gianm commented on code in PR #17564:
URL: https://github.com/apache/druid/pull/17564#discussion_r1890747992
##########
processing/src/main/java/org/apache/druid/query/DataSource.java:
##########
@@ -118,6 +123,27 @@ public interface DataSource
*/
DataSource withUpdatedDataSource(DataSource newSource);
+ default DataSource mapWithRestriction(Map<String, Optional<DimFilter>>
rowFilters)
+ {
+ return mapWithRestriction(rowFilters, true);
+ }
+
+ /**
+ * Returns an updated datasource based on the policy restrictions on tables.
If this datasource contains no table, no
+ * changes should occur.
+ *
+ * @param rowFilters a mapping of table names to row filters, every table in
the datasource tree must have an entry
+ * @return the updated datasource, with restrictions applied in the
datasource tree
+ */
+ default DataSource mapWithRestriction(Map<String, Optional<DimFilter>>
rowFilters, boolean enableStrictPolicyCheck)
Review Comment:
> To allow for the druid_internal or admin case, we can bypass the strict
check if the user has permission for STATE READ (a broad administrative
permission).
Actually upon further reflection this seems too complex. We don't want to
have to consider both policies and STATE permissions. Instead, let's introduce
a `Policy` that is of type `admin`. It doesn't apply any restrictions, but it's
something an authorizer can return to signify that the user is OK to query
unrestricted.
Btw, the strict check in `QueryLifecycle` would need to happen even if the
authorized returns `ALLOW`. (Strict check should fail in this case)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
