github-actions[bot] commented on code in PR #63638:
URL: https://github.com/apache/doris/pull/63638#discussion_r3317303053
##########
fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/DropRowPolicyCommand.java:
##########
@@ -74,6 +76,11 @@ public void validate(ConnectContext ctx) throws
AnalysisException {
if (user != null) {
user.analyze();
}
+ if (!ifExists && !StringUtils.isEmpty(roleName)) {
Review Comment:
This role existence check now runs before the GRANT privilege check below.
That means a user without GRANT can issue `DROP ROW POLICY ... FOR ROLE
some_role` and distinguish `role not exist` from
`ERR_SPECIFIC_ACCESS_DENIED_ERROR`, whereas the pre-existing flow always
reached the privilege check before any catalog existence lookup for the role.
`CreatePolicyCommand.validate()` also checks `PrivPredicate.GRANT` before
validating the target user/role, so DROP should keep the same privilege-first
ordering and only look up the role after authorization succeeds.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
