• Home
• world.convex
• convex-core
• 0.7.15
• source code
• monitors.cvx

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

convex.trust.monitors.cvx Maven / Gradle / Ivy

'convex.trust.monitors

;; This library implements some generic value based trust moniotors that can be composed to implement more compex logic

(import convex.trust :as trust)
(import convex.trust.whitelist :as wl)
(import convex.trust.ownership-monitor :as ownership)

;; Generic check
(defn check-trusted?
  ^:callable
	[subject action object]
  (or *scope* (fail :ARGUMENT "Null scope in generic trust monitor"))
  (let [[type arg] *scope*]
    (boolean
      (cond
        (= :actions type) (contains-key? arg action)
        (= :all type) (do (for [m arg] (cond (trust/trusted? m subject action object) nil (return false))) true)
        (= :any type) (do (for [m arg] (cond (trust/trusted? m subject action object) (return true))) false)
        (= :not type) (not (trust/trusted? arg subject action object))
        (= :time type) (let [[start end] arg] (and (<= start *timestamp*) (or (nil? end) (> end *timestamp*))))
        (= :rule type) (query (arg subject action object))
        (= :delegate type) 
          (let [[allow deny base] arg]
            (cond
        	   (trust/trusted? deny subject action object) false
        	   (trust/trusted? allow subject action object) true
               (trust/trusted? base subject action object)))
      
        ;; All other values untrusted
        false
    ))))

(defn permit-subjects [& addresses]
  [wl (set addresses)])

(defn permit-actions [& actions]
  [~*address* [:actions (set actions)]])

(defn any [& args]
  [~*address* [:any (vec args)]])

(defn all [arg & more]
  [~*address* [:all (apply vector arg more)]])

(defn everyone []
  [~*address* [:all []]])

(defn before [end]
  [~*address* [:time [*timestamp* (int end)]]])

(defn after [start]
  [~*address* [:time [(int start) nil]]])

(defn between [start end]
  [~*address* [:time [(int start) (int end)]]])

(defn rule [func]
  [~*address* [:rule func]])

(defn owns [asset]
  [ownership asset])

(defn delegate [allow deny base]
  [~*address* [:delegate [allow deny base]]])