Hi, root.sg.** should be a legal path. If a user has read permission under root.sg.**, he could query all paths like root.sg.x.x (a sub pattern of root.sg.**)
Thanks, ————————————————— Jialin Qiao Apache IoTDB PMC Xiangdong Huang <[email protected]> 于2022年5月8日周日 19:48写道: > Hi, > > Just want to make a confirmation: so we cannot grant privileges to > 'root.sg.**'. > It is illegal, right? > ----------------------------------- > Xiangdong Huang > School of Software, Tsinghua University > > 黄向东 > 清华大学 软件学院 > > > 周钰坤 <[email protected]> 于2022年5月6日周五 19:14写道: > > > Hi > > > > Currently, the rule of iotdb's auth check is prefix match, which is > > inconsistent with pattern match in DDL and DML. Therefore, we want to > > refactor the rule to pattern match. > > For example, an old sql, 'GRANT USER ln_write_user PRIVILEGES > > INSERT_TIMESERIES on root.ln', won't work any more. The replacement is > > 'GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln.**' > > . > > > > Besides, we introduce the concept, sub pattern, which means a > > pattern's result set contains all the elements of its sub pattern's > > result set. For example, 'root.sg.d.*' is a sub pattern of > > 'root.sg.*.*', while 'root.sg.**' is not a sub pattern of > > 'root.sg.*.*'. > > When a user is granted privilege on a pattern, the pattern used in his > > DDL or DML must be a sub pattern of the previlige pattern, which > > guarantees that the user won't access the timeseries exceed his > > privilege scope. > > > > To guarantee the efficiency and performance of auth check, we will > > implement the auth check after the generation of statement and before > > the execution of statement. > > > > Hope for some suggestions. > > > > > > Best > > ---------------------------------------------------- > > Yukun Zhou > > School of Software, Tsinghua University > > > > 周钰坤 > > 清华大学 软件学院 > > >
