered Nov 16, 2018 in Blockchain by Omkar
 • 69,210 points 1,244 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.