-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vault Sharing With GestaltId #30
Comments
Currently proposed way of achieving this :
|
Without this, the user has to copy paste the node ID after listing the nodes of a gestalt. With this, it should be possible to just directly pass in |
More testing for the social discovery is needed, I don't think we have robust testing of the entire loop between social discovery and gestalt expansion or contraction. |
I think we should get this at the very least before re-running the CLI demo after #551 is merged. |
IMO, this should be done in the ACL rather than like this, so that any node that joins a Gestalt automatically gains the permissions of the Gestalt |
That should already be true. But the social discovery system needs integration testing and/or simulation testing. |
There
Idk if i see anything in |
It should be in the gestalt graph too. Check that. |
This should work like this:
Both provider and identity and node id are all valid gestalt IDs, so that should be supported. |
What does this picture mean? |
You need to check the ACL and the GestaltGraph for if the permission union. |
We need to think about this in 2 dimensions:
In the second case, it does make sense to share to the whole other gestalt. In the first case, this would create a bit a weird UX, where sharing a vault to another node that you own, would send notifications to all the nodes in the gestalt. There's no gestalt synchronisation atm MatrixAI/Polykey#190. So in terms of achieving this, we may need to distinguish if it is shared to your own gestalt. If so, it should not send notifications to all the nodes in the gestalt. However it could still open it up to be pulled by other nodes in the same gestalt. Alternatively vaults across all nodes in the same gestalt can be pulled freely between each other by default. Then if you were to try share it your own node in your own gestalt, then it would just do nothing. No notifications are sent. It's a noop. I think we do the highlighted. |
@amydevs if you're working on this, make sure to start speccing out the tasks. |
Refer to MatrixAI/Polykey#626 for additional information on this, and work to be done on both PK and PK CLI should be attached to this issue. |
Moving this to |
Specification
A user should be able to use a node id, OR an identity to be able to share a vault, currently vaults can be shared only with node ID's, however, sharing with identities is a crucial part of Polykey.
The desired behaviour should be that sharing a vault with a nodeId shares the vault with the entire gestalt. This is because Gestalts are addressable by both nodeIds and identityProviderIds. Furthermore, the VaultShare handlers should also be able to accept identityProviderIds as well, and take the first discovered node of the identity to trust.
There are some implications regarding discovery. For example, in the case where node B trusts node A, and hence gestalt A, but node C joins gestalt A after this, so that node B does not know that node C is in gestalt A yet.
Additional Context
There is existing discussion about how to do this in Polykey: MatrixAI/Polykey#626. This CLI issue is derived from that.
Tasks
The text was updated successfully, but these errors were encountered: