Details
-
Task
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Add a cluster privilege resource provider so that privileges may be assigned to cluster instances. See BUG-18967 for view instance privileges.
TODO :
- Add resource_id column to clusters
- Add resource entity relationship to ClusterEntity
- Insert associated resource row in DB when cluster is created.
- Update existing cluster rows in DB with associated resource relationship.
- Add cluster privilege service for API framework.
- Add cluster privilege resource provider.
- Adjust unit tests.
API:
To grant privileges to access the cluster we can create a privilege sub-resource for the cluster instance. The following API will grant CLUSTER.READ permission to the user 'bob' for the cluster instance 'c1'.
POST http://<server>/api/v1/clusters/c1 [ { "PrivilegeInfo" : { "permission_name" : "CLUSTER.READ", "principal_name" : "bob", "principal_type" : "USER" } } ]
Attachments
Issue Links
- links to