Update to work with current UMA api Feat/odrl#49
Conversation
woutslabbinck
left a comment
There was a problem hiding this comment.
I have some minor comments that do require some changes. Most are due to the documentation that needs some updates to make it more clear
|
|
||
| ## Mock policy injection | ||
|
|
||
| If no policy matches the target resource, the user interface hides the access request. Run these commands to insert initial policies. |
There was a problem hiding this comment.
Also elaborate quickly for each policy what they do.
I got confused while following the approval flow: why does alice also have append access?
There was a problem hiding this comment.
This is append since there has to be atleast one policy present and validating read-access after the request is simpler than update
| ``` | ||
|
|
||
| ### Request checking | ||
| You can evaluate state machine accuracy after an approval using the ``trustflows-client``. |
There was a problem hiding this comment.
Which version do I have to install? I know this was an issue, so could you give the exact npm install instructions?
Note that I have not tested it since I do currenlty know which version it requires.
Could also be precise in what this code does?
We did this such that alice indeed can now read the resource following the uma request. Without the access, she would've not gotten any access at all.
woutslabbinck
left a comment
There was a problem hiding this comment.
We are getting close. Could you btw change the known limitations to the bottom of the page? It currently breaks the documentation
| ### Windows (PowerShell) | ||
|
|
||
|
|
||
| Give Carol append access to Bob's readme, *(This is append since Alice requests read-permissions later in the demo)* |
There was a problem hiding this comment.
Isn't it Alice you are giving access to?
There was a problem hiding this comment.
Fixed: Tried to give access to a third actor but this felt more confusing than to just give a different kind of permission. and accidently left the name in
|
|
||
| const authFetch = auth.createAuthFetch(); | ||
|
|
||
| const targetUrl = "http://localhost:3000/bob/README"; |
There was a problem hiding this comment.
If I try this with resource http://localhost:3000/bob/profile, I still get a 200. Even though Alice should not have the right permissions for that.
I think this is due to the server configuration, but this requires some additional testing on why this is possible.
No description provided.