Skip to first unread message
lu...@emaxsrl.com
Apr 23, 2014, 9:02:07 AM4/23/14
to orient-...@googlegroups.com
Hello,
how can I grant CREATE/READ/UPDATE permission to a single cluster?
By now I have this ORole rules:
{
"database": 2,
"database.schema": 2,
"database.cluster.internal": 2,
"database.cluster.orole": 2,
"database.cluster.ouser": 2,
"database.class.*": 0,
"database.class.orole": 2,
"database.class.ouser": 2,
"database.cluster.access_log_0": 7,
"database.command": 2,
"database.hook.record": 2
}
While this is the error message when I try to insert into "access_log_0":
message: 'User \'user\' has no the permission to execute the operation \'Create\' against the resource: database.cluster.*'
Any suggestions?
Thank you in advance
Luca
Luca Garulli
Apr 23, 2014, 9:52:58 AM4/23/14
to orient-database
Hi,
Look at the documentation: https://github.com/orientechnologies/orientdb/wiki/Security#grant-and-revoke-permissions
Lvc@
--
---
You received this message because you are subscribed to the Google Groups "OrientDB" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orient-databa...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
lu...@emaxsrl.com
Apr 24, 2014, 8:54:01 AM4/24/14
to orient-...@googlegroups.com
Hi,
if I use : GRANT ALL ON database.cluster.ACCESS_LOG_0 TO utenti;
if I use : GRANT ALL ON database.cluster.ACCESS_LOG_0 TO utenti;
this the result:
{
"database": 2,
"database.schema": 2,
"database.cluster.internal": 2,
"database.cluster.orole": 2,
"database.cluster.ouser": 2,
"database.class.*": 0,
"database.class.orole": 2,
"database.class.ouser": 2,
"database.cluster.*": 2,
"database.cluster.access_log_0": 15,
"database.command": 2,
"database.hook.record": 2
}
But in this way role utenti will access all clusters, what I would like to do is to revoke all permission and grant access only to single cluster, is this possible?
Thanks
Luca
Reply all
Reply to author
Forward
0 new messages