Skip to content

feat: enable dataset level ACL based authorization - Part 3

Varunkumar Manohar requested to merge slb/vm/enforcedatasetacl into master

This merge request accomplishes the following:

  1. If the subproject access policy is set to uniform then datagroups based acl authorization remains the same
  2. Else if the subproject access policy is set to dataset then the operations at the dataset level will now use the ACL groups at the dataset level for authorization checks
  3. User addition at the dataset level
  4. Copy utility endpoint to enforce dataset level ACL based authorization
  5. Updates to the {{SVC_URL}}/utility/gcs-access-token endpoint enabling the generation of Google Cloud Storage access tokens at the object prefix level (specific folder level). Previously it was only possible to generate access tokens only at the bucket level. A bucket could contain multiple folders. Note this functionality is currently available only for Google Cloud 7 unit test fixes
Edited by Varunkumar Manohar

Merge request reports