(pinot) branch master updated: Cleanup of the method hasAccess. (#13633)

Mon, 05 Aug 2024 17:29:39 -0700 

This is an automated email from the ASF dual-hosted git repository.

jackie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git


The following commit(s) were added to refs/heads/master by this push:
     new 2faf868d0c Cleanup of the method hasAccess. (#13633)
2faf868d0c is described below

commit 2faf868d0c109a1d4dd1e78b82a91d2fea8c9101
Author: Abhishek Sharma <abhishek.sha...@spothero.com>
AuthorDate: Mon Aug 5 20:29:28 2024 -0400

    Cleanup of the method hasAccess. (#13633)
---
 .../java/org/apache/pinot/controller/api/access/AccessControl.java   | 5 ++---
 .../org/apache/pinot/controller/api/access/AccessControlUtils.java   | 2 +-
 .../apache/pinot/controller/api/resources/PinotQueryResource.java    | 2 +-
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git 
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControl.java
 
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControl.java
index b2834e2e25..4267c2385e 100644
--- 
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControl.java
+++ 
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControl.java
@@ -40,8 +40,7 @@ public interface AccessControl extends 
FineGrainedAccessControl {
    * @param endpointUrl the request url for which this access control is called
    * @return whether the client has permission
    */
-  boolean hasAccess(@Nullable String tableName, AccessType accessType, 
HttpHeaders httpHeaders,
-      @Nullable String endpointUrl);
+  boolean hasAccess(@Nullable String tableName, AccessType accessType, 
HttpHeaders httpHeaders, String endpointUrl);
 
   /**
    * Return whether the client has permission to access the endpoints with are 
not table level
@@ -51,7 +50,7 @@ public interface AccessControl extends 
FineGrainedAccessControl {
    * @param endpointUrl the request url for which this access control is called
    * @return whether the client has permission
    */
-  default boolean hasAccess(AccessType accessType, HttpHeaders httpHeaders, 
@Nullable String endpointUrl) {
+  default boolean hasAccess(AccessType accessType, HttpHeaders httpHeaders, 
String endpointUrl) {
     return hasAccess(null, accessType, httpHeaders, endpointUrl);
   }
 
diff --git 
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControlUtils.java
 
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControlUtils.java
index 825776e38f..4744dedc0c 100644
--- 
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControlUtils.java
+++ 
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/access/AccessControlUtils.java
@@ -50,7 +50,7 @@ public final class AccessControlUtils {
    * @param accessControl AccessControl object which does the actual validation
    */
   public static void validatePermission(@Nullable String tableName, AccessType 
accessType,
-      @Nullable HttpHeaders httpHeaders, @Nullable String endpointUrl, 
AccessControl accessControl) {
+      @Nullable HttpHeaders httpHeaders, String endpointUrl, AccessControl 
accessControl) {
     String userMessage = getUserMessage(tableName, accessType, endpointUrl);
     String rawTableName = TableNameBuilder.extractRawTableName(tableName);
 
diff --git 
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotQueryResource.java
 
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotQueryResource.java
index 55ea952121..0ed96a907c 100644
--- 
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotQueryResource.java
+++ 
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotQueryResource.java
@@ -202,7 +202,7 @@ public class PinotQueryResource {
     // Validate data access
     // we don't have a cross table access control rule so only ADMIN can make 
request to multi-stage engine.
     AccessControl accessControl = _accessControlFactory.create();
-    if (!accessControl.hasAccess(null, AccessType.READ, httpHeaders, 
endpointUrl)) {
+    if (!accessControl.hasAccess(AccessType.READ, httpHeaders, endpointUrl)) {
       throw new WebApplicationException("Permission denied", 
Response.Status.FORBIDDEN);
     }
 


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org

Reply via email to