Interface StorageProgramACL

Robust Access Control for Storage Programs Applies to both JSON and Binary encodings

ACL Resolution Priority:

  1. Owner -> FULL ACCESS (always)
  2. Blacklisted -> DENIED (even if in allowed/groups)
  3. Allowed -> permissions granted
  4. Groups -> check group permissions
  5. Mode fallback:
    • "owner" -> DENIED
    • "public" -> READ only
    • "restricted" -> DENIED
interface StorageProgramACL {
    allowed?: string[];
    blacklisted?: string[];
    groups?: Record<string, StorageGroupPermissions>;
    mode: StorageACLMode;
}

Properties

allowed? blacklisted? groups? mode

Properties

Optionalallowed

allowed?: string[]

Addresses explicitly allowed to read/write

Optionalblacklisted

blacklisted?: string[]

Addresses explicitly blocked (takes precedence over allowed/groups)

Optionalgroups

groups?: Record<string, StorageGroupPermissions>

Named groups with member addresses and permissions

mode

mode: StorageACLMode

Access mode determining default behavior

Settings

Member Visibility

On This Page

Properties