You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Xiaoyu Yao (Jira)" <ji...@apache.org> on 2021/06/11 18:43:00 UTC
[jira] [Updated] (HDDS-4913) Refine the native authorizer parent
context right check
[ https://issues.apache.org/jira/browse/HDDS-4913?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xiaoyu Yao updated HDDS-4913:
-----------------------------
Fix Version/s: 1.2.0
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Refine the native authorizer parent context right check
> -------------------------------------------------------
>
> Key: HDDS-4913
> URL: https://issues.apache.org/jira/browse/HDDS-4913
> Project: Apache Ozone
> Issue Type: Sub-task
> Affects Versions: 1.0.0
> Reporter: Xiaoyu Yao
> Assignee: Xiaoyu Yao
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.2.0
>
>
> Current we map CREATE/DELETE to parent WRITE. All the other are just 1:1 map from child to parent.
> This may not work, e.g., child WRITE_ACL does not equal to parent WRITE_ACL
> Here is the proposed new mapping:
> // Refined the parent context
> // OP |CHILD |PARENT
> // CREATE NONE WRITE
> // DELETE DELETE WRITE
> // WRITE WRITE WRITE
> // WRITE_ACL WRITE_ACL WRITE (V1 WRITE_ACL=>WRITE)
> // READ READ READ
> // LIST LIST READ (V1 LIST=>READ)
> // READ_ACL READ_ACL READ (V1 READ_ACL=>READ)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org