[
https://issues.apache.org/jira/browse/GEODE-3576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jason Huynh updated GEODE-3576:
-------------------------------
Description: Currently a user can do cq.execute() without data read
permissions. The check for DATA:READ:Region occurs later and means the cq is
actually installed. It might be better to do the checks for DATA:READ:Region
before even installing the cq. (was: Currently a user can do cq.execute()
without data read permissions. The check for DATA:READ occurs later and means
the cq is actually installed. It might be better to do the checks for
DATA:READ before even installing the cq.)
Summary: Executing cq should check for DATA:READ:Region permissions at
cq installation time rather than on cq processing (was: Executing cq should
check for DATA:READ permissions at cq installation time rather than on cq
processing)
> Executing cq should check for DATA:READ:Region permissions at cq installation
> time rather than on cq processing
> ---------------------------------------------------------------------------------------------------------------
>
> Key: GEODE-3576
> URL: https://issues.apache.org/jira/browse/GEODE-3576
> Project: Geode
> Issue Type: Bug
> Components: cq, security
> Reporter: Jason Huynh
> Assignee: Jason Huynh
>
> Currently a user can do cq.execute() without data read permissions. The
> check for DATA:READ:Region occurs later and means the cq is actually
> installed. It might be better to do the checks for DATA:READ:Region before
> even installing the cq.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
