Now we have Project,Cube to manage,
we can grant permission or role to Project,Cube,
Admin or owner can grant permission to others.
For Project Instance,
if permission is granted to Role, user who has the role can access the project.
if permission is granted to User, user who is granted can access the project.
if Project Permission is granted,the cubes under project will inherit the permission.
like if you grant CUBE_QUERY permission on project to user,then user can query all Cube under this project.
For Cube Instance
if you grant cube permission to Role, user who has the role can access the cube(Query,Edit,Operation,Admin).
if you grant cube permission to user, user can accesss the cube.
System Admin can see all projects and cubes.
other user can see Project he has permission or parent Project of cubes he has permission.
For DataModel only who create it or System Admin can edit,clone,drop it.
only Cube Query inherit from Project works now, will enable edit,and other operation permission inherit from Project on UI.
will do more enhancement on this.
- is duplicated by
KYLIN-1201 Enhance project level ACL
KYLIN-1333 Kylin Entity Permission Control