New groups are created on the fly by our application when needed. Under the scenario you describe we’d have to go through all the data in Accumulo whenever a group is created so that users in the group can see the existing data.
On Mar 19, 2014, at 11:34 AM, Sean Busbey <[email protected]> wrote: > > On Wed, Mar 19, 2014 at 10:22 AM, Jeff Kunkle <[email protected]> wrote: > My particular use case meets both of those conditions. I’d like to use a not > operator to soft delete things for specific groups of users, which are > assigned a given authorization. For example, assume I have two groups of > users: group1 and group2. If I want to temporarily hide something from group1 > I would add “& !group1” to the visibility. In my case I’m not really using > the NOT operator for access control. The users in the group have access to > the data; they’ve just chosen to hide it from their view. > > > > This scenario includes rewriting the data with the "& !group1" addition? Why > not just rewrite the data to not include the group1 visibility at all? >
