Feature #2328
Updated by Tim Pierce over 10 years ago
The proposed permissions model for Keep is: * each request must be accompanied by a permissions token ** supported permissions are "read", "write" and "delete" * if the permissions token does not support the specified operation, the operation is rejected * the Keep server generates a permissions token each time it writes a block * the client is responsible for supplying the appropriate permissions token each time it issues a request Desired command Command line arguments argument to control permissions: enable/disable (i.e., everyone can read everything). @--no-permissions@? * @--enable-permissions=@ _true/false_ to enable or disable permission enforcement ** For transition, maybe support a @--generate-permissions@ flag and a @--enforce-permissions@ flag. ** Alternatively, make Keep always generate permission tokens, but only enforce them when the perms flag is turned on. ** Permissions are always required for DELETE * @--privileged-ip@ specifies IP addresses to be considered superuser. ** If permissions are disabled, index (@GET /index.txt@) and @DELETE@ do not work unless remote address matches @--privileged-ip@ command line argument * Permissions are always required for DELETE