Zsombor Fedor created IMPALA-7571:
-------------------------------------
Summary: is_member() function to determine the current user is in
a group
Key: IMPALA-7571
URL: https://issues.apache.org/jira/browse/IMPALA-7571
Project: IMPALA
Issue Type: New Feature
Components: Security
Reporter: Zsombor Fedor
A function which returns if a user is member of a group.
Basically, depending on user groups membership, we could mask or hide certain
columns or rows of data, similarly how it's implemented in Dremio. Similar
concept is available in Oracle, it's called Oracle Virtual Private Database.
It can be implemented for other user-to-group mappings too.
For example Dremio, uses a cache for is_member() calls (defautls to 24h), so
this group membership check can be cached and consequentially resolved very
quickly.
For reference:
[https://docs.dremio.com/security/column-masking.html]
[https://docs.dremio.com/security/row-level-permissions.html]
[https://docs.oracle.com/cd/B28359_01/network.111/b28531/vpd.htm]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
