[
https://issues.apache.org/jira/browse/ATLAS-3081?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16826223#comment-16826223
]
Madhan Neethiraj commented on ATLAS-3081:
-----------------------------------------
[~bolke] - (repeating my earlier comment) most applications that use RDBMS as
backend store will not expose schema details to its users, and will not allow
execution of arbitrary queries from its users. There are a lot of good reasons
for taking such a hard stance; and all of them apply for Atlas as well.
Specifically I would like to call out few points:
- Atlas has strong authorization model, which enable restricting users from
accessing/updating entity data - based on
entity-type/entity-id/entity-classifications/.. Allowing direct access to
Gremlin will bye-pass such authorization controls
- Using Gremlin, it is possible update the graph status (create/update/delete
vertices/properties) - which again can violate authorization controls in place,
in addition will result in change notifications from Atlas server to be skipped
- Details of vertex and edge (labels, property-names, ..) are internal to Atlas
and can change across versions. Users should not write applications that depend
on internal implementation details
With DSL approach, Atlas has complete control - on kind of operations are
allowed, on what entities, for what users; will ensure that undesired
operations are kept out. I would strongly suggest enhancements to DSL.
Once again, I would strongly suggest to look at the analogy of applications
allowing arbitrary user-given SQL on its schema.
> Expose Gremlin Search API
> -------------------------
>
> Key: ATLAS-3081
> URL: https://issues.apache.org/jira/browse/ATLAS-3081
> Project: Atlas
> Issue Type: New Feature
> Reporter: Ayush Nigam
> Assignee: Ayush Nigam
> Priority: Minor
> Attachments: ATLAS_3081.patch
>
>
> Expose Gremlin Search API to solve more complex usecases.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
