I am writing a data management system with Hyperledger Composer. I know about .acl- and .cto-files, but I have no idea how I would go about adding (and saving) permissions via transactions (=during runtime).
Example use case:
One could save a list of all patient permissions for every physician, and make it a Patient-only transaction to add their name to the list, but the Modeling Language does not allow lists, only arrays.
Does someone have an idea? :)
suggest to check out the Composer sample networks for code samples - this PII (Personally Identifiable Information) network has similarities to what you're trying to achieve (controlling access to a patient record by the identifier of (in this case) the Physician) https://github.com/hyperledger/composer-sample-networks/blob/master/packages/pii-network/lib/logic.js .
Your ACLs can obviously be written to control access to the Patients record (ie he/she has consented) and only allow a matching Physician identifier to access, based on a condition check in the ACL - an example of use of something similar can be found in this Stack Overflow here -> Hyperledger-Composer: ACL-rules with condition of type (r.someArray.indexOf(p.getIdentifier()) > -1) not working
I would say its better to have an array of authorized Physicians per patient (ie a lot less than the converse where a physician might have a lot of patient IDs to check each time). Your array size is a javascript constraint in theory (heap size etc) but see discussion here -> Maximum size of an Array in Javascript