[teiid-dev] VDB Data Policy structure
Ramesh Reddy
rareddy at redhat.com
Mon Jul 19 09:52:43 EDT 2010
On Mon, 2010-07-19 at 09:14 -0500, John Verhaeg wrote:
> One minor thing I'd point out: Since these are Boolean values (and the
> schema has already defined them as optional), the schema should also
> provide a default value for each of the "allow" elements, and the
> vdb.xml should therefore not include entries that match the default.
>
Agree.
All the "allow" elements have default value of "false". The security
model is to deny everything, if you need access you need to explicitly
turn it ON. Per JPAV comments providing a element like
<allow-delete>false</allow-delete>
is useless, and makes the "vdb.xml" file larger. If possible we should
avoid writing those types of elements. However it is necessary to write
these sometimes. For example, if user gave all access at table level and
want to turn off one explicit column, then you need to specify the
element with "false" to turn it off.
Ramesh..
More information about the teiid-dev
mailing list