Feature #2328

Updated by Tim Pierce over 10 years ago

The proposed permissions model for Keep is: 
 * each request must be accompanied by a permissions token 
 ** supported permissions are "read", "write" and "delete" 
 * if the permissions token does not support the specified operation, the operation is rejected 
 * the Keep server generates a permissions token each time it writes a block 
 * the client is responsible for supplying the appropriate permissions token each time it issues a request 

 Desired command Command line arguments argument to control permissions: enable/disable (i.e., everyone can read everything). @--no-permissions@? 
 * @--enable-permissions=@ _true/false_ to enable or disable permission enforcement 
 ** For transition, maybe support a @--generate-permissions@ flag and a @--enforce-permissions@ flag. 
 ** Alternatively, make Keep always generate permission tokens, but only enforce them when the perms flag is turned on. 
 ** Permissions are always required for DELETE 
 * @--privileged-ip@ specifies IP addresses to be considered superuser. 
 ** If permissions are disabled, index (@GET /index.txt@) and @DELETE@ do not work unless remote address matches @--privileged-ip@ command line argument 
 * Permissions are always required for DELETE