liyang commented on KYLIN-2761:

[~joannahe], pls update online once offline discussion is finished.

> Table Level ACL
> ---------------
>                 Key: KYLIN-2761
>                 URL: https://issues.apache.org/jira/browse/KYLIN-2761
>             Project: Kylin
>          Issue Type: New Feature
>    Affects Versions: v2.0.0
>            Reporter: Joanna He
>            Priority: Blocker
> We are planning to introduce table level ACL to kylin. Table level ACL 
> control whether user can query data from a table. 
> Table will go under project so that table level ACL will be set at project by 
> project basis. When an instance starts for the first time or upgrades from 
> lower version, every user by default has access to all tables that have been 
> loaded to the project. Admin can modify table level ACL. by removing user 
> from a table’s access list, admin can disable user’s query access to the 
> table. 
> In several cases, a user’s table level ACL will be checked to ensure ACL 
> integrity
> 1.    When user visit insight page and browse tables, table that user has no 
> access to under current project, will not be visible to the user. 
> 2.    When user’s query hit on a cube, the table level ACL on dependent 
> tables for that user will be checked, if user has no access to any dependent 
> table, query will be refused on that cube. 

This message was sent by Atlassian JIRA

Reply via email to