(doris-website) branch master updated: [auth]Ranger default policy description (#2194)

kassiez Wed, 23 Apr 2025 05:09:22 -0700

This is an automated email from the ASF dual-hosted git repository.

kassiez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris-website.git



The following commit(s) were added to refs/heads/master by this push:
     new 49e2f3f1727 [auth]Ranger default policy description (#2194)
49e2f3f1727 is described below

commit 49e2f3f17271c3a4f251799c8a891eb81c36898e
Author: zhangdong <[email protected]>
AuthorDate: Wed Apr 23 19:44:13 2025 +0800

    [auth]Ranger default policy description (#2194)
    
    ## Versions
    
    - [x] dev
    - [x] 3.0
    - [x] 2.1
    - [ ] 2.0
    
    ## Languages
    
    - [x] Chinese
    - [x] English
    
    ## Docs Checklist
    
    - [ ] Checked by AI
    - [ ] Test Cases Built
---
 docs/admin-manual/auth/authorization/ranger.md          |   5 +++++
 .../current/admin-manual/auth/authorization/ranger.md   |   4 ++++
 .../admin-manual/auth/authorization/ranger.md           |   4 ++++
 .../admin-manual/auth/authorization/ranger.md           |   4 ++++
 static/images/ranger/default-policy.png                 | Bin 0 -> 38539 bytes
 .../admin-manual/auth/authorization/ranger.md           |   4 ++++
 .../admin-manual/auth/authorization/ranger.md           |   4 ++++
 7 files changed, 25 insertions(+)

diff --git a/docs/admin-manual/auth/authorization/ranger.md 
b/docs/admin-manual/auth/authorization/ranger.md
index 2dd1f4eeac2..83f0883fd64 100644
--- a/docs/admin-manual/auth/authorization/ranger.md
+++ b/docs/admin-manual/auth/authorization/ranger.md
@@ -163,6 +163,11 @@ Equivalent to the internal Doris authorization statement 
`grant usage_priv on wo
 2. A Row Level Filter policy has been configured, but the user encounters a 
permission denied error when querying.
 
    The Row Level Filter policy is solely used to restrict users from accessing 
specific records within a table's data; authorization for the user must still 
be granted through an ACCESS POLICY.
+3. After creating the service, only the 'admin' user has permission by 
default` Root 'user does not have permission
+
+   As shown in the image, when creating the service, add the configuration 
`default.policy.users`. If you need to configure multiple users with full 
permissions, separate them with `,`.
+   ![default policy](/images/ranger/default-policy.png)
+
 
 ## Install and Configure Doris Ranger Plugin
 
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authorization/ranger.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authorization/ranger.md
index cdb98f69208..57c1c5e9384 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authorization/ranger.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authorization/ranger.md
@@ -162,6 +162,10 @@ Ranger 的安装和配置见下文：安装和配置 Doris Ranger 插件
 2. 配置了 Row Level Filter policy ，但是用户查询时报没有权限
 
    Row Level Filter policy 仅用来限制用户访问表中数据的特定记录， 仍需通过 ACCESS POLICY 为用户授权
+3. 创建服务后，默认仅 `admin` 用户有权限， `root` 用户没有权限
+
+   如图所示，创建服务的时候，添加配置 `default.policy.users` ，如需配置多个用户拥有全部权限，用 `,` 分隔
+   ![default policy](/images/ranger/default-policy.png)
 
 ## 安装和配置 Doris Ranger 插件
 ### 安装插件
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/admin-manual/auth/authorization/ranger.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/admin-manual/auth/authorization/ranger.md
index cdb98f69208..57c1c5e9384 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/admin-manual/auth/authorization/ranger.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/admin-manual/auth/authorization/ranger.md
@@ -162,6 +162,10 @@ Ranger 的安装和配置见下文：安装和配置 Doris Ranger 插件
 2. 配置了 Row Level Filter policy ，但是用户查询时报没有权限
 
    Row Level Filter policy 仅用来限制用户访问表中数据的特定记录， 仍需通过 ACCESS POLICY 为用户授权
+3. 创建服务后，默认仅 `admin` 用户有权限， `root` 用户没有权限
+
+   如图所示，创建服务的时候，添加配置 `default.policy.users` ，如需配置多个用户拥有全部权限，用 `,` 分隔
+   ![default policy](/images/ranger/default-policy.png)
 
 ## 安装和配置 Doris Ranger 插件
 ### 安装插件
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/admin-manual/auth/authorization/ranger.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/admin-manual/auth/authorization/ranger.md
index cdb98f69208..57c1c5e9384 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/admin-manual/auth/authorization/ranger.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/admin-manual/auth/authorization/ranger.md
@@ -162,6 +162,10 @@ Ranger 的安装和配置见下文：安装和配置 Doris Ranger 插件
 2. 配置了 Row Level Filter policy ，但是用户查询时报没有权限
 
    Row Level Filter policy 仅用来限制用户访问表中数据的特定记录， 仍需通过 ACCESS POLICY 为用户授权
+3. 创建服务后，默认仅 `admin` 用户有权限， `root` 用户没有权限
+
+   如图所示，创建服务的时候，添加配置 `default.policy.users` ，如需配置多个用户拥有全部权限，用 `,` 分隔
+   ![default policy](/images/ranger/default-policy.png)
 
 ## 安装和配置 Doris Ranger 插件
 ### 安装插件
diff --git a/static/images/ranger/default-policy.png 
b/static/images/ranger/default-policy.png
new file mode 100644
index 00000000000..10c8c14c213
Binary files /dev/null and b/static/images/ranger/default-policy.png differ
diff --git 
a/versioned_docs/version-2.1/admin-manual/auth/authorization/ranger.md 
b/versioned_docs/version-2.1/admin-manual/auth/authorization/ranger.md
index 7820e2f9265..305b1def9e4 100644
--- a/versioned_docs/version-2.1/admin-manual/auth/authorization/ranger.md
+++ b/versioned_docs/version-2.1/admin-manual/auth/authorization/ranger.md
@@ -163,6 +163,10 @@ Equivalent to the internal Doris authorization statement 
`grant usage_priv on wo
 2. A Row Level Filter policy has been configured, but the user encounters a 
permission denied error when querying.
 
    The Row Level Filter policy is solely used to restrict users from accessing 
specific records within a table's data; authorization for the user must still 
be granted through an ACCESS POLICY.
+3. After creating the service, only the 'admin' user has permission by 
default` Root 'user does not have permission
+
+   As shown in the image, when creating the service, add the configuration 
`default.policy.users`. If you need to configure multiple users with full 
permissions, separate them with `,`.
+   ![default policy](/images/ranger/default-policy.png)
 
 ## Install and Configure Doris Ranger Plugin
 
diff --git 
a/versioned_docs/version-3.0/admin-manual/auth/authorization/ranger.md 
b/versioned_docs/version-3.0/admin-manual/auth/authorization/ranger.md
index 7820e2f9265..305b1def9e4 100644
--- a/versioned_docs/version-3.0/admin-manual/auth/authorization/ranger.md
+++ b/versioned_docs/version-3.0/admin-manual/auth/authorization/ranger.md
@@ -163,6 +163,10 @@ Equivalent to the internal Doris authorization statement 
`grant usage_priv on wo
 2. A Row Level Filter policy has been configured, but the user encounters a 
permission denied error when querying.
 
    The Row Level Filter policy is solely used to restrict users from accessing 
specific records within a table's data; authorization for the user must still 
be granted through an ACCESS POLICY.
+3. After creating the service, only the 'admin' user has permission by 
default` Root 'user does not have permission
+
+   As shown in the image, when creating the service, add the configuration 
`default.policy.users`. If you need to configure multiple users with full 
permissions, separate them with `,`.
+   ![default policy](/images/ranger/default-policy.png)
 
 ## Install and Configure Doris Ranger Plugin
 


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

(doris-website) branch master updated: [auth]Ranger default policy description (#2194)

Reply via email to