Page Comparison

...

Operation	Privileges Required (Existing)	Privileges Required (Proposed)	Integration test name(Class name + test name)
Create	ADMIN (on the CDAP instance)	ADMIN	BasicAuthorizationTestBase.testBasicGrantOperations
Update	ADMIN (on the namespace)
Delete	ADMIN (on the namespace)	ADMIN on the namespace, and all entities in the namespace
View/List	Any of READ, WRITE, EXECUTE, or ADMIN	Any privilege on the namespace or any of its descendants.
Get Namespace Meta		*Any privilege on the namespace or any of its descendants.*

...

Datasets

Operation	Privileges Required (Existing)	Privileges Required (Proposed)	Integration Test Name
Create	WRITE (on the namespace)	ADMIN	BasicAuthorizationTestBase.testDatasetPrivileges
Read	(READ (on the dataset) and READ (namespace)) \| READ (on the namespace)	READ
Retrieving properties	Not Documented	Any of READ, WRITE, ADMIN, or EXECUTE
Write	WRITE (on the dataset) \| WRITE (on the namespace)	WRITE
Update	(ADMIN (on the dataset) and READ (on the namespace)) \| (ADMIN (on the namespace) and READ (on the namespace))	*ADMIN*	BasicAuthorizationTestBase.testDatasetPrivileges
Upgrade	ADMIN (on the dataset) \| ADMIN (on the namespace)	*ADMIN*
Truncate	ADMIN (on the dataset) \| ADMIN (on the namespace)	*ADMIN*	BasicAuthorizationTestBase.testDatasetPrivileges
Drop	ADMIN (on the dataset) \| ADMIN (on the namespace)	*ADMIN*	BasicAuthorizationTestBase.testDatasetPrivileges
View/List	Any of READ, WRITE, EXECUTE, or ADMIN		BasicAuthorizationTestBase.testDatasetPrivileges
Get dataset meta		ADMIN \| READ \| WRITE	BasicAuthorizationTestBase.testDatasetPrivileges

Dataset Modules

Operation	Privileges Required (Existing)	Privileges Required (Proposed)
Deploy	WRITE (on the namespace)	ADMIN
Delete	ADMIN (on the dataset module) \| ADMIN (on the namespace)	ADMIN
Delete-all in the namespace	ADMIN (on the namespace)	ADMIN on all dataset modules in the namespace
View/List	Any of READ, WRITE, EXECUTE, or ADMIN
Get module meta		ADMIN \| READ

...

Versions Compared