So i got this problem with with authorization. I made a small voting system that contains an amount of actors contracts that are given in scenario (see actor template below). I need every party that I have defined in my yaml file to be able to see these contracts. However only the party that created the contract, can see it. DAML is built around authorization so only those specified are able to see and use a contract (party is signatory or observer). But then how would i make every contract of a certain template visible to all parties? I can't specify them as a observer. Is it maybe possible to define a template containing a observer list that has all parties inputted and i can forward to every actor contract instance as observer?
template Actor
with
created_by : Party
username : Text
name : Text
email : Text
bankIban : Text
role : Text
where
signatory created_by
I think the idiomatic way to achieve this is not to model it within DAML itself.
You instead codify this logic in an external auth system by hooking it up to something like auth0 as explained in https://blog.daml.com/daml-driven/easy-authentication-for-your-distributed-app-with-daml-and-auth0. Eg think how you'd normally do it in a RDBMS. You'd have users table, they have a role, a role can have permissions etc.
You can then introduce a generic party called ActorAccess (Role) and make it an observer of the Actor contract. You then configure auth0 to give Alice and Bob this grant to actAs this party or something like this.
https://docs.daml.com/app-dev/authentication.html, has a couple of fields in the token called readAs, actAs which achieve different goals based on the table in the docs.
auth0 will then issue a JWT token with these details and you can subscribe to the ledger api event stream and observe the events by this template type now that Alice and Bob are stakeholders of whatever contracts have ActorAccess party on it.
No idea if that is correct but worth a go.