Allow schema owner to create, drop and rename schema #1139
Conversation
...o-plugin-toolkit/src/main/java/io/prestosql/plugin/base/security/FileBasedAccessControl.java
Show resolved
Hide resolved
| @@ -78,19 +78,25 @@ public FileBasedAccessControl(FileBasedAccessControlConfig config) | |||
| @Override | |||
| public void checkCanCreateSchema(ConnectorTransactionHandle transactionHandle, ConnectorIdentity identity, String schemaName) | |||
| { | |||
| denyCreateSchema(schemaName); | |||
| if (!isSchemaOwner(identity, schemaName)) { | |||
There was a problem hiding this comment.
There was a problem hiding this comment.
This seems reasonable to me. I had originally suggested a separate permission for schema creation, but it doesn't make sense to allow creating a schema for which you would have no ownership.
There was a problem hiding this comment.
I think the same logic should apply to table and view creation: rather than checking schema ownership, check whether the user owns the table.
There was a problem hiding this comment.
That seems reasonable also. I'd prefer for it to be consistent.
There was a problem hiding this comment.
Isn’t this a chicken-and-egg issue? A user can’t be owner of a schema that does not yet exist... what am I missing?
There was a problem hiding this comment.
@martint the permissions file allows you to have permissions for anything regardless of its existence or not. Since file based security system is totally generic, there isn't a good way to restrict that even if you wanted to, and instead we rely on the knowledge that the engine only checks for stuff that exists.
There was a problem hiding this comment.
I think the same logic should apply to table and view creation: rather than checking schema ownership, check whether the user owns the table.
@electrum this sounds reasonable. I am concerned this may reduce protection in some cases though. Let's do it separately.
findepi
force-pushed
the
create-drop-schema
branch
from
1169ae7
to
997209b
Compare
No description provided.