xiangfu0 commented on code in PR #18723:
URL: https://github.com/apache/pinot/pull/18723#discussion_r3388168154


##########
pinot-sql-ddl/src/main/java/org/apache/pinot/sql/ddl/compile/DdlCompiler.java:
##########
@@ -261,6 +295,25 @@ private static CompiledCreateTable 
compileCreate(SqlPinotCreateTable node) {
         resolved.isIfNotExists(), warnings);
   }
 
+  /// Compiles the options-defined `CREATE TABLE ... WITH (key = value, ...)` 
form by delegating
+  /// to the registered [CreateTableWithOptionsHandler]. The compiler owns the 
parts common to
+  /// both CREATE TABLE forms — name/database resolution and option 
de-duplication — and the
+  /// handler owns everything the options mean (schema derivation, 
table-config construction).
+  private static CompiledCreateTable 
compileCreateWithOptions(SqlPinotCreateTable node, DdlCompileContext ctx) {
+    QualifiedName name = parseQualifiedName(node.getName());
+    Map<String, String> options = 
resolveProperties(node.getWithOptions().getList());
+    if (options.isEmpty()) {
+      throw new DdlCompilationException("CREATE TABLE ... WITH requires at 
least one option.");
+    }
+    CompiledCreateTable compiled = _createTableWithOptionsHandler.compile(
+        name._databaseName, name._tableName, node.isIfNotExists(), options, 
ctx);
+    if (compiled == null) {
+      throw new DdlCompilationException(
+          "The options-defined CREATE TABLE handler returned no result for 
table: " + name._tableName);
+    }
+    return compiled;

Review Comment:
   `compileCreateWithOptions()` passes the parsed SQL name and `ifNotExists` 
into the handler, but then returns the handler-produced `CompiledCreateTable` 
verbatim. Downstream execution/authorization uses the returned `TableConfig` 
and `Schema` names, so a buggy or custom handler can create or authorize a 
different table than the one named in the SQL text. Please validate or 
overwrite the returned database/table/schema names and `ifNotExists` from 
`name` / `node` before returning.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to