herocode/db
12
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
despiegk 2025-04-21 11:46:23 +02:00
parent 537cf58b6f
commit 6d64b7b651
4 changed files with 154 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

154
acldb/README.md Normal file
View File

@ -0,0 +1,154 @@
# ACLDB - Access Control Database
ACLDB is a secure, permission-based database system that provides fine-grained access control for data storage and retrieval. It's designed to work with the HeroDB ecosystem, offering a robust solution for managing data with complex access control requirements.
## Overview
ACLDB organizes data into "circles" and "topics" with comprehensive access control lists (ACLs) that govern who can read, write, delete, or administer different pieces of data. It's built on top of OurDB and TST (Ternary Search Tree) for efficient storage and retrieval.
## Key Features
- **Fine-grained Access Control**: Define who can access what data with a hierarchical permission system
- **Circle-based Organization**: Group data by circles (e.g., organizations, teams, projects)
- **Topic-based Categorization**: Organize data within circles by topics
- **Permission Levels**: Supports Read, Write, Delete, Execute, and Admin permission levels
- **RPC API**: Access all functionality through a well-defined RPC interface
- **REST API Server**: Includes a built-in HTTP server with Swagger/OpenAPI documentation
- **Async/Await Support**: Built with Rust's async/await for efficient concurrency
## Architecture
ACLDB consists of several key components:
1. **ACLDB**: The main database instance for a specific circle
2. **ACLDBTopic**: A database instance for a specific topic within a circle
3. **ACL**: Access Control List for managing permissions
4. **Server**: HTTP server for exposing the RPC API
5. **RpcInterface**: Interface for handling RPC requests
Data is stored using:
- **OurDB**: For efficient data storage and retrieval
- **TST**: For key-to-id mapping and prefix searches
## Permission System
ACLDB implements a hierarchical permission system with the following levels:
- **Read**: Allows reading data
- **Write**: Includes Read permission and allows writing data
- **Delete**: Includes Write permission and allows deleting data
- **Execute**: Includes Delete permission and allows executing operations
- **Admin**: Includes all permissions and allows managing ACLs
## API Methods
The RPC API provides the following methods:
### ACL Management
- **aclupdate**: Update or create an ACL with specified permissions
- **aclremove**: Remove specific public keys from an existing ACL
- **acldel**: Delete an entire ACL
### Data Operations
- **set**: Store data with optional ACL protection
- **get**: Retrieve data with ACL verification
- **del**: Delete data with ACL verification
- **prefix**: Search for keys with a specific prefix
## Usage Examples
### Starting the Server
```bash
# Start the server on localhost:8080
cargo run
# Start the server on a specific host and port
cargo run -- 0.0.0.0 9000
```
### API Documentation
Once the server is running, you can access the API documentation at:
```
http://localhost:8080/redoc
```
### Using the API
#### Creating an ACL
```json
{
"method": "aclupdate",
"params": {
"caller_pubkey": "user_public_key",
"circle_id": "my_circle",
"name": "project_data",
"pubkeys": ["user1_pubkey", "user2_pubkey"],
"right": "write"
},
"signature": "signature_here"
}
```
#### Storing Data with ACL Protection
```json
{
"method": "set",
"params": {
"caller_pubkey": "user_public_key",
"circle_id": "my_circle",
"topic": "documents",
"key": "doc1",
"value": "base64_encoded_data",
"acl_id": 1
},
"signature": "signature_here"
}
```
#### Retrieving Data
```json
{
"method": "get",
"params": {
"caller_pubkey": "user_public_key",
"circle_id": "my_circle",
"topic": "documents",
"key": "doc1"
},
"signature": "signature_here"
}
```
## Integration with Other Systems
ACLDB is designed to work seamlessly with other components of the HeroDB ecosystem. It can be used as:
1. A standalone database with access control
2. A backend for applications requiring fine-grained permissions
3. A component in a larger distributed system
## Development
### Prerequisites
- Rust 1.56 or later
- Cargo
### Building
```bash
cargo build
```
### Running Tests
```bash
cargo test
```

0
ourdb_example/src/main.rs → ourdb/examples/main.rs
View File

178
ourdb_example/Cargo.lock generated
View File

@ -1,178 +0,0 @@
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 4
[[package]]
name = "cfg-if"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]]
name = "crc32fast"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3"
dependencies = [
"cfg-if",
]
[[package]]
name = "getrandom"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
dependencies = [
"cfg-if",
"libc",
"wasi",
]
[[package]]
name = "libc"
version = "0.2.172"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa"
[[package]]
name = "log"
version = "0.4.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94"
[[package]]
name = "ourdb"
version = "0.1.0"
dependencies = [
"crc32fast",
"log",
"rand",
"thiserror",
]
[[package]]
name = "ourdb_example"
version = "0.1.0"
dependencies = [
"ourdb",
]
[[package]]
name = "ppv-lite86"
version = "0.2.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9"
dependencies = [
"zerocopy",
]
[[package]]
name = "proc-macro2"
version = "1.0.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778"
dependencies = [
"unicode-ident",
]
[[package]]
name = "quote"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d"
dependencies = [
"proc-macro2",
]
[[package]]
name = "rand"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
dependencies = [
"libc",
"rand_chacha",
"rand_core",
]
[[package]]
name = "rand_chacha"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
dependencies = [
"ppv-lite86",
"rand_core",
]
[[package]]
name = "rand_core"
version = "0.6.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
dependencies = [
"getrandom",
]
[[package]]
name = "syn"
version = "2.0.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0"
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
[[package]]
name = "thiserror"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "unicode-ident"
version = "1.0.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512"
[[package]]
name = "wasi"
version = "0.11.0+wasi-snapshot-preview1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "zerocopy"
version = "0.8.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2586fea28e186957ef732a5f8b3be2da217d65c5969d4b1e17f973ebbe876879"
dependencies = [
"zerocopy-derive",
]
[[package]]
name = "zerocopy-derive"
version = "0.8.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a996a8f63c5c4448cd959ac1bab0aaa3306ccfd060472f85943ee0750f0169be"
dependencies = [
"proc-macro2",
"quote",
"syn",
]

7
ourdb_example/Cargo.toml
View File

@ -1,7 +0,0 @@
[package]
name = "ourdb_example"
version = "0.1.0"
edition = "2021"
[dependencies]
ourdb = { path = "../ourdb" }