Return-Path: <dev-return-25738-archive-asf-public=cust-asf.ponee.io@geode.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 8A3CC200CDF
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 17 Aug 2017 10:42:26 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 8890416A343; Thu, 17 Aug 2017 08:42:26 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id CCD8A16A331
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 17 Aug 2017 10:42:25 +0200 (CEST)
Received: (qmail 62942 invoked by uid 500); 17 Aug 2017 08:42:24 -0000
Mailing-List: contact dev-help@geode.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@geode.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@geode.apache.org>
List-Post: <mailto:dev@geode.apache.org>
List-Id: <dev.geode.apache.org>
Reply-To: dev@geode.apache.org
Delivered-To: mailing list dev@geode.apache.org
Received: (qmail 62930 invoked by uid 99); 17 Aug 2017 08:42:24 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Aug 2017 08:42:24 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id E3CA41A0011
	for <dev@geode.apache.org>; Thu, 17 Aug 2017 08:42:23 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.3
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8,
	RCVD_IN_SORBS_SPAM=0.5] autolearn=disabled
Authentication-Results: spamd2-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=pivotal-io.20150623.gappssmtp.com
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id oj7y_3niUsbj for <dev@geode.apache.org>;
	Thu, 17 Aug 2017 08:42:18 +0000 (UTC)
Received: from mail-qk0-f176.google.com (mail-qk0-f176.google.com [209.85.220.176])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id E815F618A5
	for <dev@geode.apache.org>; Thu, 17 Aug 2017 08:42:17 +0000 (UTC)
Received: by mail-qk0-f176.google.com with SMTP id a77so33075867qkb.0
        for <dev@geode.apache.org>; Thu, 17 Aug 2017 01:42:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=pivotal-io.20150623.gappssmtp.com; s=20150623;
        h=mime-version:from:date:message-id:subject:to;
        bh=fDZ6eeuH8M80mkDFsIU/CsOZbG8sYyEJoA6XsuFfjw8=;
        b=MQTtROuopp1DZB7X43uhNTzWqSLuGmiIA+0FuEzLQ+5ikoG8gQ4FPfbznIUKO4AT0w
         LswoZJR9YTJ81VVXC9iuQoBp3/NRLQUjgvJHZVx7nLJDYirdDp17/LPwTiMPEgsafmdX
         /Xyv8SDon751R09zfJpjNIjVuUFRJHKnsgOC9o3wmI6YSbLsjC2XfmZ0dQVncweGcEDP
         JnQMEsF4tyPSocz9OlU1KhKLVBzoSmIixt586L3vD8Ufq7Y2Khvkw6DYxt2Ib7skgexM
         W7tE1juz1NKWuGZ3VkzzqpvI9D6dSpzsDZbDns3rbdYvqlj8CRCok5fBj3sXrgrp3iLB
         NWqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=fDZ6eeuH8M80mkDFsIU/CsOZbG8sYyEJoA6XsuFfjw8=;
        b=ZxhZSaVFNAzIf9Kl+nZIA0Y+5sJiASYR4ahUvNPZGwM7XL6G9EIRBSboyhIqEdYgWh
         55Sz19XlAxE6n3y3vNjorMt+qgSef44mCRnAVRM10bsflMDQZoJBaY9p1uJOa2fgIP3k
         ptf2EeV2RiFMob84WQ5Eti9MBB61UikVU3BVuKIBpTGS7vpUfHDn5Lb1U4sRGOgMWMNk
         79B6kG1qaI3VZuc0+wu3zA+WnP8AoJybLAUyybWmFT1ybz8HCqvSyiHGC4hxKYHYNZ3z
         A8KZPABBIeR9+PBMNefT4Sd/QpSdVNdI7ImdJKa4eqB2xFsg0vMWSGJekAMODy64Y+Va
         39oA==
X-Gm-Message-State: AHYfb5jZtmkyZxg1fNGVrOF3RiFpeqJDTOGgWBa5xdFle5/oE3tA8UqI
	PnbBEa9qgkEpCe224c9BukA7DbMxbX9F
X-Received: by 10.55.168.145 with SMTP id r139mr1651041qke.258.1502959336085;
 Thu, 17 Aug 2017 01:42:16 -0700 (PDT)
MIME-Version: 1.0
From: Swapnil Bawaskar <sbawaskar@pivotal.io>
Date: Thu, 17 Aug 2017 08:42:05 +0000
Message-ID: <CANZq1gANBm1AYLmSeerFev_pW+SyZVv9JoxPRj5oY726JYK_pw@mail.gmail.com>
Subject: [DISCUSS] authorizing function execution
To: geode <dev@geode.apache.org>
Content-Type: multipart/alternative; boundary="94eb2c07661a56f8050556eefd57"
archived-at: Thu, 17 Aug 2017 08:42:26 -0000

--94eb2c07661a56f8050556eefd57
Content-Type: text/plain; charset="UTF-8"

Discuss fix for GEODE-2817
<https://issues.apache.org/jira/browse/GEODE-2817>

Currently to execute a function, you will need "data:write" permission, but
it really depends on what the function is doing. For example, if a function
is just reading data, the function author might want users with DATA:READ
permissions to execute the function. The two options mentioned in the
ticket are:

1) externalize SecurityService so that function author can use it in the
function.execute code to check authorization.
2) add a method to function interface to tell the framework what permission
this function needs to execute, so that the framework will check the
permission before executing the function.

I vote for #2 because, I think, a function author will be able to easily
discover a method on the Function interface, rather than trying to look for
SecurityService.

I propose that we add the following new method to Function:

default public List<ResourcePermission> requiredPermissions() {
   // default DATA:WRITE
}

In order to preserve existing behavior, the default required permission
would be DATA:WRITE.

--94eb2c07661a56f8050556eefd57--