Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions & Read Only Users? #357

Closed
balupton opened this issue Apr 10, 2018 · 5 comments
Closed

Permissions & Read Only Users? #357

balupton opened this issue Apr 10, 2018 · 5 comments

Comments

@balupton
Copy link

Is it possible to create users on orbitdb, so some have write access, and some have read access
@balupton
Copy link
Author

The use case for the database that I am wrestling with, is hundreds of gigabytes of cryptocurrency historical price data.

I want to have it so that a few authorised servers can keep the data updated by writing new data every minute. But then have everyone get read access to the database.

OrbitDB seems perfect as (unlike Couch and Cockroach) anyone who is querying the data is also replicating and sharing the data.

@adrprado
Copy link

You can check the guide. There is states this: "You can specify the peers that have write-access to a database. You can define a set of peers that can write to a database or allow anyone write to a database."

@balupton
Copy link
Author

Yes but it also states:

Note! OrbitDB currently supports only write-access and the keys of the writers need to be known when creating a database. That is, the access rights can't be changed after a database has been created. In the future we'll support read access control and dynamic access control in a way that access rights can be added and removed to a database at any point in time without changing the database address. At the moment, if access rights need to be changed, the address of the database will change.

Which makes it seem that only write access is currently implemented. That options are write access or no access. From what I can tell, read only access is a planned feature, but there was no issue about it yet.

@adrprado
Copy link

In fact, you have write access or read-only access.

When you create the database you need to set the users that'll have write access (you set it with a list of IDs or '*' to allow all users to write):

const access = {
  write: ['*'],
}
const db = await orbitdb.docstore('sample-db', access);

BTW, issue #292 was opened requesting help on access rights improvement.

@aphelionz aphelionz mentioned this issue Feb 14, 2019
Closed
@aphelionz
Copy link
Member

Thanks @balupton and @adrprado. It's awesome to see community members helping each other out. Essentially that is correct - all data are publicly readable due to the nature of IPFS, but OrbitDB can manage write access for you - even dynamically in the latest release candidate, orbit-db@rc2

To secure the read-only data, you can use encryption so that it will appear as gibberish to those who don't have the decryption keys. We discuss this a bit in the OrbitDB Field Manual, so check it out and open an issue or PR there if you have more questions or if something doesn't make sense.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@balupton @aphelionz @adrprado