[
https://issues.apache.org/jira/browse/KYLIN-2720?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16089342#comment-16089342
]
qiumingming commented on KYLIN-2720:
------------------------------------
Thanks for your reminder. In my patch there are two REST interfaces will be
impacted:1.getMetadata in QueryController;
2. getTableDesc in TableController. The latter will impact an user from
creating new model/cube while the former will not.
When an user clicks the "Insight" bar in the web UI the former interface will
be called. So just allow user to access to tables that he owned cubes dependent
to in this situation will be great. Because user will not see tables he can not
query in the web UI.
I can contribute a new patch and remove the modification of the TableService
for it have an negative impact when creating new model/cube. The modification
of the QueryService will be kept for it have no negative impact.
> Should not allow user to access to all tables' metadata of a project
> --------------------------------------------------------------------
>
> Key: KYLIN-2720
> URL: https://issues.apache.org/jira/browse/KYLIN-2720
> Project: Kylin
> Issue Type: Improvement
> Reporter: qiumingming
> Fix For: v2.0.0, v2.1.0
>
> Attachments: KYLIN-2720.patch
>
>
> Currently, user can access to all tables and columns metadata of a specific
> project as long as he can access to this project, which is not reasonable.
> User should just allow to access to tables that he owned cubes dependent to.
> However, user can see some other tables in the web UI in current version.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
