Skip to content

Consider Origin & Share metadata conditional queries in the filtering #22

New issue
New issue
Open
Open
Consider Origin & Share metadata conditional queries in the filtering#22
Labels
futureWill be added in a future version
@dimstav23

Description

@dimstav23
dimstav23
opened on Apr 2, 2023

Current filtering rules:

  • We perform the filtering based on the user key and conditional user key provided in the default policy or query respectively.
    They have to be present either as the user owner or in the shared users set.
  • We examine whether all the purposes are in the purpose set of the KV pair.
  • We examine whether none of the purposes is in the objection set of the KV pair.
  • We examine the expiration time of the KV pair.
  • We check whether logging is required for the KV pair.

Future rules (if needed):

  • Check the conditional origin provided in the query or in the default policy. This implementation currently is commented out as it's really restrictive. Origin is a single string value.
  • Check for the matching of the shared users set, either provided by the default policy or as a conditional query parameter. Shared metadata field accepts multiple values. TBD: The provided (conditional or default) values should be subset of the KV pair shared set or they should match exactly?
  • Check the conditional objection (objObjectionIs) parameter. For now, since we are based on purposes, it doesn't really make sense.

Metadata

Metadata

Assignees

No one assigned

    Labels

    futureWill be added in a future version

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions