zddr opened a new pull request, #41207: URL: https://github.com/apache/doris/pull/41207
- Set the authentication type for row policy and datamask as `select` to avoid traversing all permission items within the ranger - The permission items on the ranger page are consistent with the grant syntax permission items on Doris - Add global permissions on the ranger side, and the ranger page needs to be specified in the input box* - No longer using cache to cache datamask and row policy, as changing the log level and specifying permission items has already made the speed fast enough - When using a ranger, there is no need to create a role with the same name within Doris - If you have sub level permissions, you can see the current level when showing. For example, if you have query permissions for table1 under db1, db1 will be displayed when showing databases ranger ui: https://github.com/morningman/ranger/pull/1 performance testing: Each time the ranger authentication method is called, it takes less than 1ms, If the user has global/db/table permissions, querying a large wide table takes approximately 1ms. If the user only has partial column query permission, it will take approximately 80ms to query 50 columns -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org For additional commands, e-mail: commits-h...@doris.apache.org
