Closed shraddhagrawal closed 3 days ago
&& path.startsWith('foo.')
is maybe the issue?
@snazy May be as !path.startsWith('foo.') is working as expected and same example is mentioned in https://projectnessie.org/nessie-latest/authorization/#example-authorization-rules for path.startsWith
What happened
I am using Nessie with iceberg REST and I have three authorisation rule as follows -
If I am trying to query
select * from nessie.foo.foo
nessie is catalog name I am getting following error - _Server error: AccessCheckException: 'VIEWREFERENCE' is not allowed for role 'service-account-client3' on reference 'main'If I change third rule to -
nessie.server.authorization.rules.allow_reading_entity_value=op in ['VIEW_REFERENCE', 'READ_ENTITY_VALUE'] && role=='service-account-client3' && path.startsWith('foo.') && ref=='main'
still I am getting same error #https://projectnessie.org/nessie-latest/authorization/#example-authorization-rules
How to reproduce it
Nessie server type (docker/uber-jar/built from source) and version
docker
Client type (Ex: UI/Spark/pynessie ...) and version
Spark
Additional information
No response