clintropolis commented on code in PR #12636:
URL: https://github.com/apache/druid/pull/12636#discussion_r900669383
##########
sql/src/main/java/org/apache/druid/sql/calcite/view/DruidViewMacro.java:
##########
@@ -58,6 +58,7 @@ public TranslatableTable apply(final List<Object> arguments)
{
final RelDataType rowType;
try (final DruidPlanner planner = plannerFactory.createPlanner(viewSql,
new QueryContext())) {
+ planner.validate(false);
Review Comment:
>As part of the auth cleanup, I moved the authorizeContextParams flag to the
authorization step, and clearly stated that a statement (or view) can be
prepared without authorization. Only execution (AKA "plan") needs authorization.
Hmm, currently `DruidStatement` calls `validateAndAuthorize` for both
`prepare` and `execute`, are you saying that `prepare` no longer authorizes or
that it never did? (because looking at the current code it seems to do it)
>The standard way to handle views is to assign them an owner. Views run with
the owner's permissions. Queries that use the view must be authorized against
the view, not against the resources which the view uses. Of course, Druid has
no concept of users, so the idea of "owner" is ill-defined. Maybe we stash a
bundle of permissions with the view or some such? That's a question for another
time.
There is a 'VIEW' resource that views are authorized against, not the
resource that the view query uses, which i think is more or less the same thing?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
