If you start to modify or define the access control rules for a business blockchain network, pay attention that you coincidentally should not revoke code changing or code reading access for the networkAdmin role. If you do, it might happen, that you do not have access to your source code anymore. As a consequence, it is practical to start with general rules, that gives access to your admin role for everything, like:
rule NetworkAdminUser {
description: "Grant business network administrators full access to user resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "**"
action: ALLOW
}
rule NetworkAdminSystem {
description: "Grant business network administrators full access to system resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
It is important to note that your participant is not your networkAdmin, so creating rules for the Participants but deleting for the networkAdmin will have the same effect.
