From 0687753f42edee99e661565297254320cd12c1a6 Mon Sep 17 00:00:00 2001 From: CSDUMMI <31551856+CSDUMMI@users.noreply.github.com> Date: Sun, 3 Oct 2021 16:50:11 +0200 Subject: [PATCH 1/2] Not using ACs to implement moderation --- 05_Customizing_OrbitDB/05_Conclusion.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/05_Customizing_OrbitDB/05_Conclusion.md b/05_Customizing_OrbitDB/05_Conclusion.md index f33c817..00ef3d3 100644 --- a/05_Customizing_OrbitDB/05_Conclusion.md +++ b/05_Customizing_OrbitDB/05_Conclusion.md @@ -65,10 +65,7 @@ code here: [final](../code_examples/05_Customizing_OrbitDB/final). We also have an Appendix to this part of the tutorial, that describes how you can -use the `AccessControllers` -with OrbitDB to moderate -the discussions about the -notes. +implement Moderation. If you want to read that, -go to this: **[Moderating your Comment Threads.](06_AccessControllers.md)** +go to this: **[Moderating your Comment Threads.](06_Moderation.md)** From 0123eee42820ea7b7336d9ebc3123765abe7e677 Mon Sep 17 00:00:00 2001 From: CSDUMMI <31551856+CSDUMMI@users.noreply.github.com> Date: Sun, 3 Oct 2021 17:47:54 +0200 Subject: [PATCH 2/2] Access Controllers vs. Validation --- .../06_AccessControllers.md | 74 ------------------- 05_Customizing_OrbitDB/06_Moderation.md | 46 ++++++++++++ 2 files changed, 46 insertions(+), 74 deletions(-) delete mode 100644 05_Customizing_OrbitDB/06_AccessControllers.md create mode 100644 05_Customizing_OrbitDB/06_Moderation.md diff --git a/05_Customizing_OrbitDB/06_AccessControllers.md b/05_Customizing_OrbitDB/06_AccessControllers.md deleted file mode 100644 index e94f232..0000000 --- a/05_Customizing_OrbitDB/06_AccessControllers.md +++ /dev/null @@ -1,74 +0,0 @@ -## Moderating your Comment Threads. - -We have now gotten a store that -you can publish notes and comments with. - -But you cannot actually -control who and what -gets to comment and count as a valid comment. - -In other words: How can you moderate -a Peer-to-Peer Database? - -Well, you can't really. -Or at least, you cannot -moderate data on another -persons computer. - -I cannot delete a file on -your computer, anymore -than you can delete a file -on mine. - -If either of us could do that, -we would consider that malware. - -And this is not a Tutorial -on writing malware, so we'll not -go into it. - -Moderating is generally considered -to be two separate tasks: - -1. Restricting the writing to a database -2. Restricting the reading from a database and sharing of contents. - -In a decentralized network, sharing data -is easy. Once any peer has some data, they -can share it essentially until their -bandwidth runs out. - -But writing control is more complex. -We cannot prevent somebody from -writing to their own local -database, but we can decide, -whether we will accept the -local changes from another -peer in our own database. - -And there OrbitDB `AccessController`s -come into action. - -They are invoked when an OrbitDB -instance receives new entries for a specific -database and they determine, whether -the OrbitDB Instance should accept and -use these entries or deny and trash them. - -Remember: These rules, that you write into -the AccessController can be changed or ignored -by other peers, if they so wish. -But then again, consider whether it's important to you what other -peers do with their own database, as long -as your database is clean and conforming to -all the rules you laid out? - -Additionally, if most peers follow -your rules, then most content that violates -these rules will not persist anyway, -because nobody is around to pin it. -Although in some cases for some specific -data, somebody might be really insistent -and pin it anyway. - -**Next: [Implementing a custom AccessController](06_Implementing_a_custom_AccessController.md)** diff --git a/05_Customizing_OrbitDB/06_Moderation.md b/05_Customizing_OrbitDB/06_Moderation.md new file mode 100644 index 0000000..76cf8d4 --- /dev/null +++ b/05_Customizing_OrbitDB/06_Moderation.md @@ -0,0 +1,46 @@ +## Moderating your Comment Threads. + +We have now gotten a store that +you can publish notes and comments with. + +But we have not implemented any method +for moderating the Threads. + +That's the subject of this Appendix: +Moderation of the Threads. + +### Access Controllers vs. Validation +There are two ways I considered for implementing +moderation in OrbitDB: +1. Access Controllers +2. Validation + +#### Access Controllers +Access Controllers (ACL) are used to check if an +entry should become part of the `oplog` or not. + +They do this by implementing a `canAppend(entry, identityProvider)` function +that returns true if the entry can be added. + +But Access Controllers are very low-level, because they +can't consider the state of the store that the oplog is for. + +Thus most complicated Access Rules can actually not be implemented +using Access Controllers. Including the Moderation of the Threads +of the notes store. + +I think you should not try to implement any Access Rules using +ACLs unless you really understand what you are doing and know +what you want to achieve. + +### Validation +Instead of an ACL I will use validation to achieve moderation. +This means implementing Moderation in the Index of the NotesIndex +before applying an entry. + +With this method I can access the state of the Index to validate an entry, +but it also means that invalid entries will persist and be replicated +across the network. Because validation happens on the existing oplog, instead +of before creating the oplog. + +**Next: [Implementing a custom AccessController](06_Implementing_a_custom_AccessController.md)**