gianm commented on issue #17610: URL: https://github.com/apache/druid/issues/17610#issuecomment-2776966216
It would definitely be nice to enable multitenant use of lookups by allowing read-restrictions. Let me describe the main reason it hasn't been done so far. There are multiple ways of accessing lookups, some of which don't have hooks into authorization mechanisms: - SQL reference to `lookups.xyz`. There are authorization hooks so this one is not a problem. - SQL `LOOKUP` function. We do have a way to authorize specific SQL functions (see `AuthorizableOperator`) so this is also not a problem. - Native `lookup` expr function. We don't currently have a way to authorize these. - Native `lookup` datasource. Same. - Native `lookup` dimension spec. Same. So, more or less, it is not too much work to build authorization for lookups queried through SQL. But native queries would effectively then be a "backdoor", which would be unacceptable. We would need to either implement various new authorization hooks for native queries, or we'll need to add something to prevent users without full lookup permissions from issuing native queries at all. These issues can be tackled and so it is definitely possible to build authorization for lookups. I am just trying to provide a reason why it's a bit more work than it might seem at first. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
