Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update RFC 1011. #61

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update RFC 1011. #61

wants to merge 2 commits into from

Conversation

vpetrovykh
Copy link
Member

Add the concept of access group in addition to access policy as a
way to address code duplication and boilerplate.

Add the concept of `access group` in addition to `access policy` as a
way to address code duplication and boilerplate.
@vpetrovykh
Copy link
Member Author

Adding access group attempts to provide the grouping functionality that we seem to want for access policies without affecting the existing DDL too much. Additionally this mechanism is more general than allowing anonymous sub-policies under a single access policy, because it also allows grouping together of policies affecting the same type of access.

@1st1
Copy link
Member

1st1 commented Jul 21, 2022

Looks good to me after a quick glance. But since this is a new capability that we would be shipping in a future release I think it makes sense to describe it in a separate RFC. This was we can mark this as final and the reader will have a clear understanding of what's shipped in 2.0 and what will be implemented later.

@vpetrovykh
Copy link
Member Author

OK, I'll split it into its own RFC. The general idea here is to keep our current access policy approach and propose a way to build on top of it so that we don't have to do last minute changes to 2.0 release.

Once I submit a new RFC I'll cancel this PR, but for now we can gather comments here if there are more.

For individual access policies the distinction between `when` and
`using` seems arbitrary. There is another RFC that addresses the usage
of `when` as part of grouping access policies.
@vpetrovykh
Copy link
Member Author

I've pushed #63 to address adding the grouping mechanism. However, I've updated the current PR to have one modification: remove when clause. If we kill it, the sooner we do that the better.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants