Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Umberella] Support Paimon in Authz #5470

Open
4 of 27 tasks
bowenliang123 opened this issue Oct 19, 2023 · 3 comments
Open
4 of 27 tasks

[Umberella] Support Paimon in Authz #5470

bowenliang123 opened this issue Oct 19, 2023 · 3 comments

Comments

@bowenliang123
Copy link
Contributor

bowenliang123 commented Oct 19, 2023
edited
Loading

Code of Conduct

Search before asking

  • I have searched in the issues and found no similar issues.

Describe the proposal

Introduce Paimon support in Kyuubi Authz plugin.

Apache Paimon is an incubating Apache project of data lake platform for high-speed data ingestion, changelog tracking and efficient real-time analytics.

Task list

Paimon Spark 3 Reference: https://paimon.apache.org/docs/master/engines/spark3/

Are you willing to submit PR?

  • Yes. I would be willing to submit a PR with guidance from the Kyuubi community to improve.
  • No. I cannot submit a PR at this time.
@bowenliang123 bowenliang123 converted this from a draft issue Oct 19, 2023
@davidyuan1223
Copy link
Contributor

hello, i want try this issue, but i'm not sure how to improve it, this code is a createTableAsSql for paimon

  test("CreateTableAs") {
    withCleanTmpResources(Seq((s"$catalogV2.$namespace1.$table1", "table"),
      (s"$catalogV2.$namespace1.$table2", "table"))) {
      doAs(
        admin,
        sql(
          s"""
             |CREATE TABLE IF NOT EXISTS $catalogV2.$namespace1.$table1
             |(id int, name string, city string)
             |USING paimon
             |OPTIONS (
             |  primaryKey = 'id'
             |)
             |""".stripMargin
        )
      )
      interceptContains[AccessControlException] {
        doAs(
          someone,
          sql(
            s"""
               |CREATE TABLE IF NOT EXISTS $catalogV2.$namespace1.$table2
               |USING PAIMON
               |AS
               |SELECT * FROM $catalogV2.$namespace1.$table1
               |""".stripMargin
          )
        )
      }(s"does not have [select] privilege on [$table1/id]")
    }
  }

But when i try admin to execute the createTableAs Sql, the authz also will print exception, like user [admin] does not have [select] privilege on [$table1/id]

@bowenliang123
Copy link
Contributor Author

hello, i want try this issue, but i'm not sure how to improve it, this code is a createTableAsSql for paimon

  test("CreateTableAs") {
    withCleanTmpResources(Seq((s"$catalogV2.$namespace1.$table1", "table"),
      (s"$catalogV2.$namespace1.$table2", "table"))) {
      doAs(
        admin,
        sql(
          s"""
             |CREATE TABLE IF NOT EXISTS $catalogV2.$namespace1.$table1
             |(id int, name string, city string)
             |USING paimon
             |OPTIONS (
             |  primaryKey = 'id'
             |)
             |""".stripMargin
        )
      )
      interceptContains[AccessControlException] {
        doAs(
          someone,
          sql(
            s"""
               |CREATE TABLE IF NOT EXISTS $catalogV2.$namespace1.$table2
               |USING PAIMON
               |AS
               |SELECT * FROM $catalogV2.$namespace1.$table1
               |""".stripMargin
          )
        )
      }(s"does not have [select] privilege on [$table1/id]")
    }
  }

But when i try admin to execute the createTableAs Sql, the authz also will print exception, like user [admin] does not have [select] privilege on [$table1/id]

Hi, I'm not reproducing the case you mentioned. And #5590 is raised for it, you may have a check on this.
If you still encounter this issue, please submit a dedicated issue with code and logs showing the full test cases for positive and negative.

@bowenliang123 bowenliang123 mentioned this issue Oct 31, 2023
Closed
3 tasks
This was referenced Nov 1, 2023
Closed
Closed
This was referenced Feb 15, 2025
Closed
Closed
Closed
Closed
This was referenced Feb 25, 2025
Closed
Open
Closed
Open
Closed
@davidyuan1223
Copy link
Contributor

davidyuan1223 commented Mar 1, 2025
edited
Loading

@bowenliang123 Paimon with Spark looks like not support chaning column nullability and watermark currently, suggest remove this subtask, the command is support with flink

This was referenced Mar 1, 2025
Closed
Closed
Open
Closed
Closed
Open
Closed
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bowenliang123 @davidyuan1223