Re: [PR] Add access control to segment download API [pinot]

Fri, 23 Jan 2026 04:39:24 -0800 


Copilot commented on code in PR #17508:
URL: https://github.com/apache/pinot/pull/17508#discussion_r2721037261


##########
pinot-server/src/main/java/org/apache/pinot/server/api/resources/TablesResource.java:
##########
@@ -472,10 +475,10 @@ public String getCrcMetadataForTable(
     }
   }
 
-  // TODO Add access control similar to 
PinotSegmentUploadDownloadRestletResource for segment download.
   @GET
   @Produces(MediaType.APPLICATION_OCTET_STREAM)
   @Path("/segments/{tableNameWithType}/{segmentName}")
+  @Authorize(targetType = TargetType.TABLE, paramName = "tableNameWithType", 
action = Actions.Table.DOWNLOAD_SEGMENT)

Review Comment:
   The addition of the `@Authorize` annotation to the `downloadSegment` 
endpoint lacks corresponding test coverage. Add integration tests that verify 
authorization behavior for both authenticated and unauthenticated requests, as 
well as tests for users with and without the DOWNLOAD_SEGMENT permission.



##########
pinot-server/src/main/java/org/apache/pinot/server/api/resources/TablesResource.java:
##########
@@ -472,10 +475,10 @@ public String getCrcMetadataForTable(
     }
   }
 
-  // TODO Add access control similar to 
PinotSegmentUploadDownloadRestletResource for segment download.
   @GET
   @Produces(MediaType.APPLICATION_OCTET_STREAM)
   @Path("/segments/{tableNameWithType}/{segmentName}")
+  @Authorize(targetType = TargetType.TABLE, paramName = "tableNameWithType", 
action = Actions.Table.DOWNLOAD_SEGMENT)

Review Comment:
   While the `@Authorize` annotation is added, there's no visible validation 
that the `tableNameWithType` parameter is sanitized before being used in 
authorization checks. Ensure that the authorization framework properly 
validates and sanitizes this parameter to prevent potential injection attacks 
or unauthorized access through malformed table names.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to