THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
In our current security model, a user with DATA:MANAGE can create regions, create disk stores, WAN gateways etc. This is a very wide scope, because an administrator may want to give create region privilege to a developer, but not necessarily give them the ability to create disk stores or send the data in that region over WAN. I propose that we refine the security model to make it finer grained.
I propose that only Region should belong to the DATA resource, everything else (i.e Disk, WANGATEWAYS, functionsJAR, AsyncQueue etcQueries etc) be treated as CLUSTER resources in the security framework. As with any other resource, admins will be able to grant READ, WRITE and MANAGE permissions to these resources. In terms of shiro, this will take the form: CLUSTER:READ/WRITE/MANAGE:DISK,WAN,ASYNCQUEUE.
brief description of resources:
DISK: ability to manage diskstores/create regions that will write to disk stores
GATEWAY: ability to manage gateway senders and receivers and create regions that use gateways
JAR: ability to deploy server side code
QUERY: ability to manage indices (both OQL and Lucene), and manage Continuous queries
Here is a revised list of permission strings. The ones that will change are highlighted below:
...