| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| [groups] |
| # The "manager" user has select on customers->purchases and admin on |
| # analyst/junior_analysts sandbox, and has functions admin access on all servers |
| manager = customer_read, analyst_sandbox, junior_analyst_sandbox, server1_lib_uri, customer_write |
| |
| # The "analyst" user has select on customers->purchases, admin on analyst_sandbox, |
| # select on junior_analyst_sandbox and has admin on functions on server1. |
| analyst = customer_read, analyst_sandbox, junior_analyst_sandbox_read, server1_lib_uri |
| |
| # The "junior_analyst" has admin in junior_analyst_sandbox. The manager must |
| # insert data into the sandbox for the jr analyst to work with. |
| junior_analyst = junior_analyst_sandbox |
| |
| # Admin has admin access |
| admin = admin |
| |
| [roles] |
| # Select on server1->customers->purchases |
| customer_read = server=server1->db=customers->table=purchases->action=select |
| |
| # Insert on server1->customers->purchases |
| customer_write = server=server1->db=customers->table=purchases->action=insert |
| |
| # Anything from any server on analyst sandbox |
| analyst_sandbox = server=server1->db=analyst |
| |
| # Anything from any server jr analyst sandbox |
| junior_analyst_sandbox = server=server1->db=junior_analyst |
| |
| # Read-only on jr analyst sandbox |
| junior_analyst_sandbox_read = server=server1->db=junior_analyst->table=*->action=select |
| |
| server1_lib_uri = server=server1->uri=file:///path/to/some/lib/dir |
| |
| # Admin role, unrestricted |
| admin = server=server1 |
| |
| [users] |
| admin1=admin |
| manager1=manager |
| analyst1=analyst |
| junior_analyst1=junior_analyst |
| foo=admin |