GitHub user zuotingbing created a discussion: when set gravitino.authorization.enable=true, why normal users without privilege can create catalogs?
After I set gravitino.authorization.enable=true, normal users without privilege can create catalogs, why? The specific operations are as follows: 1. create a metalake named test curl -L 'http://localhost:8090/api/metalakes' \ -H 'Content-Type: application/json' \ -H 'Accept: application/vnd.gravitino.v1+json' \ -d '{ "name": "test", "comment": "test metalake", "properties": {} }' 2. add a normal user Staff to the metalake curl -L 'http://localhost:8090/api/metalakes/test/users' \ -H 'Content-Type: application/json' \ -H 'Accept: application/vnd.gravitino.v1+json' \ -d '{ "name": "Staff" }' 3. user Staff creats catalog sucessfully without privilege curl -u Staff: -L 'http://localhost:8090/api/metalakes/test/catalogs' \ -H 'Content-Type: application/json' \ -H 'Accept: application/vnd.gravitino.v1+json' \ -d '{ "name": "iceberg_catalog", "type": "relational", "provider": "lakehouse-iceberg", "comment": "test iceberg catalog", "properties": { "uri": "http://localhost:9001/iceberg";, "catalog-backend": "rest" } }' GitHub link: https://github.com/apache/gravitino/discussions/8598 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
