You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kylin.apache.org by "liyang (JIRA)" <ji...@apache.org> on 2017/08/06 06:58:02 UTC

[jira] [Commented] (KYLIN-2761) Table Level ACL

    [ https://issues.apache.org/jira/browse/KYLIN-2761?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16115672#comment-16115672 ] 

liyang commented on KYLIN-2761:
-------------------------------

[~joannahe], pls update online once offline discussion is finished.

> Table Level ACL
> ---------------
>
>                 Key: KYLIN-2761
>                 URL: https://issues.apache.org/jira/browse/KYLIN-2761
>             Project: Kylin
>          Issue Type: New Feature
>    Affects Versions: v2.0.0
>            Reporter: Joanna He
>            Priority: Blocker
>
> We are planning to introduce table level ACL to kylin. Table level ACL control whether user can query data from a table. 
> Table will go under project so that table level ACL will be set at project by project basis. When an instance starts for the first time or upgrades from lower version, every user by default has access to all tables that have been loaded to the project. Admin can modify table level ACL. by removing user from a table’s access list, admin can disable user’s query access to the table. 
> In several cases, a user’s table level ACL will be checked to ensure ACL integrity
> 1.	When user visit insight page and browse tables, table that user has no access to under current project, will not be visible to the user. 
> 2.	When user’s query hit on a cube, the table level ACL on dependent tables for that user will be checked, if user has no access to any dependent table, query will be refused on that cube. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)