vrajat commented on PR #15240: URL: https://github.com/apache/pinot/pull/15240#issuecomment-2714767679
> My main concern is actually the not-so-happy path: What happens when a user without permissions tries to do stuff? We should not fail by saying "table X doesn't exist" if the user cannot read that table. TBH I don't know what do we return right now in cases like this, but given you explicitly mentioned a change in the error if the user doesn't have permissions, I wanted to ask. Oh no - no change in the error message. IIUC correctly, * Before #14953 a UNKNOWN_COLUMN error was thrown even if the user had no access to the table. * #14953 added an auth check in mainline before checking for UNKNOWN_COLUMN path. * This PR adds this check only if UNKNOWN_COLUMN error happened. The check is now executed in `hasTableAccess` in the auth phase if there are no other errors. So it was #14953 that changed the error. This PR keeps the same behaviour as #14953 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
