[
https://issues.jboss.org/browse/TEIID-5648?page=com.atlassian.jira.plugin...
]
Steven Hawkins commented on TEIID-5648:
---------------------------------------
I thought you are trying to just hide the SYS and SYSADMIN schemas
with this effort?
That was done with TEIID-5640
I remember a conversation, in OData they explicitly avoided hiding
the metadata from full form on a given schema.
This is to make the metadata visibility rules consistent between jdbc/pg and odata. In
the other systems you can't even see schema/tables/procedures etc. that you don't
have permission to do anything with. However this is not a good fit with the way the
olingo code is structured and with the assumption that another layer will actually secure
things and be responsible for exposing the relevant metadata.
So I'm introducing a formal permission to see all metadata, which will be of use for
other use cases like our internal group that wants to have a "browser" role that
can't actually query anything.
Hide metadata over odata
------------------------
Key: TEIID-5648
URL:
https://issues.jboss.org/browse/TEIID-5648
Project: Teiid
Issue Type: Quality Risk
Components: OData
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Priority: Major
Fix For: 12.2
All schemas, not marked as hidden, will be visible over odata. This includes all schema
objects. Via the other access mechanisms permission is now required for visibility -
TEIID-5516 and TEIID-2476.
Alternatively there could also be an option to still expose the metadata by default for
non-odata access even if the user is not permissioned.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)