Versions Compared

Old Version 8

changes.mady.by.user Ke Jiang

Saved on

compared with

New Version Current

changes.mady.by.user Ke Jiang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


By design, a role inherited from another role is not possible here.


6、Privileges 6、Privilege grants of resource COLLECTION

id

tenant

grantor_name

principal_name

principal_type

collection_priv

collection_id

is_deleted

created_time


Grantor_name is the user who grants the privileges.
Principal_name is the target which grantor grants privileges to.
The value of principal_type are USER or ROLE.
Collection_priv is the privilege to a collection, like SELECT, INSERT, UPDATE, etc.


For some collections which have alias, it will first get the real collection of the alias. Privilege verification will be based on the real collection not the alias. Collections stored in the table are also the real collection, not the alias.


The wildcard mode is supported for the collections in the table.


7、Privilege grants 7、Privileges of resource DATABASE (Not used since database is not supported in Milvus for now)

id

tenant

grantor_name

principal_name

principal_type

db_priv

db_id

is_deleted

created_time

...

KV Store Schema


1、User

/prefix/credentialscredential/users/{tenant}/{username}

{"userTypek1": "v1", "k2": "adminv2"}


2、Resource Types

/prefix/credentialscredential/resources/{resourcenameresourceType}

nil


3、Privilege

/prefix/credentialscredential/privileges/{tenant}/{resourceType}/{privilege}

nil


4、Role

/prefix/credentialscredential/roles/{tenant}/{rolename}

nil


5、Role mapping

/prefix/credentialscredential/user-role-mapping/{tenant}/{username}/{rolename}

nil


6、Grantee's Privileges6、Privilege Grants

/prefix/

credentials

credential/

grantee

privilege-

privileges

grants/{tenant}/{principalType}/{principalName}/{resourceType}/{resourceName}

[{"resource":"SELECT", "grantor":"Alice"}, {"resource":"UPDATE", "grantor":"Bob"}]


Resources & Privileges defined in Milvus

...

Index-related operations are included in ALTER privilege, like building, dropping index.


Default Roles


There are two default roles: admin, public.


Role admin have ALL the privilege. Role public only has READ and LOAD privileges.TODO


APIs


For every API, parameter tenant is mandatory for avoiding loading too much data to memory.

...

Only root user can create roles. Role name cannot be "admin" or "public".


2、Grant & revoke privileges

...

Only root user can grant & revoke privileges.


3、List grants for specific a user/role and resource


Code Block
languagecpp
func UserGrantListPrincipalGrantList(principalName string, principalType string, resourceType string, resourceName string) []UserGrantPrincipalGrant


Output structure:

PrincipalTypePrivilege
PrincipalNamePrincipalTypePrivilegeResourceTypeResourceNamePrincipalName
AliceUSERINSERTCollectiontbl_1AliceUserINSERT

Users can only query the grants for himself. And only root user can query grants for a role.

...


The root user cannot be deleted.


Other Notices


  1. Presetting There will be initialization program for presetting users, resource types, privileges are stored in local files. When milvus starts, it will load these files and insert records into database.Presetting users, resource types and privileges can be added into files and taking effect after restarting milvus service. Before the Milvus go to service, they are inserted into the meta table.
  2. The root user is the only user that has privileges to create/drop/grant/revoke users and privileges.
  3. In MEP-27, basic auth is taking effect if there are any existing users. Since root user is created by default once Milvus service starts, it will introduce a toggle to indicate whether the authentication is turned on.
  4. Using Casbin for role-based privileges check.

...