Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Only root user can grant & revoke privileges.


3、List grants for a user/role


Code Block
languagecpp
func UserGrantListPrincipalGrantList(principalName string, principalType string, resourceType string, resourceName string) []UserGrantPrincipalGrant


Output structure:

PrincipalNameUsernamePrincipalTypePrivilegeResourceTypeResourceName
AliceUSERINSERTCollectiontbl_1

Users can only query the grants for himself. And only root user can query grants for a role.

...

  1. There will be initialization program for presetting users, resource types, privileges. Before the Milvus go to service, they are inserted into the meta table.
  2. The root user is the only user that has privileges to create/drop/grant/revoke users and privileges.
  3. In MEP-27, basic auth is taking effect if there are any existing users. Since root user is created by default once Milvus service starts, it will introduce a toggle to indicate whether the authentication is turned on.
  4. Using Casbin for role-based privileges check.

...