You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kylin.apache.org by "Joanna He (JIRA)" <ji...@apache.org> on 2017/07/27 06:34:00 UTC

[jira] [Created] (KYLIN-2761) Table Level ACL

Joanna He created KYLIN-2761:
--------------------------------

             Summary: Table Level ACL
                 Key: KYLIN-2761
                 URL: https://issues.apache.org/jira/browse/KYLIN-2761
             Project: Kylin
          Issue Type: New Feature
    Affects Versions: v2.0.0
            Reporter: Joanna He
            Priority: Blocker


We are planning to introduce table level ACL to kylin. Table level ACL control whether user can query data from a table. 
Table will go under project so that table level ACL will be set at project by project basis. When an instance starts for the first time or upgrades from lower version, every user by default has access to all tables that have been loaded to the project. Admin can modify table level ACL. by removing user from a table’s access list, admin can disable user’s query access to the table. 

In several cases, a user’s table level ACL will be checked to ensure ACL integrity
1.	When user visit insight page and browse tables, table that user has no access to under current project, will not be visible to the user. 
2.	When user’s query hit on a cube, the table level ACL on dependent tables for that user will be checked, if user has no access to any dependent table, query will be refused on that cube. 




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)