Closed yiluoya closed 2 years ago
Feature request
我们正打算使用starrocks,但是我们场景中会用到行过滤和字段加密, 自己也在研究这一块的东西。 如果完全自己做,可能不方便升级,所以希望社区能给个规范和接口,后面代码完成后想将代码提交给社区。
主要涉及的点 1、语法和词法类cup, 基于grant 做 需要修改 定义规则, 另起一套也行, 也可以基于ranger。 2、分析器, 需要对 queryStmt 等 进行修改。
希望社区开发,或者制定一个规则。
谢谢
you can join StarRocks Community Slack Chanel ,Let's discuss it in detail:https://join.slack.com/t/starrocks/shared_invite/zt-z5zxqr0k-U5lrTVlgypRIV8RbnCIAzg
Feature request
我们正打算使用starrocks,但是我们场景中会用到行过滤和字段加密, 自己也在研究这一块的东西。 如果完全自己做,可能不方便升级,所以希望社区能给个规范和接口,后面代码完成后想将代码提交给社区。 主要涉及的点 1、语法和词法类cup, 基于grant 做 需要修改 定义规则, 另起一套也行, 也可以基于ranger。 2、分析器, 需要对 queryStmt 等 进行修改。 希望社区开发,或者制定一个规则。 谢谢
you can join StarRocks Community Slack Chanel ,Let's discuss it in detail:https://join.slack.com/t/starrocks/shared_invite/zt-z5zxqr0k-U5lrTVlgypRIV8RbnCIAzg
thank you
我已经基本完成了这个特性,问一下怎么发起一次讨论
We have marked this issue as stale because it has been inactive for 18 months. If this issue is still relevant, removing the stale label or adding a comment will keep it active. Otherwise, we'll close it in 10 days to keep the issue queue tidy. Thank you for your contribution to StarRocks!
Feature request
column masking example:
customer table as follow ,the telephone num is sensitive ,don't want be select by user A。 but user B can view all data。
solution : add function at table customer column telephone for user A。 then user A do : select * from customer :
at user B's view: select * from customer :
row filter
example :table order
hope user A only can view data ‘省份’ is ‘湖南’。
solution :
add express at table order for user A then when user A do : select * from order
next is i implement example:
column mask:
GRANT MASK_POLICY ON ods.test_chen TO 'root' COLUMN b WITH abs(b);
show grants
SHOW GRANTS for 'root'
policy revoke
propose: is it a good way use mask_priv/filter_priv to grant ?
for huawei gsDB
for hive /presto user range