[ https://issues.apache.org/jira/browse/CALCITE-2194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16392630#comment-16392630 ]
Piotr Bojko edited comment on CALCITE-2194 at 3/9/18 1:56 PM: -------------------------------------------------------------- Ok, take your time. For me the most important is whether SqlAccessEnum can be extended or not. With INDIRECT_SELECT following schema: {code} { "name": "HIDDEN_SCHEMA", "type": "custom", "factory": "some-factory", "operand": {}, "access" : { "factory" : "some-new-factory-for-user-based-access-logic", "operand" : { "user01" : "SELECT", "user02" : "INDIRECT_SELECT" "user03" : "SELECT, INDIRECT_SELECT" } } } {code} * for user01 is forbidden to use it indirect through views from other schemas * for user02 is hidden and it can access it only though views * for user03 is open for all selects and views By the time some patches to pull are delivered: ||Issue||Status|| |Reformattng, house style|todo| |Periods|todo| |Checkstyle on RexImpTable|done| |SqlAccessEnum.INDIRECT_SELECT|explained, to be accepted or not| |Immutability on RelOptTalbleImpl|It is still immutable, changes only in MySchemaPlus which is not immutable, changes are unsupported like for example RelOptTalbleImpl.MySchemaPlus.add methods| |CalcitePrincipalFairy name and threadlocal implementation|todo| |System.getProperty("user.name")|Number of usage not increased, used only for backward compatibility| |boolean indirect not explained|todo| |messy .gitignore|done| was (Author: ptrbojko): Ok, take your time. For me the most important is whether SqlAccessEnum can be extended or not. With INDIRECT_SELECT following schema: {code:json} { "name": "HIDDEN_SCHEMA", "type": "custom", "factory": "some-factory", "operand": {}, "access" : { "factory" : "some-new-factory-for-user-based-access-logic", "operand" : { "user01" : "SELECT", "user02" : "INDIRECT_SELECT" "user03" : "SELECT, INDIRECT_SELECT" } } } {code} * for user01 is forbidden to use it indirect through views from other schemas * for user02 is hidden and it can access it only though views * for user03 is open for all selects and views > Ability to hide a schema > ------------------------ > > Key: CALCITE-2194 > URL: https://issues.apache.org/jira/browse/CALCITE-2194 > Project: Calcite > Issue Type: New Feature > Components: core > Affects Versions: 1.16.0 > Reporter: Piotr Bojko > Assignee: Piotr Bojko > Priority: Minor > > See: > [https://mail-archives.apache.org/mod_mbox/calcite-dev/201711.mbox/ajax/%3C6F6E52D4-6860-4384-A1CB-A2301D05394D%40apache.org%3E] > I've looked into the core and the notion of an user could be hard to achieved > now. > Though, I am able to implement the "hidden schema" feature through following > changes: > # JsonSchema - add a holder for the feature, boolean flag or flags field > with enum (CACHED which now exists as a separate flag - some deprecation > could be needed, HIDDEN) > # CalciteSchema - pass through of a flag > # RelOptSchema - pass through of a flag > # CalciteCatalogReader - pass through of a flag > # Other derivatives of RelOptSchema - mocked value, false > # RelOptTable and impl - pass through of a flag > # SqlValidatorImpl - validation whether object from hidden schema is used > (in the same places like validateAccess) > # ViewTableMacro.apply -> Schemas.analyzeView -> > CalcitePrepareImpl.analyzeView -> CalcitePrepareImpl.parse_ -> > CalcitePrepareImpl.CalcitePrepareImpl - this path of execution should build > SqlValidatorImpl which has the check from point 7 disabled- > Such feature could be useful for end users. > If the solution is ok - I can contribute it. -- This message was sent by Atlassian JIRA (v7.6.3#76005)