Description
Predefined roles
According to Don's document he want to have two different predefined
roles. I do however think that we need to do something more (given the
other projects we're doing for Spock.. like mobile convergence where
we're adding extended attributes). We might have to fine-tune these
privileges once we get more feedback from other teams.)
BucketReader
My current view is that this "role" (I would have called it profile) would
contain:
Read, SimpleStats, MetaRead, XAttrRead
That would give you:
The `Read` privilege allows for reading documents in the selected bucket.
The `SimpleStats` privilege allows for requesting basic statistics
information from the system (restricted to the selected bucket)
The `MetaRead` privilege allows for reading the meta information
on documents.
The `XattrRead` privilege allows the connection to read the system
attributes on the documents
BucketReadWriter
My current view is that this "role" would contain:
Read, Write, SimpleStats, MetaRead, MetaWrite, XAttrRead, XattrWrite
That would give you:
The `Read` privilege allows for reading documents in the selected bucket.
The `Write` privilege allows for creating, updating or deleting documents
in the selected bucket.
The `SimpleStats` privilege allows for requesting basic statistics
information from the system (restricted to the selected bucket)
The `MetaRead` privilege allows for reading the meta information
on documents.
The `MetaWrite` privilege allows for updating the meta information
on documents.
The `XattrRead` privilege allows the connection to read the system
attributes on the documents
The `XattrWrite` privilege allows the connection to write to the
system attributes on the documents