Skip to content

Update RFC 1011. #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
vpetrovykh wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update RFC 1011. #61

vpetrovykh wants to merge 2 commits into from

Conversation

@vpetrovykh
Copy link
Contributor

@vpetrovykh vpetrovykh commented Jul 21, 2022

Add the concept of access group in addition to access policy as a
way to address code duplication and boilerplate.

@vpetrovykh vpetrovykh requested review from 1st1, elprans and msullivan July 21, 2022 00:04
@vpetrovykh
Update RFC 1011.
f6dc536 
Add the concept of `access group` in addition to `access policy` as a
way to address code duplication and boilerplate.
@vpetrovykh
Copy link
Contributor Author

vpetrovykh commented Jul 21, 2022

Adding access group attempts to provide the grouping functionality that we seem to want for access policies without affecting the existing DDL too much. Additionally this mechanism is more general than allowing anonymous sub-policies under a single access policy, because it also allows grouping together of policies affecting the same type of access.

@1st1
Copy link
Member

1st1 commented Jul 21, 2022

Looks good to me after a quick glance. But since this is a new capability that we would be shipping in a future release I think it makes sense to describe it in a separate RFC. This was we can mark this as final and the reader will have a clear understanding of what's shipped in 2.0 and what will be implemented later.

@vpetrovykh
Copy link
Contributor Author

vpetrovykh commented Jul 21, 2022

OK, I'll split it into its own RFC. The general idea here is to keep our current access policy approach and propose a way to build on top of it so that we don't have to do last minute changes to 2.0 release.

Once I submit a new RFC I'll cancel this PR, but for now we can gather comments here if there are more.

@vpetrovykh
Update RFC 1011 to remove when.
7fcbb56 
For individual access policies the distinction between `when` and
`using` seems arbitrary. There is another RFC that addresses the usage
of `when` as part of grouping access policies.
@vpetrovykh
Copy link
Contributor Author

vpetrovykh commented Jul 22, 2022

I've pushed #63 to address adding the grouping mechanism. However, I've updated the current PR to have one modification: remove when clause. If we kill it, the sooner we do that the better.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@1st1 1st1 Awaiting requested review from 1st1

@msullivan msullivan Awaiting requested review from msullivan

@elprans elprans Awaiting requested review from elprans

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vpetrovykh @1st1