[tarantool-patches] Re: [PATCH 0/2] add '_vcollation' sysview and fetch it in net.box
Konstantin Osipov
kostja at tarantool.org
Fri Mar 22 18:39:53 MSK 2019
* Vladimir Davydov <vdavydov.dev at gmail.com> [19/03/22 12:43]:
> On Fri, Mar 22, 2019 at 03:27:35AM +0300, Roman Khabibov wrote:
> > As I understood "readable for all" means that filter for
> > "_vcollation" must always return "true", because the condition
> > "User has read access to according system space" is always
> > met.
>
> Why not simply grant read acces to _collation to each user instead?
We discussed this with Roman and I asked him to create a view.
> Anyway, I don't understand why _collation space stores creator uid.
> What would we possibly need it for? Create a collation that is usable
> by one user, but not visible by others? It doesn't make any sense to me.
> I think that collations should only be created/modified/deleted by the
> admin, but allowed to be used by anyone...
In some databases collations are user-level objects. Basically,
owner id is there to not complicate our security model.
--
Konstantin Osipov, Moscow, Russia, +7 903 626 22 32
http://tarantool.io - www.twitter.com/kostja_osipov
More information about the Tarantool-patches
mailing list