Typedef caprock_claim

Typedef Documentation

typedef struct caprock_claim caprock_claim

A caprock_claim is an authorization tuple in the specifiation, and consists of an (optional) subject who is to be authorized, a predicate that describes the imparted privileges, and an optional object on which the privileges are granted.

The subject may be omitted, in which case global privileges on the object are granted.

The object may be omitted, in which case the predicate does not grant privileges, but is a verified statement about the subject.

The object may also be a CAPROCK_CLAIMS_WILDCARD, in which case the claim is made about all objects, future and past, that the issuer has any authority over.

Predicates may not be omitted. You also may not omit both the subject and the object at the same time.