在我的网络中,模型的相关部分如下所示。
asset Farm identified by farmId{
o String farmId
o String FarmLocation
o String[] images optional
o String[] waterSources
o String[] nearFactories
o String otherDescription optional
o Certification certification
--> Stakeholder owner
o String[] farmers
}
participant Stakeholder identified by stakeholderId{
o String stakeholderId
o String name
o Address address
o String email optional
o String telephone optional
o Certification certification optional
o String[] images optional
o Company company
o String username
o String password
o StakeholderType type
o String description optional
o String authPerson
o String vehicleNo optional
o DistType distributionType optional
o String branchNo optional
}在Farm资产中,我将相关Farmer参与者的标识符存储为farmer属性下的字符串数组。我想只允许其ID包括在此数组中的农民访问Farm资产。为了实现这一点,我尝试了以下访问规则但它似乎没有按预期工作。
rule FarmersHasAccessToTheirFarms {
description: "Allow all participants full access to their assets"
participant(p): "org.ucsc.agriblockchain.Stakeholder"
operation: ALL
resource(r): "org.ucsc.agriblockchain.Farm"
condition: (p.type == "FARMER" && p.stakeholderId in r.farmers)
action: ALLOW
}如何达到这个要求?有什么建议?
你可以使用.some函数 - 有人已经在这里发布了答案 - > Includes function in ACL condition与你想要实现的类似。
例如
condition: (p.type == "FARMER" && (r.farmers.some(function (checkstake) {
return checkstake === p.stakeholderId;
} ))