malthe opened a new issue, #39157: URL: https://github.com/apache/doris/issues/39157
### Search before asking - [X] I had searched in the [issues](https://github.com/apache/doris/issues?q=is%3Aissue) and found no similar issues. ### Description Currently, [views](https://doris.apache.org/docs/query/view-materialized-view/create-view) are just logical encapsulations of a SELECT statement. In many database systems including [MySQL](https://dev.mysql.com/doc/refman/8.4/en/create-view.html), [PostgreSQL](https://www.depesz.com/2022/03/22/waiting-for-postgresql-15-add-support-for-security-invoker-views/) and [Presto](https://prestodb.io/docs/current/sql/create-view.html), views are assigned either a DEFINER or INVOKER security model: ```sql CREATE [ OR REPLACE ] VIEW view_name [ SECURITY { DEFINER | INVOKER } ] AS query ``` From Presto's documentation: > In the default DEFINER security mode, tables referenced in the view are accessed using the permissions of the view owner (the creator or definer of the view) rather than the user executing the query. This allows providing restricted access to the underlying tables, for which the query user may not be allowed to access directly. Note that the current_user function will return the query user, not the view owner, and thus may be used to filter out rows or otherwise restrict access based on the user currently accessing the view. > In the INVOKER security mode, tables referenced in the view are accessed using the permissions of the query user (the invoker of the view). A view created in this mode is simply a stored query. Doris views currently provide only the INVOKER security model. ### Use case Adding support for DEFINER view security adds considerable flexibility when designing a data access model. For example, "column policies", see #9780 (which was closed) can be implemented using a view with DEFINER rights where the view owner has read permissions on an underlying table, restricting the view to a subset of columns. ### Related issues _No response_ ### Are you willing to submit PR? - [X] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org For additional commands, e-mail: commits-h...@doris.apache.org
