[jira] [Commented] (CALCITE-5681) Support authorization via GRANT and REVOKE DDL commands

Tue, 01 Aug 2023 10:21:05 -0700 


    [ 
https://issues.apache.org/jira/browse/CALCITE-5681?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17749952#comment-17749952
 ] 

Julian Hyde commented on CALCITE-5681:
--------------------------------------

I took a very quick look. This looks very well structured (with nice 
abstractions Principal, Grant and Revoke commands, and I like how you have made 
the parser extensible). This is definitely worth reviewing and getting to 
completion.

Terminology. You have made {{Grant}} and {{Revoke}} sub-classes of 
{{Privilege}}. I would rename {{Privilege}} to {{AuthCommand}} (or something), 
because in English a privilege is a ’thing you can do’ and grant and revoke are 
‘requests to change the things you can do’.

{{CalcitePrincipal}} is used in too many places. We should just use its base 
class, {{java.security.Principal}}. E.g. 
{{CalciteSchema.getAccessType(CalcitePrincipal)}} should be 
{{getAccessType(Principal)}}. We want to make it easy for people to plug in 
their own access scheme. {{CalcitePrincipal}} can be used for tests and simple 
demos.

Should {{CatalogReader.getAllowedAccess()}} be changed to 
{{CatalogReader.getAllowedAccess(Principal)}}? I can see arguments both ways. 
One would require {{CatalogReader}} to be a filtered view for the current 
statement’s principal(s); the other would make {{CatalogReader}} a global view, 
and require the caller to pass in the principal at each step.

> Support authorization via GRANT and REVOKE DDL commands
> -------------------------------------------------------
>
>                 Key: CALCITE-5681
>                 URL: https://issues.apache.org/jira/browse/CALCITE-5681
>             Project: Calcite
>          Issue Type: Bug
>            Reporter: Julian Hyde
>            Assignee: hongyu guo
>            Priority: Major
>              Labels: pull-request-available
>
> Support authorization via GRANT and REVOKE DDL commands.
> While CALCITE-2194 describes how authorization could be built into the schema 
> (e.g. user1 can see tables table1 and table2), it requires people to create 
> their own Schema objects. This feature would add GRANT and REVOKE commands to 
> the DDL parser in the "server" component.
> The syntax is TBD but would look something like this:
> {code:java}
> GRANT SELECT ON TABLE table1, table2 TO user1;
> REVOKE ALL ON table1 FROM user1; {code}
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to