Closed jjaraalm closed 4 years ago
I never heard of anyone using object-level ACLs with h5serv, so I took it out of HSDS to simplify things. Shouldn't be too hard to add object-level support if there's someone who wants it.
For our data, we wanted most of the domain to be default read-only, but one group allowed writes. I've changed this by placing the write group into it's own domain, which actually makes more sense anyways, so it's not a major issue. It was just unexpected.
Ok, I'll close this issue for now. We can re-open as a feature request if there's a need.
As far as I can tell, ACLs are only settable at the domain and not object level. This seems like a regression compared to h5serv where I believe they were settable at the object level. This is also not very obvious based on the
h5pyd
API were ACLs are settable/gettable on objects.Are there any architectural reasons we can't have object-level ACLs?