ankitsultana commented on code in PR #17081:
URL: https://github.com/apache/pinot/pull/17081#discussion_r2466782223
##########
pinot-broker/src/main/java/org/apache/pinot/broker/requesthandler/TimeSeriesRequestHandler.java:
##########
@@ -238,6 +250,70 @@ private void
firstStageAccessControlCheck(RequesterIdentity requesterIdentity) {
}
}
+ private void validatePhysicalPlan(HttpHeaders httpHeaders,
TimeSeriesDispatchablePlan dispatchablePlan) {
+ // check authorization for table
+ tableLevelAccessControlCheck(httpHeaders,
dispatchablePlan.getTableNames());
+ // validate column names for all LeafTimeSeriesPlanNode in the physical
plan
+ for (BaseTimeSeriesPlanNode currNode :
dispatchablePlan.getServerFragments()) {
+ if (currNode instanceof LeafTimeSeriesPlanNode) {
Review Comment:
For each server fragment you'll need to do a DFS and run validateColumnNames
only for leaf plan nodes. Server fragments can have a complex plan in it too
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
