accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Medinets (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-677) Remove (deprecate) createUser call with authorizations argument
Date Wed, 01 Aug 2012 12:44:02 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13426559#comment-13426559
] 

David Medinets commented on ACCUMULO-677:
-----------------------------------------

I agree John when he said "The idea here is to have a administer who can go around creating
accounts, resetting passwords, etc. but doesn't have the permissions to mess with users authorizations."

There are definitely situations were technical support people should not (must not!) see the
data and, therefore, should not mess with authorizations. As one example, consider the health
industry.
                
> Remove (deprecate) createUser call with authorizations argument
> ---------------------------------------------------------------
>
>                 Key: ACCUMULO-677
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-677
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: client
>    Affects Versions: 1.4.1, 1.4.2
>            Reporter: John Vines
>            Assignee: John Vines
>            Priority: Minor
>              Labels: acl, alter, api, create, permissions, security, user
>             Fix For: 1.5.0
>
>
> Creating a user depends on a different ACL than granting Authorizations. If the user
can do one, but not the other it will still create the user but float back an error. This
can be confusing to end users, so I think we should isolate createUser to just creating the
user. They can then be granted authorizations as need be.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message