zachjsh commented on issue #11675: URL: https://github.com/apache/druid/issues/11675#issuecomment-916495878
@clintropolis thanks for proposal, just had a few questions: 1. Just to clarify, how to we authorize access to the other schemas like `sys` and `lookups` today? 2. In the case that the `druid.auth.enableResourceSchemaAuthroization` is not enabled, what would be the behavior, if you have datasources with the same name that exist in multiple schemas? Would a user who is given datasource read access for datasource with that name affectively be given read access to all datasources with that name in all schemas? If so is this the existing behavior? 3. One issue that we talked about that I just wanted to get recorded into comment is that with this design, the user can enable `druid.auth.enableResourceSchemaAuthroization` property, but really it is up to the specific authorizer implementation of whether to use this, and depending on whether the authorizer has been upgraded or not, it may or may not be taking the schema into consideration? Anyway for a user to be notified in the case that the authorizer extension doesnt support this new feature? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
