HPPR Access Control
© R.A.Sol
ACL rules are defined per repository identity.
Each rule targets a coordinate prefix and controls three operations:
readwritelist
Rule evaluation uses longest-prefix match with per-operation inheritance.
Operations
read: fetch packet data- commands:
🖧GET,🖧HEADERS,🖧MEMBERS(060)
- commands:
write: store or mutate repository state- commands:
🖧STORE,🖧ADD,🖧DETACH
- commands:
list: enumerate or subscribe to coordinate trees- commands:
🖧LIST,🖧WATCH,🖧TIPS
- commands:
Rule Format
Rule syntax:
<ops> <coordinate-prefix>
<ops> is exactly three characters:
[r|d|.][w|d|.][l|d|.]
Meaning:
r,w,l: explicit allow for that operationd: explicit deny for that operation.: inherit from the next-longest matching rule
Examples:
ACL-Rule: rwl //u/chess/
ACL-Rule: r.l //u/mail/
ACL-Rule: rdl //u/market/
ACL-Rule: .w. //u/market/nl/eindhoven/Common patterns:
rwl: full accessr.l: read and list, inherit writeddd: deny allrwd: read and write, deny list
Rule Ordering
Rules MUST be stored in canonical sorted order.
Sort bytewise, with custom priority:
|sorts before//sorts before all other bytes
Equivalent compare mapping:
|=>0x01/=>0x02
Resolution
Given a request coordinate:
- Find the longest matching rule prefix.
- For each operation, apply explicit allow or deny when present.
- For
.values, continue to the next-longest matching rule. - If no explicit decision is found, deny.
For read and write checks, evaluate against the packet versioned coordinate.
Prefix examples:
| Prefix | Matches |
|---|---|
//u/a/README.md/| |
exact README.md location |
//u/a/README.md/ |
README.md and children |
//u/a/README.md |
also README.md-draft |
Identity Storage
Rules are stored as ACL-Rule Plex headers.
Location depends on identity scheme: