Skip to content

start refactoring creds behaviour for address #849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 26 commits into
base: main
Choose a base branch
from
Open

start refactoring creds behaviour for address #849

wants to merge 26 commits into from

Conversation

paulo-ocean
Copy link
Contributor

@paulo-ocean paulo-ocean commented Feb 26, 2025
edited
Loading

Fixes #810 #804

Changes proposed in this PR:

  • change creds behaviour for type 'address'
  • refactor + some aux functions
  • new Policy server specific type

@paulo-ocean paulo-ocean self-assigned this Feb 27, 2025
@paulo-ocean paulo-ocean marked this pull request as ready for review March 3, 2025 11:35
@paulo-ocean paulo-ocean marked this pull request as draft March 7, 2025 09:37
@paulo-ocean paulo-ocean marked this pull request as ready for review March 10, 2025 11:55
jamiehewitt15
jamiehewitt15 reviewed Mar 10, 2025
View reviewed changes
src/utils/credentials.ts Outdated
Comment on lines 86 to 89
// if no address-based credentials are defined (both allow and deny lists are empty), access to the asset is restricted to everybody;
// to allow access to everybody, the symbol * will be used in the allow list;
// if a web3 address is present on both deny and allow lists, the deny list takes precedence
// and access to the asset is denied for the respective address.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm kind of surprised that we agreed to implement this change. So the default behaviour is that if an asset published, no one can access it? Seems contrary to our mission statement 🤔

Copy link
Contributor Author

@paulo-ocean paulo-ocean Mar 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that's copied from the specs yes #804 #810 OceanProtocolEnterprise#25
makes perfectly sense to me for security reasons.

Copy link
Member

@jamiehewitt15 jamiehewitt15 Mar 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It makes sense to enterprise users... In the past Ocean has always taken the approach that everything is open by default and Enterprises must take extra steps if they don't like the default. So this is a fundamental shift in that approach

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm not gonna discuss that... please check with @alexcos20 . I just followed the specs and they make sense to me

Copy link
Member

@jamiehewitt15 jamiehewitt15 Mar 11, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see anything changing if we have a discussion, you may as well just go ahead. Nothing wrong with the implementation

jamiehewitt15
jamiehewitt15 approved these changes Mar 11, 2025
View reviewed changes
Copy link
Member

@jamiehewitt15 jamiehewitt15 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

paulo-ocean and others added 3 commits March 14, 2025 08:38
@paulo-ocean
Merge branch 'main' into issue-810-creds-address-behaviour
263bf4a
@paulo-ocean
Merge pull request #873 from oceanprotocol/issue-871-checkCredentials…
4136d96 
…-accessList

add support for accessList on download checkCredentials
@giurgiur99
Merge branch 'main' into issue-810-creds-address-behaviour
aaeb4d4 
# Conflicts:
#	src/@types/DDO/Credentials.ts
#	src/test/unit/credentials.test.ts
#	src/utils/credentials.ts
@giurgiur99 giurgiur99 self-requested a review as a code owner April 22, 2025 07:29
@giurgiur99 giurgiur99 assigned giurgiur99 and unassigned paulo-ocean Apr 23, 2025
mariacarmina
mariacarmina approved these changes Apr 24, 2025
View reviewed changes
Copy link
Member

@mariacarmina mariacarmina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@giurgiur99
Merge branch 'main' into issue-810-creds-address-behaviour
fcf6830 
# Conflicts:
#	package-lock.json
#	package.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jamiehewitt15 jamiehewitt15 jamiehewitt15 approved these changes

@mariacarmina mariacarmina mariacarmina approved these changes

@alexcos20 alexcos20 Awaiting requested review from alexcos20 alexcos20 is a code owner

@bogdanfazakas bogdanfazakas Awaiting requested review from bogdanfazakas bogdanfazakas is a code owner

@giurgiur99 giurgiur99 Awaiting requested review from giurgiur99 giurgiur99 is a code owner

Assignees

@giurgiur99 giurgiur99

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Credentials address: Change default behaviour
4 participants
@paulo-ocean @jamiehewitt15 @mariacarmina @giurgiur99