From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounce@freelists.org>
Received: from localhost (localhost [127.0.0.1])
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 87F48290D4
	for <tarantool-patches@freelists.org>; Fri, 22 Mar 2019 11:40:00 -0400 (EDT)
Received: from turing.freelists.org ([127.0.0.1])
	by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id vBOjsgB1AZZw for <tarantool-patches@freelists.org>;
	Fri, 22 Mar 2019 11:40:00 -0400 (EDT)
Received: from smtp56.i.mail.ru (smtp56.i.mail.ru [217.69.128.36])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 3A19427676
	for <tarantool-patches@freelists.org>; Fri, 22 Mar 2019 11:40:00 -0400 (EDT)
Date: Fri, 22 Mar 2019 18:39:53 +0300
From: Konstantin Osipov <kostja@tarantool.org>
Subject: [tarantool-patches] Re: [PATCH 0/2] add '_vcollation' sysview
 and fetch it in net.box
Message-ID: <20190322153953.GB6548@chai>
References: <cover.1553183293.git.roman.habibov@tarantool.org>
 <20190322083348.aux2mcocsir3jxs2@esperanza>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190322083348.aux2mcocsir3jxs2@esperanza>
Sender: tarantool-patches-bounce@freelists.org
Errors-to: tarantool-patches-bounce@freelists.org
Reply-To: tarantool-patches@freelists.org
List-Help: <mailto:ecartis@freelists.org?Subject=help>
List-Unsubscribe: <mailto:tarantool-patches-request@freelists.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: tarantool-patches <tarantool-patches.freelists.org>
List-Subscribe: <mailto:tarantool-patches-request@freelists.org?Subject=subscribe>
List-Owner: <mailto:>
List-post: <mailto:tarantool-patches@freelists.org>
List-Archive: <http://www.freelists.org/archives/tarantool-patches>
To: tarantool-patches@freelists.org
Cc: Roman Khabibov <roman.habibov@tarantool.org>

* Vladimir Davydov <vdavydov.dev@gmail.com> [19/03/22 12:43]:
> On Fri, Mar 22, 2019 at 03:27:35AM +0300, Roman Khabibov wrote:
> > As I understood "readable for all" means that filter for
> > "_vcollation" must always return "true", because the condition
> > "User has read access to according system space" is always
> > met.
> 
> Why not simply grant read acces to _collation to each user instead?

We discussed this with Roman and I asked him to create a view.

> Anyway, I don't understand why _collation space stores creator uid.
> What would we possibly need it for? Create a collation that is usable
> by one user, but not visible by others? It doesn't make any sense to me.
> I think that collations should only be created/modified/deleted by the
> admin, but allowed to be used by anyone...

In some databases collations are user-level objects. Basically,
owner id is there to not complicate our security model.

-- 
Konstantin Osipov, Moscow, Russia, +7 903 626 22 32
http://tarantool.io - www.twitter.com/kostja_osipov