ACL for lookups

[danc]

Hi, (please consider this as a Feature Request)
We applied Authorization model on datasources, as described here : User authentication and authorization · Apache Druid

Once done, a user connecting with the proper credentials can only acces the datasources he’s been granted.
Can we achieve the same on lookups ?

We discovered this while connecting Superset to our druid instance : all lookups seem accessible, ,while only the authorized datasources are accessible from Superset logged with the restricted login.

[suneet-s]

This sounds like a great feature request! Something similar was done in #11720 to add authorization to system tables. That pattern could be repeated to add support adding authorization on the lookup namespace

[yokeshwaran1]

Hi @danc, @suneet-s,

Im interested in contributing this by introducing ACL for lookups, enhancing the Authorization model. Shall I proceed with working on this issue?

[AlbericByte]

hi @yokeshwaran1 are u still working on this task, if not, may i continue to work on this. @danc , @suneet-s

[AlbericByte]

@danc @suneet-s and @FrankChen021
Could you help to review this code when you have time

[danc]

@danc @suneet-s and @FrankChen021 Could you help to review this code when you have time

Thank you all for working on this topic.