ASF subversion and git services commented on GEODE-3330:

Commit 33f42181930ce52501738da6046df5441969ba97 in geode's branch 
refs/heads/develop from YehEmily
[ https://git-wip-us.apache.org/repos/asf?p=geode.git;h=33f4218 ]

GEODE-3330: user needs CLUSTER:MANAGE:QUERY permission to create a CQ.

* cq.execute() and cq.executeWithInitialResult() all would still require 
DATA:READ because it will send the result back to the client either initially 
or later.
* added unit test

> secure ability to register CQ
> -----------------------------
>                 Key: GEODE-3330
>                 URL: https://issues.apache.org/jira/browse/GEODE-3330
>             Project: Geode
>          Issue Type: Sub-task
>          Components: docs, security
>            Reporter: Swapnil Bawaskar
>            Assignee: Emily Yeh
> With integrated security, we require that for registering a CQ user must have 
> CLUSTER:MANAGE:QUERY permissions. This however, means that a user with 
> CLUSTER:MANAGE will be able to register a CQ with initial results and be able 
> to see data.
> In order to register a CQ with initial results, we should require that the 
> user has DATA:READ permission. 

This message was sent by Atlassian JIRA

Reply via email to