[jira] [Commented] (GEODE-2924) move resources from DATA to CLUSTER

Thu, 27 Jul 2017 11:24:41 -0700 

    [ 
https://issues.apache.org/jira/browse/GEODE-2924?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16103627#comment-16103627
 ] 

ASF GitHub Bot commented on GEODE-2924:
---------------------------------------

Github user karensmolermiller commented on a diff in the pull request:

    https://github.com/apache/geode/pull/660#discussion_r129917470
  
    --- Diff: 
geode-docs/managing/security/implementing_authorization.html.md.erb ---
    @@ -56,13 +56,23 @@ which classifies whether the operation as
     The operations are not hierarchical;
     `MANAGE` does not imply `WRITE`, and `WRITE` does not imply `READ`.
     
    -Some operations further specify a region name in the permission.
    +Some `DATA` operations further specify a region name in the permission.
     This permits restricting operations on that region to only those
     authorized principals.
     And within a region, some operations may specify a key.
     This permits restricting operations on that key within that region to 
     only those authorized principals.
     
    +Some `CLUSTER` operations further specify a finer-grained
    +target for the operation.
    +Specify the target with a string value of:
    +
    +- `DISK` to target operations that write to a disk store
    +- `GATEWAY` to target operations that manage gateway senders and receivers
    +- `QUERY` to target operations that manage both indexes and continuous
    + queries
    +- `JAR` to target operations that deploy code to servers
    +
    --- End diff --
    
    Will add the LUCENE target before I merge this PR. Thanks!
    
    I created https://issues.apache.org/jira/browse/GEODE-3324 to complete the 
changes specified in the wiki proposal.


> move resources from DATA to CLUSTER
> -----------------------------------
>
>                 Key: GEODE-2924
>                 URL: https://issues.apache.org/jira/browse/GEODE-2924
>             Project: Geode
>          Issue Type: Sub-task
>          Components: docs, security
>            Reporter: Swapnil Bawaskar
>            Assignee: Karen Smoler Miller
>             Fix For: 1.3.0
>
>
> As discussed in this proposal 
> https://cwiki.apache.org/confluence/display/GEODE/Finer+grained+security, the 
> only resource on DATA should be region, we should move:
> 1. pdx to CLUSTER:MANAGE
> 2. import cluster-configuration to CLUSTER:MANAGE
> 3. LockServiceMXBean.becomeLockGrantor        to CLUSTER:MANAGE
> 4. list regions       to CLUSTER:READ



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to