Introduce "_p.asEngine()" method to return an accessor with preset "__engine" accoount and role #34
Description
Overview
Introduce a new accessor creation method "asEngine()" in the engine library and make
the following code return an accessor with pseudo role "../__/__engine" and pseudo account "__engine"
_p.asEngine().cell().
Token spec
Engine should then return an access token with the following spec:
| Role | Subject |
|---|---|
| box/_engine | {CellURL}#__engine |
| ../__/_engine | {CellURL}#__engine |
With these modifications, box install alone can enable engine to access any box-local resource by distributing ACL to grant "__engine" to access that resource.
Related Core modification
considerations.
- Is it necessary to accept pseudo-account "__engine" as a "serviceSubject" attribute in the ESC (Engine Service Collection) setting?
- Do we need another pseudo-role, pseudo-account "__rule" for event-rule-triggered execution of engine script?