[
https://issues.apache.org/jira/browse/CALCITE-5681?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17751393#comment-17751393
]
hongyu guo commented on CALCITE-5681:
-------------------------------------
Thank you for your encouragement and guidance, which has been very helpful to
me!
For your first question, I renamed Privilege to AuthCommand.
Secondly, I have modified most of the CalcitePrincipal to Principal to enhance
the extensibility of the code, and propose a loadingCache to reduce the
repeated creation of objects.
For the last point you mentioned, considering that CatalogReader is created or
used in many places, I modifying the getAllowedAccess() method can implement
access control with fewer modifications, which is my starting point.
> Support authorization via GRANT and REVOKE DDL commands
> -------------------------------------------------------
>
> Key: CALCITE-5681
> URL: https://issues.apache.org/jira/browse/CALCITE-5681
> Project: Calcite
> Issue Type: Bug
> Reporter: Julian Hyde
> Assignee: hongyu guo
> Priority: Major
> Labels: pull-request-available
>
> Support authorization via GRANT and REVOKE DDL commands.
> While CALCITE-2194 describes how authorization could be built into the schema
> (e.g. user1 can see tables table1 and table2), it requires people to create
> their own Schema objects. This feature would add GRANT and REVOKE commands to
> the DDL parser in the "server" component.
> The syntax is TBD but would look something like this:
> {code:java}
> GRANT SELECT ON TABLE table1, table2 TO user1;
> REVOKE ALL ON table1 FROM user1; {code}
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
