[
https://issues.apache.org/jira/browse/GEODE-2817?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16133695#comment-16133695
]
Swapnil Bawaskar commented on GEODE-2817:
-----------------------------------------
>From discussion on the mailing list, it seems that adding an annotation is a
>popular choice. Something like:
{noformat}
@RequiresPermission(resource = "user_profile", operation = "read")
public void execute(FunctionContext context) {
...
}
{noformat}
> Have the function author determine what permissions the function execution
> requires
> -----------------------------------------------------------------------------------
>
> Key: GEODE-2817
> URL: https://issues.apache.org/jira/browse/GEODE-2817
> Project: Geode
> Issue Type: New Feature
> Components: docs, security
> Reporter: Jinmei Liao
>
> Currently to execute a function, you will need "data:write" permission, but
> it really depends on what the function is doing. So we should either:
> 1) externalize the authorize* api so that function author can use it in the
> function.execute code to check authorization.
> 2) add a function api to tell the framework what permission this function
> needs to execute, so that the framework will check the permission before
> executing the function.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
