sajjad-moradi commented on pull request #6507: URL: https://github.com/apache/incubator-pinot/pull/6507#issuecomment-770121598
> Hi Sajjad, great timing! I was drawing up ways to introduce generic request authentication and expand on the existing request authorization in pinot. Looks like you literally just built part of this - would you mind sharing a bit more about the specific use-case you're looking to address? Basically the changes introduced in this PR prevents a malicious user to change the state of the system. It also prevents mistakes from normal users by constraining them to only modify the tables they own. Implementation of `AccessControl` interface can define ACL, access control list, for each table. Basically owners (and also admins) will be added to the ACL of each table. During authentication, `AccessControll` checks if the requester's is indeed listed as owner of that table/resource. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
