9aman commented on code in PR #16043:
URL: https://github.com/apache/pinot/pull/16043#discussion_r2139236758
##########
pinot-broker/src/main/java/org/apache/pinot/broker/broker/BasicAuthAccessControlFactory.java:
##########
@@ -129,12 +132,43 @@ public TableAuthorizationResult
authorize(RequesterIdentity requesterIdentity, S
failedTables.add(table);
}
}
- if (failedTables.isEmpty()) {
- return TableAuthorizationResult.success();
- }
+// if (failedTables.isEmpty()) {
+// return TableAuthorizationResult.success();
+// }
return new TableAuthorizationResult(failedTables);
}
+ @Override
+ public TableRowColAuthResult getRowColFilters(RequesterIdentity
requesterIdentity, String table) {
+ Optional<BasicAuthPrincipal> principalOpt =
getPrincipalOpt(requesterIdentity);
+
+ if (principalOpt.isEmpty()) {
+ throw new NotAuthorizedException("Basic");
+ }
+
+ if (table == null) {
+ return TableRowColAuthResultImpl.unrestricted();
+ }
+
+ TableRowColAuthResult tableRowColAuthResult = new
TableRowColAuthResultImpl();
+
+ BasicAuthPrincipal principal = principalOpt.get();
+
+ //precondition: The principal should have the table.
+ Preconditions.checkArgument(principal.hasTable(table),
+ "Principal: " + principal.getName() + " does not have access to
table: " + table);
+
+ Optional<Map<String, List<String>>> rlsFiltersMaybe =
principal.getRLSFilters(table);
+ Optional<Map<String, List<String>>> visibleColsMaybe =
principal.getVisibleCols(table);
Review Comment:
Removed this.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org
