5.8. User.RevokeAccess: Revoke file access

RevokeAccess(filename string, recipientUsername string) error

Given a filename in the personal namespace of the caller, this function revokes access to the corresponding file from recipientUsername and any other users with whom recipientUsername has shared the file.

A revoked user must lose access to the corresponding file regardless of whether their invitation state is created or accepted.

The client MUST prevent any revoked user from using the client API to take any action on the file. However, recall from Threat Model that a revoked user may become malicious and use the Datastore API directly (see Sharing and Revoking).

After revocation, the client MUST return an error if the revoked user attempts to take action through the Client API on the file, with one exception: the case in which a user calls StoreFile on a file that has been revoked is undefined behavior and will not be tested.

You may assume this function will only be called by the file owner on recipients with whom they directly shared the file (see Sharing and Revoking).

Returns an error if:

  • the given filename does not exist in the caller’s personal file namespace; or

  • the given filename is not currently shared with recipientUsername; or

  • revocation cannot complete due to malicious action.

Parameters
  • filename (string) – The name of the file in the caller’s personal file namespace.

  • recipientUsername (string) – Username of the user to revoke access from.

Return type

error

Warning

Do not forget that your design must satisfy all requirements, including:

  1. All Sharing and Revoking requirements.