Comments (5)
Another aspect which was discussed: it'd be nice to also have permissions based on an ip white/black list. For example, instances of apps running on a test server should not be allowed to read from but not write to live nodes. They will likely user the same auth key as the real apps, but can be distinguished by their ip.
from swarm.
A simple initial idea for client-based permissions:
- We add support for a set of action categories to be defined by the node. (e.g.
"read", "write", "delete"
.) (These will need to vary by node, as some node types have different concepts of destructive requests, for example.) - Each request is assigned to one of these categories. (See https://github.com/sociomantic-tsunami/swarm/blob/v4.x.x/src/swarm/neo/node/ConnectionHandler.d#L65.)
- The node's credentials file (or some config file) is extended to also allow specifying whether each client is allowed/disallowed to perform each action. (It may make sense to have the default permission always be "disallow", unless configured otherwise.)
- When a client sends a request to a node, the node can look up the action category of the request and the permissions of the client, then decide whether to continue handling the request or return some error code.
from swarm.
Another aspect which was discussed: it'd be nice to also have permissions based on an ip white/black list. For example, instances of apps running on a test server should not be allowed to read from but not write to live nodes. They will likely user the same auth key as the real apps, but can be distinguished by their ip.
I think this is a separate idea. I don't think the implementation would share much in common with the per-client / per-request permissions. Split to #166.
from swarm.
It may make sense to have the default permission always be "disallow", unless configured otherwise.
This would be a major breaking change, though :D
from swarm.
After some discussion, we decided to go for a super simple scheme, as follows:
- #169 enables request handlers in the node to get the name of the connected client.
- For very sensitive requests (e.g.
RemoveChannel
,Redistribute
), we add a simple check that the client's name is"admin"
and send an error status code, if not.
This approach addresses all of our current needs. We can extend it to a more complicated system, if we ever need one.
Nothing more to do here.
from swarm.
Related Issues (20)
- Add SwarmServer application base class HOT 2
- Replace internal usage of NodeItem with AddrPort HOT 2
- Make turtle.env.Node less abstract
- Simpler client request interface? HOT 14
- Don't log stats for unused requests
- Add framework for per-request throughput stats (client) HOT 6
- [turtle] Generate credentials file for the client
- Deprecate non-scoped controller access HOT 3
- Add new throttler / stream processor for use with neo clients HOT 2
- `ISuspendable.resume` implementations must not cause context switching HOT 6
- Differentiate failure reasons of `swarm.client.RequestOnConn.useNode` HOT 1
- Buffer growth warning size limit is now too small
- Neo connection handler slowdown with high number of scheduler worker fibers
- Log warning on attempted access by unauthorised client
- Drop D1 support HOT 1
- Fix neo Suspendable to work with oceans ISuspendable Interface HOT 1
- Stop using templates Const, Immut and Inout HOT 1
- Neo requests escape a reference to a stack variable. HOT 3
- Support alternative task scheduling mechanisms
- Use newest version of ocean to unblock dmd's buildkite HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from swarm.