1:46 p.m.
[
https://issues.jboss.org/browse/TEIIDDES-1548?page=com.atlassian.jira.plu...
]
Barry LaFond edited comment on TEIIDDES-1548 at 6/26/13 2:44 PM:
-----------------------------------------------------------------
Current vdb-deployer.xsd *permission* element
{code:xml}
<xs:element name="permission" minOccurs="0"
maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="resource-name" type="xs:string"/>
<xs:choice>
<xs:sequence>
<xs:element name="allow-create" type="xs:boolean"
minOccurs="0"/>
<xs:element name="allow-read" type="xs:boolean"
minOccurs="0"/>
<xs:element name="allow-update" type="xs:boolean"
minOccurs="0"/>
<xs:element name="allow-delete" type="xs:boolean"
minOccurs="0"/>
<xs:element name="allow-execute" type="xs:boolean"
minOccurs="0"/>
<xs:element name="allow-alter" type="xs:boolean"
minOccurs="0"/>
<xs:element name="condition" minOccurs="0">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="constraint" type="xs:boolean"
default="true"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name="mask" minOccurs="0">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="order" type="xs:string"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:element name="allow-language" type="xs:boolean"
minOccurs="0"/>
</xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
{code}
was (Author: blafond):
Current vdb-deployer.xsd *permission* element
{code:xml}
<xs:element name="permission" minOccurs="0"
maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="resource-name"
type="xs:string"/>
<xs:choice>
<xs:sequence>
<xs:element name="allow-create"
type="xs:boolean" minOccurs="0"/>
<xs:element name="allow-read"
type="xs:boolean" minOccurs="0"/>
<xs:element name="allow-update"
type="xs:boolean" minOccurs="0"/>
<xs:element name="allow-delete"
type="xs:boolean" minOccurs="0"/>
<xs:element name="allow-execute"
type="xs:boolean" minOccurs="0"/>
<xs:element name="allow-alter"
type="xs:boolean" minOccurs="0"/>
<xs:element name="condition"
minOccurs="0">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="constraint"
type="xs:boolean" default="true"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name="mask" minOccurs="0">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="order"
type="xs:string"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:element name="allow-language" type="xs:boolean"
minOccurs="0"/>
</xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
{code}
Add GUI handling for permission conditions
------------------------------------------
Key: TEIIDDES-1548
URL: https://issues.jboss.org/browse/TEIIDDES-1548
Project: Teiid Designer
Issue Type: Feature Request
Reporter: Steven Hawkins
Assignee: Barry LaFond
Fix For: 8.2
A common request is to implement row based security. Teiid has added the ability to
define a permission condition for this purpose:
<permission>
<resource-name>...</resource-name>
<condition>sql</condition>
...
</permission>
The sql should resolve against the resource specified, ideally designer would check that
as well.
See TEIID-2311 and the reference for how these conditions are applied.
{code:title=vdb.xml snippet}
<data-role name="base-role" any-authenticated="true">
<description>Conditional access</description>
<permission>
<resource-name>modelName.tblName</resource-name>
<condition
constraint="false">column1=user()</condition>
</permission>
</data-role>
{code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
4225
days inactive
4225
days old
teiid-designer-issues@lists.jboss.org
0 comments
1 participants
participants (1)
-
Barry LaFond (JIRA)