jon-wei edited a comment on issue #9380: URL: https://github.com/apache/druid/issues/9380#issuecomment-677957679
@pjain1 > For both compaction and load rule I thought it more intuitive to bind read with read and write with write. Should we just add a new resource type like DATASOURCE-CONFIG for representing both compaction and load/drop rules ? I think a new resource type for that is fine, perhaps DATASOURCE WRITE could also be rolled into this new combined permission (ingest, set up compaction, and manage the segment distribution, is there anything else that would make sense here?). > for migration we can have a flag to switch between older and newer security model, once they are ready they flip the switch. Prior to the switch, how would the old and new model coexist? Maybe we could separate the old and new authorization DB (like use a separate metadata table or some kind of namespacing), I imagine it could be confusing for the user if permissions for both models exist at the same time and place. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
