Xiaoyu Yao created HDDS-4913:
--------------------------------
Summary: Refine the native authorizer parent context right check
Key: HDDS-4913
URL: https://issues.apache.org/jira/browse/HDDS-4913
Project: Apache Ozone
Issue Type: Sub-task
Affects Versions: 1.0.0
Reporter: Xiaoyu Yao
Assignee: Xiaoyu Yao
Current we map CREATE/DELETE to parent WRITE. All the other are just 1:1 map
from child to parent.
This may not work, e.g., child WRITE_ACL does not equal to parent WRITE_ACL
Here is the proposed new mapping:
// Refined the parent context
// OP |CHILD |PARENT
// CREATE NONE WRITE
// DELETE DELETE WRITE
// WRITE WRITE WRITE
// WRITE_ACL WRITE_ACL WRITE (V1 WRITE_ACL=>WRITE)
// READ READ READ
// LIST LIST READ (V1 LIST=>READ)
// READ_ACL READ_ACL READ (V1 READ_ACL=>READ)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
