You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "Zsombor Fedor (JIRA)" <ji...@apache.org> on 2018/09/14 12:44:00 UTC
[jira] [Created] (IMPALA-7571) is_member() function to determine
the current user is in a group
Zsombor Fedor created IMPALA-7571:
-------------------------------------
Summary: is_member() function to determine the current user is in a group
Key: IMPALA-7571
URL: https://issues.apache.org/jira/browse/IMPALA-7571
Project: IMPALA
Issue Type: New Feature
Components: Security
Reporter: Zsombor Fedor
A function which returns if a user is member of a group.
Basically, depending on user groups membership, we could mask or hide certain columns or rows of data, similarly how it's implemented in Dremio. Similar concept is available in Oracle, it's called Oracle Virtual Private Database.
It can be implemented for other user-to-group mappings too.
For example Dremio, uses a cache for is_member() calls (defautls to 24h), so this group membership check can be cached and consequentially resolved very quickly.
For reference:
[https://docs.dremio.com/security/column-masking.html]
[https://docs.dremio.com/security/row-level-permissions.html]
[https://docs.oracle.com/cd/B28359_01/network.111/b28531/vpd.htm]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org