From ac236500aa875cc0d3329192f49c809b0e306fd4 Mon Sep 17 00:00:00 2001 From: Simon Meier Date: Mon, 29 Nov 2021 14:02:51 +0100 Subject: [PATCH 1/2] user management: add ActAsAnyPartyRight, optional primary party CHANGELOG_BEGIN CHANGELOG_END Breaks-protobuf: true --- .../v1/admin/user_management_service.proto | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto b/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto index 32921d8fd661..8321c99b917c 100644 --- a/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto +++ b/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto @@ -39,7 +39,7 @@ service UserManagementService { rpc GetUser (GetUserRequest) returns (User); // Delete an existing user and all its rights. - rpc DeleteUser (DeleteUserRequest) returns (google.protobuf.Empty); + rpc DeleteUser (DeleteUserRequest) returns (DeleteUserResponse); // List the all existing users. rpc ListUsers (ListUsersRequest) returns (ListUsersResponse); @@ -72,14 +72,27 @@ message User { // The primary party as which this user reads and acts by default on the ledger // _provided_ it has the corresponding ``CanReadAs(primary_party)`` or // ``CanActAs(primary_party)`` rights. + // + // Ledger API clients SHOULD set this field to a non-empty value for all users to + // enable the users to act on the ledger using their own Daml party. + // Ledger API clients MAY set this field to empty for special users; e.g., a user + // that is granted ``CanReadAsAnyParty`` so that it can export the data for all parties + // hosted on the participant node. string primary_party = 2; } + // A right granted to a user. message Right { // The user is allowed to administrate the participant node. message ParticipantAdmin {} + // The user can authorize commands for any party hosted on this participant node. + message CanActAsAnyParty {} + + // The user can all read ledger data visible to some party on this participant node. + message CanReadAsAnyParty {} + // The user can authorize commands for the given party. message CanActAs { string party = 1; @@ -92,8 +105,9 @@ message Right { oneof kind { ParticipantAdmin participant_admin = 1; - CanActAs can_act_as = 2; - CanReadAs can_read_as = 3; + CanActAsAnyParty can_act_as_any_party = 2; + CanActAs can_act_as = 3; + CanReadAs can_read_as = 4; } } @@ -123,6 +137,9 @@ message DeleteUserRequest { string user_id = 1; } +message DeleteUserResponse { +} + // Required authorization: ``HasRight(ParticipantAdmin)`` message ListUsersRequest { // TODO: add pagination, cf. https://cloud.google.com/apis/design/design_patterns#list_pagination From 4be45d4a9421da1b20fb50322437840cf74c5033 Mon Sep 17 00:00:00 2001 From: Simon Meier Date: Thu, 2 Dec 2021 14:01:47 +0100 Subject: [PATCH 2/2] Remove xxxAnyParty rights. --- .../ledger/api/v1/admin/user_management_service.proto | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto b/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto index 8321c99b917c..1de4dfac52d5 100644 --- a/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto +++ b/ledger-api/grpc-definitions/com/daml/ledger/api/v1/admin/user_management_service.proto @@ -87,12 +87,6 @@ message Right { // The user is allowed to administrate the participant node. message ParticipantAdmin {} - // The user can authorize commands for any party hosted on this participant node. - message CanActAsAnyParty {} - - // The user can all read ledger data visible to some party on this participant node. - message CanReadAsAnyParty {} - // The user can authorize commands for the given party. message CanActAs { string party = 1; @@ -105,9 +99,8 @@ message Right { oneof kind { ParticipantAdmin participant_admin = 1; - CanActAsAnyParty can_act_as_any_party = 2; - CanActAs can_act_as = 3; - CanReadAs can_read_as = 4; + CanActAs can_act_as = 2; + CanReadAs can_read_as = 3; } }