geode-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael William Dodge <mdo...@pivotal.io>
Subject Re: [DISCUSS] authorizing function execution
Date Thu, 17 Aug 2017 15:18:50 GMT
What about an annotation for read-only functions or a subinterface off org.apache.geode.cache.execute.Function?

Sarge

> On 17 Aug, 2017, at 01:42, Swapnil Bawaskar <sbawaskar@pivotal.io> wrote:
> 
> Discuss fix for GEODE-2817
> <https://issues.apache.org/jira/browse/GEODE-2817>
> 
> Currently to execute a function, you will need "data:write" permission, but
> it really depends on what the function is doing. For example, if a function
> is just reading data, the function author might want users with DATA:READ
> permissions to execute the function. The two options mentioned in the
> ticket are:
> 
> 1) externalize SecurityService so that function author can use it in the
> function.execute code to check authorization.
> 2) add a method to function interface to tell the framework what permission
> this function needs to execute, so that the framework will check the
> permission before executing the function.
> 
> I vote for #2 because, I think, a function author will be able to easily
> discover a method on the Function interface, rather than trying to look for
> SecurityService.
> 
> I propose that we add the following new method to Function:
> 
> default public List<ResourcePermission> requiredPermissions() {
>   // default DATA:WRITE
> }
> 
> In order to preserve existing behavior, the default required permission
> would be DATA:WRITE.


Mime
View raw message