You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2017/09/11 19:54:00 UTC

[jira] [Commented] (GEODE-2817) Have the function author determine what permissions the function execution requires

    [ https://issues.apache.org/jira/browse/GEODE-2817?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16161870#comment-16161870 ] 

ASF subversion and git services commented on GEODE-2817:
--------------------------------------------------------

Commit e00673b254a118851fa5c6aa17a741ace52223b2 in geode's branch refs/heads/develop from [~jinmeiliao]
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=e00673b ]

GEODE-2817: consolidate authorize(*) methods


> Have the function author determine what permissions the function execution requires
> -----------------------------------------------------------------------------------
>
>                 Key: GEODE-2817
>                 URL: https://issues.apache.org/jira/browse/GEODE-2817
>             Project: Geode
>          Issue Type: New Feature
>          Components: docs, security
>            Reporter: Jinmei Liao
>
> Currently to execute a function, you will need "data:write" permission, but it really depends on what the function is doing. So we should either:
> 1) externalize the authorize* api so that function author can use it in the function.execute code to check authorization.
> 2) add a function api to tell the framework what permission this function needs to execute, so that the framework will check the permission before executing the function.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)