apache/kyuubi
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
513ea83438
kyuubi/extensions/spark/kyuubi-spark-authz/pom.xml
Kent Yao 513ea83438
[KYUUBI #1451] Introduce Kyuubi Spark AuthZ Module with column-level fine-grained authorization 
### _Why are the changes needed?_

 - #1451

### Kyuubi Spark AuthZ Extension

#### Functions

- [x] Column-level fine-grained authorization
- [ ] Row-level fine-grained authorization, a.k.a. Row-level filtering
- [ ] Data masking

#### Build

```shell
build/mvn clean package -pl :kyuubi-spark-authz_2.12 -Dspark.version=3.2.1 -Dranger.version=2.2.0
```

#### Supported Apache Spark Versions

`-Dspark.version=`

- [x] master
- [x] 3.3.x
- [x] 3.2.x (default)
- [x] 3.1.x
- [x] 3.0.x
- [x] 2.4.x
- [ ] 2.3.x and earlier

#### Supported Apache Ranger Versions

`-Dranger.version=`

- [x] 3.0.0-SNAPSHOT
- [x] 2.2.x (default)
- [x] 2.1.x
- [x] 2.0.x
- [x] 1.2.x
- [x] 1.1.x
- [x] 1.0.x
- [x] 0.7.x
- [x] 0.6.x

### TODO LIST
- [ ] Doc
- [ ] Auditing
- [ ] Support row-level filtering
- [ ] Support Data masking
- [ ] Support v2 DDLs
- [ ] Support Custom Commands like create hudi table etc.

### _How was this patch tested?_
- [x] Add some test cases that check the changes thoroughly including negative and positive cases if possible

- [ ] Add screenshots for manual tests if appropriate

- [x] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request

Closes #2160 from yaooqinn/1451.

Closes #1451

3ae4a833 [Kent Yao] nit
c8ab1ef0 [Kent Yao] nit
68e71ac7 [Kent Yao] readme
1a1dc994 [Kent Yao] style
f5fda710 [Kent Yao] support Spark 2.4.7
d1d5318e [Kent Yao] support ranger 0.6
6e57ce3b [Kent Yao] support ranger 0.7
f0dce7ce [Kent Yao] minor
120c6e3e [Kent Yao] Update extensions/spark/kyuubi-spark-authz/src/main/scala/org/apache/kyuubi/plugin/spark/authz/ranger/AccessResource.scala
06f73e99 [Kent Yao] add comments
344e3a8f [Kent Yao] simpler
cffabce7 [Kent Yao] rm dead code
ec5edae7 [Kent Yao] rm dead code
1384f2b6 [Kent Yao] rm log4j 1
a6c0d0bb [Kent Yao] reduce configs
06c0452b [Kent Yao] deps
cf599e15 [Kent Yao] ranger tests
3adc6cf4 [Kent Yao] ranger tests
94a841ee [Kent Yao] ranger tests
c5af35fd [Kent Yao] starting working on ranger
5cb52e3a [Kent Yao] queries
5318dca2 [Kent Yao] clear cache before each
3427b679 [Kent Yao] join inner
cfada65d [Kent Yao] show
4dca5cfa [Kent Yao] show clos
a2d02ae0 [Kent Yao] truncate table
7424ad0c [Kent Yao] set db & desc db
046ac025 [Kent Yao] desc table & col
caaaf619 [Kent Yao] DescribeColumnCommand
77b2efcf [Kent Yao] drop/refresh function
716e05be [Kent Yao] create function
0d3dc247 [Kent Yao] create function
666e4d4f [Kent Yao] Create table as select
e9aaa0e9 [Kent Yao] Create table
3a2389a2 [Kent Yao] Create View
395ec13f [Kent Yao] CacheTableAsSelect
1544f818 [Kent Yao] fix
4bb9c624 [Kent Yao] more tests
aa134ade [Kent Yao] alter view as
131d95bb [Kent Yao] alter view as
b1722d7e [Kent Yao] test & opt
01ba1585 [Kent Yao] build default
f9811b0d [Kent Yao] test add
a9c044ac [Kent Yao] test
14685630 [Kent Yao] test
6c0b5ed9 [Kent Yao] format
810f9992 [Kent Yao] [WIP] Migrate Spark security module from submarine to kyuubi
a3fd5d20 [Kent Yao] [WIP] Migrate Spark security module from submarine to kyuubi
3fe1bf4c [Kent Yao] [WIP] Migrate Spark security module from submarine to kyuubi
d16a0c3c [Kent Yao] [WIP] Migrate Spark security module from submarine to kyuubi

Authored-by: Kent Yao <yao@apache.org>
Signed-off-by: Kent Yao <yao@apache.org>
2022-03-31 15:37:40 +08:00

260 lines
9.5 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one or more
~ contributor license agreements. See the NOTICE file distributed with
~ this work for additional information regarding copyright ownership.
~ The ASF licenses this file to You under the Apache License, Version 2.0
~ (the "License"); you may not use this file except in compliance with
~ the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>kyuubi-parent</artifactId>
<groupId>org.apache.kyuubi</groupId>
<version>1.6.0-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>kyuubi-spark-authz_2.12</artifactId>
<name>Kyuubi Dev Spark Authorization Extension</name>
<packaging>jar</packaging>
<url>https://kyuubi.apache.org/</url>
<dependencies>
<dependency>
<groupId>org.apache.ranger</groupId>
<artifactId>ranger-plugins-common</artifactId>
<version>${ranger.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.ranger</groupId>
<artifactId>ranger-plugin-classloader</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.ranger</groupId>
<artifactId>ranger-plugins-audit</artifactId>
</exclusion>
<exclusion>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
<exclusion>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
</exclusion>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
</exclusion>
<exclusion>
<groupId>javax.ws.rs</groupId>
<artifactId>jsr311-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-core-asl</artifactId>
</exclusion>
<exclusion>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.ranger</groupId>
<artifactId>ranger-plugins-audit</artifactId>
<version>${ranger.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.ranger</groupId>
<artifactId>ranger-plugins-cred</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.kafka</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.solr</groupId>
<artifactId>solr-solrj</artifactId>
</exclusion>
<exclusion>
<groupId>org.elasticsearch</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.elasticsearch.client</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.elasticsearch.plugin</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.lucene</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
<exclusion>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
</exclusion>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
<exclusion>
<groupId>com.carrotsearch</groupId>
<artifactId>hppc</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.hive</groupId>
<artifactId>hive-storage-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.orc</groupId>
<artifactId>orc-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
</exclusion>
<exclusion>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
<exclusion>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.scala-lang</groupId>
<artifactId>scala-library</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.spark</groupId>
<artifactId>spark-sql_${scala.binary.version}</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-client-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-client-runtime</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.spark</groupId>
<artifactId>spark-hive_${scala.binary.version}</artifactId>
<scope>test</scope>
<!-- for hive related test only -->
</dependency>
<dependency>
<groupId>org.apache.kyuubi</groupId>
<artifactId>kyuubi-common_${scala.binary.version}</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.kyuubi</groupId>
<artifactId>kyuubi-common_${scala.binary.version}</artifactId>
<version>${project.version}</version>
<type>test-jar</type>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jul-to-slf4j</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<outputDirectory>target/scala-${scala.binary.version}/classes</outputDirectory>
<testOutputDirectory>target/scala-${scala.binary.version}/test-classes</testOutputDirectory>
<testResources>
<testResource>
<directory>${project.basedir}/src/test/resources</directory>
</testResource>
</testResources>
</build>
</project>
Reference in New Issue View Git Blame Copy Permalink