我的模型文件的小子集是 -
participant Employee identified by empID {
o String empID
o EmployeeCategory category
}
enum EmployeeCategory{
o Internal
o External
}
asset CompanyAsset identified by assetID{
o String assetID
--> Employee owner
o String status
}
transaction AssignStatus{
--> CompanyAsset assetObject
}
现在我想在acl文件中定义一条规则,只有当登录的Participant employeeCategory是'内部'然后允许创建/更新事务AssignStatus
我能够使用empID字段,但不能用于我想要的枚举
答案 0 :(得分:1)
使用您的模型(使用我自己的命名空间)我认为这两个ACL规则可以解决您的问题:
rule InternalsOnly {
description: "Allow Internals to submit AssignStatus txn type"
participant(p): "org.acme.trading.Employee"
operation: ALL
resource(v): "org.acme.trading.AssignStatus"
condition: ( p.category == "Internal" )
action: ALLOW
}
rule PreventTransaction {
description: "prevent others executing transactions"
participant: "org.acme.trading.Employee"
operation: ALL
resource: "org.acme.trading.AssignStatus"
action: DENY
}