You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@calcite.apache.org by "Piotr Bojko (JIRA)" <ji...@apache.org> on 2018/03/01 21:36:00 UTC

[jira] [Commented] (CALCITE-2194) Ability to hide a schema

    [ https://issues.apache.org/jira/browse/CALCITE-2194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16382685#comment-16382685 ] 

Piotr Bojko commented on CALCITE-2194:
--------------------------------------

I have a POC for this feature and tomorrow will adding more tests.

Iv'e ended up with following solution:
 # Setting up the user on behalf which connection will execute sql statements is done via standard user property or standard jdbcmanager method. Julian - probably you want to have something less "full-fledged" but any other approach would end up with more complex mockup of some kind of default principal/user in the code
 # Configuring schema in json is following:
{code}
{
  "name": "HIDDEN_SCHEMA",
 "type": "custom",
 "factory": "some-factory",
 "operand": {},
 "access" : {
  "factory" : "some-new-factory-for-user-based-access-logic",
  "operand" : {
    "user01" : "SELECT",
    "user02" : "SELECT, UPDATE"
    "user03" : "INSERT, DELETE" 
   }
 }
}{code}

There is no authencitation - user passed from DriverManager will create Principal with appropriate name.

 

Some early POC is here - https://github.com/ptrbojko/calcite/tree/experimental-hidden-schema

> Ability to hide a schema
> ------------------------
>
>                 Key: CALCITE-2194
>                 URL: https://issues.apache.org/jira/browse/CALCITE-2194
>             Project: Calcite
>          Issue Type: New Feature
>          Components: core
>    Affects Versions: 1.16.0
>            Reporter: Piotr Bojko
>            Assignee: Piotr Bojko
>            Priority: Minor
>
> See: [https://mail-archives.apache.org/mod_mbox/calcite-dev/201711.mbox/ajax/%3C6F6E52D4-6860-4384-A1CB-A2301D05394D%40apache.org%3E]
> I've looked into the core and the notion of an user could be hard to achieved now. 
> Though, I am able to implement the "hidden schema" feature through following changes:
>  # JsonSchema - add a holder for the feature, boolean flag or flags field with enum (CACHED which now exists as a separate flag - some deprecation could be needed, HIDDEN)
>  # CalciteSchema - pass through of a flag
>  # RelOptSchema - pass through of a flag
>  # CalciteCatalogReader - pass through of a flag
>  # Other derivatives of RelOptSchema - mocked value, false
>  # RelOptTable and impl - pass through of a flag
>  # SqlValidatorImpl - validation whether object from hidden schema is used (in the same places like validateAccess)
>  # ViewTableMacro.apply ->  Schemas.analyzeView -> CalcitePrepareImpl.analyzeView -> CalcitePrepareImpl.parse_ -> CalcitePrepareImpl.CalcitePrepareImpl - this path of execution should build SqlValidatorImpl which has the check from point 7 disabled- 
> Such feature could be useful for end users. 
> If the solution is ok - I can contribute it.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)