[
https://issues.jboss.org/browse/TEIID-5648?page=com.atlassian.jira.plugin...
]
Steven Hawkins commented on TEIID-5648:
---------------------------------------
This would effectively entail generating a different edm metadata for every role
combination or pushing a lot of logic into the olingo serialization layer.
Neither of those options are appealing. I think the best thing to do is to simply assume
that you want to expose the whole model, and allow a service layer, such as 3scale, to
actually restrict access.
So I'll introduce a more formal concept of a metadata read permission that will
automatically be assigned to the odata role.
Hide metadata over odata
------------------------
Key: TEIID-5648
URL:
https://issues.jboss.org/browse/TEIID-5648
Project: Teiid
Issue Type: Quality Risk
Components: OData
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Priority: Major
Fix For: 12.2
All schemas, not marked as hidden, will be visible over odata. This includes all schema
objects. Via the other access mechanisms permission is now required for visibility -
TEIID-5516 and TEIID-2476.
Alternatively there could also be an option to still expose the metadata by default for
non-odata access even if the user is not permissioned.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)