-
Notifications
You must be signed in to change notification settings - Fork 1
/
permissions.acl
52 lines (51 loc) · 1.71 KB
/
permissions.acl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
/**
* Access control rules for escrow network
*/
rule CreatePurchaseOrder {
description: "Only seller creates the purchase order"
participant(p): "org.acme.network.escrow.Seller"
operation: CREATE
resource(r): "org.acme.network.escrow.NewPurchaseOrder"
condition: ( r.seller.getIdentifier() == p.getIdentifier() )
action: ALLOW
}
rule CreateAccountNotify {
description: "Only the network bank can send the notification"
participant(p): "org.acme.network.escrow.NetworkBank"
operation: UPDATE
resource(r): "org.acme.network.escrow.NewEscrowAccount"
condition: ( r.swiftCode == p.getIdentifier() )
action: ALLOW
}
rule DepositCredit {
description: "Only the network bank can send the notification"
participant(p): "org.acme.network.escrow.NetworkBank"
operation: UPDATE
resource(r): "org.acme.network.escrow.DepositCredit"
condition: ( r.swiftCode == p.getIdentifier() )
action: ALLOW
}
rule DepositDebit {
description: "Only the network bank can send the notification"
participant(p): "org.acme.network.escrow.NetworkBank"
operation: UPDATE
resource(r): "org.acme.network.escrow.DepositCredit"
condition: ( r.swiftCode == p.getIdentifier() )
action: ALLOW
}
rule OrderShipment {
description: "Only seller can send the notification"
participant(p): "org.acme.network.escrow.Seller"
operation: UPDATE
resource(r): "org.acme.network.escrow.OrderShipment"
condition: ( r.sellerEmail == p.getIdentifier() )
action: ALLOW
}
rule OrderDelivery {
description: "Only buyer can send the notification"
participant(p): "org.acme.network.escrow.Buyer"
operation: UPDATE
resource(r): "org.acme.network.escrow.OrderDelivery
condition: ( r.buyerEmail == p.getIdentifier() )
action: ALLOW
}