Package org.apache.pinot.broker.api
Interface AccessControl
-
- All Superinterfaces:
FineGrainedAccessControl
@Public @Stable public interface AccessControl extends FineGrainedAccessControl
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description default booleanhasAccess(RequesterIdentity requesterIdentity)First-step access control when processing broker requests.booleanhasAccess(RequesterIdentity requesterIdentity, Set<String> tables)Fine-grained access control on pinot tables.booleanhasAccess(RequesterIdentity requesterIdentity, org.apache.pinot.common.request.BrokerRequest brokerRequest)Fine-grained access control on parsed broker request.-
Methods inherited from interface org.apache.pinot.core.auth.FineGrainedAccessControl
defaultAccess, hasAccess
-
-
-
-
Method Detail
-
hasAccess
default boolean hasAccess(RequesterIdentity requesterIdentity)
First-step access control when processing broker requests. Decides whether request is allowed to acquire resources for further processing. Request may still be rejected at table-level later on.- Parameters:
requesterIdentity- requester identity- Returns:
trueif authorized,falseotherwise
-
hasAccess
boolean hasAccess(RequesterIdentity requesterIdentity, org.apache.pinot.common.request.BrokerRequest brokerRequest)
Fine-grained access control on parsed broker request. May check table, column, permissions, etc.- Parameters:
requesterIdentity- requester identitybrokerRequest- broker request (incl query)- Returns:
trueif authorized,falseotherwise
-
hasAccess
boolean hasAccess(RequesterIdentity requesterIdentity, Set<String> tables)
Fine-grained access control on pinot tables.- Parameters:
requesterIdentity- requester identitytables- Set of pinot tables used in the query. Table name can be with or without tableType.- Returns:
trueif authorized,falseotherwise
-
-