Closed yiluoya closed 2 years ago
wuqiao
commented
2 years ago Feature request
我们正打算使用starrocks,但是我们场景中会用到行过滤和字段加密, 自己也在研究这一块的东西。 如果完全自己做,可能不方便升级,所以希望社区能给个规范和接口,后面代码完成后想将代码提交给社区。
主要涉及的点 1、语法和词法类cup, 基于grant 做 需要修改 定义规则, 另起一套也行, 也可以基于ranger。 2、分析器, 需要对 queryStmt 等 进行修改。
希望社区开发,或者制定一个规则。
谢谢
you can join StarRocks Community Slack Chanel ,Let's discuss it in detail:https://join.slack.com/t/starrocks/shared_invite/zt-z5zxqr0k-U5lrTVlgypRIV8RbnCIAzg
yiluoya
commented
2 years ago Feature request
我们正打算使用starrocks,但是我们场景中会用到行过滤和字段加密, 自己也在研究这一块的东西。 如果完全自己做,可能不方便升级,所以希望社区能给个规范和接口,后面代码完成后想将代码提交给社区。 主要涉及的点 1、语法和词法类cup, 基于grant 做 需要修改 定义规则, 另起一套也行, 也可以基于ranger。 2、分析器, 需要对 queryStmt 等 进行修改。 希望社区开发,或者制定一个规则。 谢谢
you can join StarRocks Community Slack Chanel ,Let's discuss it in detail:https://join.slack.com/t/starrocks/shared_invite/zt-z5zxqr0k-U5lrTVlgypRIV8RbnCIAzg
thank you
yiluoya
commented
2 years ago 我已经基本完成了这个特性,问一下怎么发起一次讨论
github-actions[bot]
commented
2 years ago We have marked this issue as stale because it has been inactive for 18 months. If this issue is still relevant, removing the stale label or adding a comment will keep it active. Otherwise, we'll close it in 10 days to keep the issue queue tidy. Thank you for your contribution to StarRocks!
Feature request
column masking example:
customer table as follow ,the telephone num is sensitive ,don't want be select by user A。 but user B can view all data。
solution : add function at table customer column telephone for user A。 then user A do : select * from customer :
at user B's view: select * from customer :
row filter
example :table order
hope user A only can view data ‘省份’ is ‘湖南’。
solution :
add express at table order for user A then when user A do : select * from order
next is i implement example:
column mask:
GRANT MASK_POLICY ON ods.test_chen TO 'root' COLUMN b WITH abs(b);show grants
SHOW GRANTS for 'root'policy revoke
propose: is it a good way use mask_priv/filter_priv to grant ?
for huawei gsDB
for hive /presto user range