[jira] [Commented] (CASSANDRA-18070) Add a new SELECT_MASKED permission

[Jira]

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-18070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17688508#comment-17688508
 ] 

Andres de la Peña commented on CASSANDRA-18070:
-----------------------------------------------

{{SELECT_MASKED}} points to the existing {{SELECT}} permission, for which it is 
a subcase. I mean, you need to have {{SELECT}} permission before 
{{SELECT_MASKED}} makes sense. {{RESTRICT_MASKED}} doesn't seem to point so 
clearly to {{SELECT}} queries, and one might think that it prevents 
unprivileged user from creating masks, or something like that. I guess that 
it's the "restrict" word what makes it confusing in the context of permissions, 
which are restrictions themselves. Maybe we can avoid that by naming it 
{{FILTER_MASKED}}. But that would mean deviating from the name that was agreed 
on the CEP, which is not ideal, and losing the association with the {{SELECT}} 
permission. 

> Add a new SELECT_MASKED permission
> ----------------------------------
>
>                 Key: CASSANDRA-18070
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-18070
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Feature/Dynamic Data Masking
>            Reporter: Andres de la Peña
>            Assignee: Andres de la Peña
>            Priority: Normal
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Add a table-level SELECT_MASKED permission allowing certain users to query 
> but not see the unmasked columns introduced by CASSANDRA-18068, assuming that 
> they also have the SELECT permission on the table, as defined by 
> [CEP-20|https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-20%3A+Dynamic+Data+Masking].
>  
> It would look like:
> {code}
> > CREATE USER unprivileged_user WITH PASSWORD 'xyz';
> > CREATE USER privileged_user WITH PASSWORD 'zyx';
>  
> > GRANT SELECT ON ALL TABLE patients TO unprivileged_user;
> > GRANT SELECT ON ALL TABLE patients TO privileged_user;
> > GRANT SELECT_MASKED ON ALL TABLE patients TO privileged_user;
>  
> > LOGIN unprivileged_user
> > SELECT name, birth FROM patients WHERE name='alice' ALLOW FILTERING;
>  
> Unauthorized: Error from server: code=2100 [Unauthorized] message="User has 
> no UNMASK nor SELECT_UNMASK permission on <table k.patients>"
>              
> > LOGIN privileged_user
> > SELECT name, birth FROM patients WHERE name='alice' ALLOW FILTERING;
>  
>  name    | birth
> ---------+------------
>  alXXXXe | 1900-01-01
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org