When we speak of "users" here, do we mean normal developers or
"administrational users"?
My concern is that given the current functionality of "deploy jar" it
would be too easy to deploy a jar, containing a function that has
"relaxed" user permissions. Which would allow them to execute ANY
function without being able to stop them.
I believe that the security-level for any function should have a default
security level and then a power-user or admin needs to override the
security-level for that function on a per-user, per-role or resource-level.
At least with this approach, the changes to security-level overrides can
be logged and audited.
--Udo
On 8/21/17 08:56, Anthony Baker wrote:
On Aug 17, 2017, at 1:41 PM, Dan Smith <dsm...@pivotal.io> wrote:
Which means
the develop needs a way override the permission level *before* the function
executes.
I agree. Providing a callback to allow a user to override the default security
level seems reasonable.
Anthony
