From 2e8f2ffc211e19b127be5e38a14a37289125c0cf Mon Sep 17 00:00:00 2001 From: Viktor Kolomeyko Date: Tue, 28 Jan 2020 11:49:12 +0000 Subject: [PATCH] CORDA-3025: Permissions template for a read-only user (#5901) --- docs/source/shell.rst | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/docs/source/shell.rst b/docs/source/shell.rst index f6b627fbdd..4e0ffda81a 100644 --- a/docs/source/shell.rst +++ b/docs/source/shell.rst @@ -26,12 +26,38 @@ Permissions When accessing the shell (embedded, standalone, via SSH) RPC permissions are required. This is because the shell actually communicates with the node using RPC calls. +There are several operations that are read-only in nature and granting them should have no impact on the ledger state of the node. +These permissions are: + +.. code:: bash + + permissions=[ + "InvokeRpc.nodeInfo", + "InvokeRpc.networkMapSnapshot", + "InvokeRpc.currentNodeTime", + "InvokeRpc.wellKnownPartyFromX500Name", + "InvokeRpc.vaultQuery", + "InvokeRpc.vaultQueryBy", + "InvokeRpc.stateMachinesSnapshot", + "InvokeRpc.nodeDiagnosticInfo", + "InvokeRpc.notaryIdentities", + "InvokeRpc.attachmentExists", + "InvokeRpc.partyFromKey", + "InvokeRpc.notaryPartyFromX500Name", + "InvokeRpc.partiesFromName", + "InvokeRpc.registeredFlows" + ] + +There are also operations that allow starting/killing the flows or even stopping the node as a whole: + * Watching flows (``flow watch``) requires ``InvokeRpc.stateMachinesFeed``. * Starting flows requires ``InvokeRpc.startTrackedFlowDynamic``, ``InvokeRpc.registeredFlows`` and ``InvokeRpc.wellKnownPartyFromX500Name``, as well as a permission for the flow being started. * Killing flows (``flow kill``) requires ``InvokeRpc.killFlow``. This currently allows the user to kill *any* flow, so please be careful when granting it! +Description of RPC operations can be found in :doc:`api-rpc`. + The shell via the local terminal --------------------------------