[Enhancement](ranger) Disable some permission operations when Ranger and LDAP are enabled

[yongjinhou]

Search before asking

• I had searched in the issues and found no similar issues.

Description

case1：Enable LDAP
Doris/LDAP is responsible for login authentication, and Doris is responsible for authority management.

case2: Enable Ranger
Doris is responsible for login authentication, and Ranger is responsible for authority management.
After create/drop a user in Doris, you need to create/drop the same user in Ranger and authorize it. User synchronization between Doris and Ranger is not supported. Operations such as create/delete roles and grant/revoke must be disabled in Doris, so that the user system of Doris can be managed by Ranger.

case 3: Enable LDAP and Ranger
LADP is responsible for login authentication, and Ranger is responsible for authority management.
Users and roles can be created in Ranger or LDAP, the Ranger can periodically synchronize LDAP users to Ranger using USER-SYNC component. Therefore, operations such as create/delete user/roles and grant/revoke must be disabled in Doris, so that the user system of Doris can be managed by Ranger and LDAP.

Solution

No response

Are you willing to submit PR?

• Yes I am willing to submit a PR!

Code of Conduct

• I agree to follow this project's Code of Conduct

[github-actions]

We're closing this issue because it hasn't been updated in a while.
If you'd like to revive this issue, please reopen it and feel free a maintainer to remove the Stale tag!