cecemei commented on PR #17757:
URL: https://github.com/apache/druid/pull/17757#issuecomment-2683951851
> on build and with `true`
>
> I think blending the `applyPolicies` into `DruidQuery` is not that
beneficial; I believe that it could be
actually i looked into this more, since plan happens after authorization,
and policy only need to be applied in table scan, maybe we can just add it to
`DruidQueryRel.toDruidQuery` (without the `applyPolicies` in all `DruidRel`
classes, so it'd be:
```
DataSource dataSource = druidTable.getDataSource()
.withPolicies(this.getPlannerContext().getAuthorizationResult().getPolicyMap());
return partialQuery.build(
dataSource,
druidTable.getRowSignature(),
getPlannerContext(),
getCluster().getRexBuilder(),
finalizeAggregations);
```
what do you think?
I'm also kinda leaning to add a `AUTHORIZED` state to `DruidPlanner` to make
this more obvious.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
