hdygxsj opened a new issue, #6829:
URL: https://github.com/apache/gravitino/issues/6829
### Describe the subtask
In authorization annotations, the use of such annotations can express
complex composite authorization rules. The authorization expression can be
converted into an OGNL expression to call the authorization method, thereby
fulfilling the requirements of complex authorization rules.
```java
import ognl.Ognl;
import ognl.OgnlContext;
public class AuthorizationContext {
private String userId;
private String resourceId;
public AuthorizationContext(String userId, String resourceId) {
this.userId = userId;
this.resourceId = resourceId;
}
public boolean authorize(String resourceType, String action) {
System.out.println("authorize called with: " + userId + ", " +
resourceType + ", " + resourceId + ", " + action);
// Use GravitinoAuthorizer
return true;
}
}
```
```java
import ognl.Ognl;
import ognl.OgnlContext;
public class OgnlExample {
public static void main(String[] args) throws Exception {
AuthorizationContext context = new AuthorizationContext("user123",
"resource456");
OgnlContext ognlContext = new OgnlContext();
ognlContext.put("context", context);
String authorizeExpression = "CATALOG::USE_CATALOG ||
TABLE::USE_TABLE";
// covert authorizeExpression to ognlExpression
String ognlExpression = "context.authorize('CATALOG', 'USE_CATALOG')
|| context.authorize('TABLE', 'USE_TABLE')";
Object result = Ognl.getValue(ognlExpression, ognlContext, context);
System.out.println("Authorization result: " + result);
}
}
```
### Parent issue
#6762
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
