Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

行过滤和列脱敏[Feature] #7540

Open
3 tasks done
yiluoya opened this issue Dec 30, 2021 · 8 comments
Open
3 tasks done

行过滤和列脱敏[Feature] #7540

yiluoya opened this issue Dec 30, 2021 · 8 comments
Assignees
@morningman @yiluoya
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@yiluoya
Copy link

yiluoya commented Dec 30, 2021

Search before asking

  • I had searched in the issues and found no similar issues.

Description

正在分析starrocks 和doris,我现在已经做了一个行过滤和列脱敏的feature ,想同时 发给 doris 和starrocks ,如果doris 接收,后面代码领导审批后会提交。 具体 内容

#7539

Use case

Related issues

Are you willing to submit PR?

  • Yes I am willing to submit a PR!

Code of Conduct
@yiluoya yiluoya added the kind/feature Categorizes issue or PR as related to a new feature. label Dec 30, 2021
@morningman
Copy link
Contributor

Nice work. Looking forward your PR!

@morningman
Copy link
Contributor

morningman commented Dec 30, 2021
edited
Loading

我认为这里可能需要三种权限:

  1. 行权限

    根据where条件赋予用户某些行的读。

    grant row_priv(where col>1 and abs(col2) < 3 or col3 =4) on db.tbl to user1

  2. 列权限

    赋予用户某些列的读取权限。

    grant column_priv(co1, col2, ...) on db.tbl to user1

  3. 数据脱敏

    通过函数对某列数据脱敏。

    grant mask_priv(col1 = id_masking(col1), col2 = id_masking(col2)) on db.tbl to user1;

另外有一下这些事情需要考虑:

  1. 是否支持给同一个user,授予同一个表的多个同类型权限?比如

    grant row_priv(where col1>1) on db.tbl to user1;
grant row_priv(where col2<3) on db.tbl to user1;

    如果支持,多个权限直接是 AND 关系还是 OR 的关系。并且如果需要 REVOKE 其中一个权限,如何指定?个人倾向于,不支持多个同类型权限。比如对于同一个user的同一张表,只有一个 row_priv,一个 colum_priv 和一个 mask_priv。如果重复授予,则后面的覆盖前面的。

    这样逻辑比较清晰,也简化了 revoke 的设计。

  2. 数据脱敏权限的作用范围

    比如先授予权限:

    grant mask_priv(col1 = id_masking(col1)) on db.tbl to user1;

    如果SQL 查询是:

    select col1 from tbl where col1 = 123;

    该如何改写?

@yiluoya
Copy link
Author

yiluoya commented Jan 1, 2022

应该有三个问题。
1、多一种列权限,确实,我可以很快开发完

2、行过滤的问题: 采用替换方式, 或者必须撤销后再授权

GRANT FILTER_PRIV ON ods.test_chen TO 'root' WITH a > 1 and b > 1;

3、脱敏后匹配问题,应该改写为 :

select id_masking(col1) from tbl where id_masking(col1)= 123;

@morningman
Copy link
Contributor

应该有三个问题。 1、多一种列权限,确实,我可以很快开发完

2、行过滤的问题: 采用替换方式, 或者必须撤销后再授权

GRANT FILTER_PRIV ON ods.test_chen TO 'root' WITH a > 1 and b > 1;

3、脱敏后匹配问题,应该改写为 :

select id_masking(col1) from tbl where id_masking(col1)= 123;

我觉得没问题~

@morningman
Copy link
Contributor

hi @yiluoya , is there any progress?

@stalary
Copy link
Contributor

stalary commented Mar 6, 2022

I think we should refer to pg's design and support both OR and AND by configuration, while ignoring where in configuration

@stalary
Copy link
Contributor

stalary commented Mar 7, 2022

It seems that we had better devise a separate grammar,reference
gaussDB:https://support.huaweicloud.com/devg2-dws/dws_0402_0041.html
clickhouse:https://www.bookstack.cn/read/clickhouse-21.9-zh/90412fd4e39f7333.md
postgres:http://www.postgres.cn/docs/10/ddl-rowsecurity.html

@stalary
Copy link
Contributor

stalary commented Mar 8, 2022
edited
Loading

CREATE [ROW] POLICY admin_local_only ON passwd AS {PERMISSIVE|RESTRICTIVE} TO admin USING (a = ’xxx‘);

We should prioritize grant permissions. For example, we should throw an error if we do not have select permission.
CREATE POLICY requires the Grant_priv permission.

@stalary stalary mentioned this issue Apr 24, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@morningman morningman

@yiluoya yiluoya

Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@morningman @stalary @yiluoya