Here is a possible workflow to implement in order to manage the new permission on D-Voting.
For the front-end:
-
When login on the front end -> try to fetch admin list using getAdminList -> if error: "does not exist" -> it means this is the first time that we start the system -> pop up to setup admin with Trust on First Use principle.
-
Then need to setup in people with admin right the possibility to add and remove admin.
-
When admin according to the getAdminList proxy call -> can create new voting form.
-
When creating a voting form -> automatically an owner -> nothing to do to handle the permission. However when retrieving the form -> display the UI to handle the form to user in the Owner field.
-
Add the option in the front-end for a form to add and remove an Owner.
-
Connect the already existing add voter to the new http proxy call addVoter. Also add the removeVoter option.
-
Remove the old permission check in the front-end.
--
For the Blockchain:
- Add according to the client (EPFL) need some safety check to removeVoter here:
|
func (form *Form) RemoveVoter(userID string) error { |
(condition on form.Status). Also see if need to add some safety check for addVoter there. (might possibly lead to modify the test)
--
Following the API Described here: https://github.com/c4dt/d-voting/blob/student24spring_access_control/docs/api.md
Here is a possible workflow to implement in order to manage the new permission on D-Voting.
For the front-end:
When login on the front end -> try to fetch admin list using getAdminList -> if error: "does not exist" -> it means this is the first time that we start the system -> pop up to setup admin with Trust on First Use principle.
Then need to setup in people with admin right the possibility to add and remove admin.
When admin according to the getAdminList proxy call -> can create new voting form.
When creating a voting form -> automatically an owner -> nothing to do to handle the permission. However when retrieving the form -> display the UI to handle the form to user in the Owner field.
Add the option in the front-end for a form to add and remove an Owner.
Connect the already existing add voter to the new http proxy call addVoter. Also add the removeVoter option.
Remove the old permission check in the front-end.
--
For the Blockchain:
d-voting/contracts/evoting/types/election.go
Line 449 in 2793657
--
Following the API Described here: https://github.com/c4dt/d-voting/blob/student24spring_access_control/docs/api.md