准备
 
drop table if exists salary;
create table salary (
	 id int  
	,name varchar(100)  
	,amount numeric  
	,users varchar  
) distributed by (id);
insert into salary values 
	(1,'张三',5000,'tjbb1'),
	(2,'李四',6000,'tjbb2');
 
行级权限控制
 
- 希望张三只能访问张三自己的数据,李四只能访问李四自己的数据
create or replace view user_salary as 
select * from salary
where users = user::varchar(64);
grant select on table user_salary to tjbb1;
grant select on table user_salary to tjbb2;
 
列级权限控制
 
- 希望普通用户只能查看非工资的列,只有领导才能看工资列
revoke all ON salary from public;
grant select(id,name,users) on table salary to lingdao;
grant select(id,name,amount,users) on table salary to commonuser;
 
参考文章