You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kylin.apache.org by "Billy Liu (JIRA)" <ji...@apache.org> on 2018/01/25 06:23:00 UTC

[jira] [Updated] (KYLIN-2760) Enhance Project Level ACL

     [ https://issues.apache.org/jira/browse/KYLIN-2760?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Billy Liu updated KYLIN-2760:
-----------------------------
    Fix Version/s:     (was: v2.3.0)
                   v2.2.0

> Enhance Project Level ACL
> -------------------------
>
>                 Key: KYLIN-2760
>                 URL: https://issues.apache.org/jira/browse/KYLIN-2760
>             Project: Kylin
>          Issue Type: Improvement
>          Components: General
>    Affects Versions: v2.0.0
>         Environment: all 
>            Reporter: Joanna He
>            Assignee: jiatao.tao
>            Priority: Major
>             Fix For: v2.2.0
>
>         Attachments: screenshot-1.png
>
>
> We are planning on enhancing the project level ACL, the plan as below:
> There are five types of predefined user access: System Admin, Project Admin, Management, Operation and Query. 
> When syncing an LDAP new user, admin has the option to set the new user as system admin. The other user access, however, need to be set at project level, that means other than system admin which is applied globally on an instance, the other four user access are granted on project by project basis. So that one user, say johndoe, can be project admin in Project A and management access in Project B. 
> User role modeler and analyst that are currently set when syncing users, will be retired. Project level access can be assigned to user, but not on role any more. 
> Cube level ACL will be retired too, user's access control on a cube will be inherited from user's project level ACL. 
>  The expected access level for those 5 types of user access are defined as attached.
> !screenshot-1.png!



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)