hdygxsj commented on issue #8942: URL: https://github.com/apache/gravitino/issues/8942#issuecomment-3479211291
> If tag is the metadata object, we should add the privilege `CREATE_TAG` to control tag privileges. Only the owner can modify and drop the tag. Tag privileges should belong to different departments. We should adopt this way. We should avoid others in the different department operates the tag by mistake. If tag isn't the metadata object, we can add the privilege `MANAGE_TAGS` to control tag privileges. Tag management belongs to the one department. We should adopt this way. Could I ask for clarification: why should we use CREATE_TAG just because a tag is considered a metadata object? In my understanding, regardless of whether the privilege is CREATE_TAG or MANAGE_TAG, both privileges should belong to the metalake. I think whether a tag is classified as a metadata object should only affect whether the tag has an owner, since the current owner table needs to be associated with a metadata object. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
