[jira] [Commented] (ATLAS-487) Externalize tag in search method

Tue, 16 Feb 2016 09:19:10 -0800 

    [ 
https://issues.apache.org/jira/browse/ATLAS-487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15148936#comment-15148936
 ] 

Hemanth Yamijala commented on ATLAS-487:
----------------------------------------

[~smadugun], Based on some initial conversation with you, I thought this was 
your use case. Could be completely wrong, so can you please confirm:

Say I have 2 entities, A and B. For your purposes, you want A and B to be owned 
by different 'tenants', say organizations. One way to solve this could be 
through an object level authorization capability. However, in the absence of 
such capability, I guess you are creating tags - for e.g. Org1 and Org2. And 
associating A and B with the orgs who can access them. Now when a client API 
wants to access A, say using a DSL query like {{<Type> where name='A'}}, you 
are probably rewriting it to inject the org the client belongs to as the tag 
associated with the object. And thus only those clients who belong to the right 
org would be able to access the object. 

Your ask is for the search API to take in the tag as a query parameter that 
holds special meaning (i.e. it should do this authorization based on the 
parameter).

Is this right?





> Externalize tag in search method
> --------------------------------
>
>                 Key: ATLAS-487
>                 URL: https://issues.apache.org/jira/browse/ATLAS-487
>             Project: Atlas
>          Issue Type: Improvement
>            Reporter: Prasad  S Madugundu
>            Priority: Critical
>
> Tagging metadata (or adding traits to metadata) can be used for 
> classification of metadata and metadata partitioning for multi-tenancy 
> purpose or partition based on the organization hierarchy. In these use cases, 
> it would be ideal if I can pass the trait as a separate parameter to the 
> search method, instead of including the tag as a predicate in the query 
> string. 
> If I have a complex query that retrieves metadata from multiple types, then 
> the query becomes more complex if I need to add predicates for the tags for 
> all the types that are used in the query.
> Externalizing the tag from the search query would also lead to better 
> structure for the client code, because I can add the classification or 
> partition to the query without modifying the query.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to