DQL Practices – Data Permission
Ⅰ Metadata permission (table and field access control)
A WEB system usually involves multiple users. There are two methods to control the scopes of metadata information different users can access. One is to create separate metadata files for different types of users, deploy multiple DQL services and connect to the appropriate DQL service for the current user via JDBC; the other is to let users share the metadata, and on WEB side select the appropriate information and remove tables/fields the current user does not have privilege to access.
Multiple DQL services
Look at the first method. Create manager.glmd, leader.glmd and sales.glmd, and use them to deploy three DQL services:
Then change the path to JDBC URL on WEB side:
String url = "jdbc:esproc:dql://127.0.0.1:3368/Manager";
String url = "jdbc:esproc:dql://127.0.0.1:3368/Leader";
String url = "jdbc:esproc:dql://127.0.0.1:3368/Sales";
Shared metadata
Based on metadata file TPCH.glmd, define two metadata scopes Class1 and Class2 to switch between them on the interface. When Class1 is selected, only Customer, Nation and Region tables are displayed:
Users can define data scopes and how to filter metadata based on those scopes on the WEB system themselves. Or they can implement the operations using the dictionary functionality (*.gdct) on DQL designer.
Open metadata file (TPCH.glmd) and click “Tool -> Create dictionary” on the menu bar to create a dictionary file based on TPCH.glmd:
Save TPCH.gdct:
Switch to “Class item” tab to define Class1 and Class2:
The dictionary file is of public JSON format. Open the file using the text editor and we can view structure of the JSON formatted file:
Read Class1 and Class2 from the dictionary file and then we can implement permission control for different users. The following block of code in dqlQuery.jsp reads TPCH.gdct and provide it for use by the frontend JavaScript:
<script language=javascript>
<%
String[] infos = DqlUtil.getDqlInfo(dataSource,"TPCH.gdct","", request);
out.println("var lmdStr = \""+ infos[0] +"\"");
out.println("guideConf.dictionary = \""+infos[1]+"\";");
%>
</script>
Ⅱ Data access permission (table record access control)
This method lets different users access different data of the same table. For example, a certain user can only access data of Chinese and French customers. This requires that the privilege condition Customer.NATIONKEY == 6 OR Customer.NATIONKEY == 18 be automatically added to the DQL statement we write when Customer table is involved in the query. Add the following block of Java code in dqlQuery.jsp to set the hidden condition in the session of the currently logged-in user:
<%
ArrayList filters = new ArrayList();
session.setAttribute("_raqsoft_filters_",filters);
DQLTableFilter f = new DQLTableFilter("default","TPCH");
filters.add(f);
f.getFilters().put("Nation","${T}.NATIONKEY==6 OR ${T}.NATIONKEY==18");
%>
Now query the Customer table:
Even if we do not set up any condition in the interface, the privilege condition has been automatically added to the generated DQL statement during the actual query:
To make it easy to understand, we display the generated DQL statement on the frontend to observer the effect. Generally, the WEB system generates and executes a DQL statement having the access control directly on the server side.
SPL Official Website 👉 https://www.scudata.com
SPL Feedback and Help 👉 https://www.reddit.com/r/esProc_SPL
SPL Learning Material 👉 https://c.scudata.com
SPL Source Code and Package 👉 https://github.com/SPLWare/esProc
Discord 👉 https://discord.gg/cFTcUNs7
Youtube 👉 https://www.youtube.com/@esProc_SPL
Chinese Version