This is an automated email from the ASF dual-hosted git repository.
akshat pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 30cdb06e545 Fix authorization failure for table(append(...)) queries
caused by quoted datasource names in resource check (#19147)
30cdb06e545 is described below
commit 30cdb06e54556d4ecbad0597405977697033aaee
Author: Akshat Jain <[email protected]>
AuthorDate: Fri Mar 13 12:23:20 2026 +0530
Fix authorization failure for table(append(...)) queries caused by quoted
datasource names in resource check (#19147)
---
.../druid/sql/calcite/external/TableAppendMacro.java | 9 ++++++++-
.../druid/sql/calcite/DruidPlannerResourceAnalyzeTest.java | 14 ++++++++++++++
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git
a/sql/src/main/java/org/apache/druid/sql/calcite/external/TableAppendMacro.java
b/sql/src/main/java/org/apache/druid/sql/calcite/external/TableAppendMacro.java
index 9e02fced520..de9d4c5556b 100644
---
a/sql/src/main/java/org/apache/druid/sql/calcite/external/TableAppendMacro.java
+++
b/sql/src/main/java/org/apache/druid/sql/calcite/external/TableAppendMacro.java
@@ -29,6 +29,7 @@ import org.apache.calcite.sql.SqlCall;
import org.apache.calcite.sql.SqlCallBinding;
import org.apache.calcite.sql.SqlIdentifier;
import org.apache.calcite.sql.SqlKind;
+import org.apache.calcite.sql.SqlLiteral;
import org.apache.calcite.sql.SqlNode;
import org.apache.calcite.sql.SqlOperandCountRange;
import org.apache.calcite.sql.SqlOperator;
@@ -333,7 +334,13 @@ public class TableAppendMacro extends
SqlUserDefinedTableMacro implements Author
{
Set<ResourceAction> ret = new HashSet<>();
for (SqlNode operand : call.getOperandList()) {
- Resource resource = new Resource(operand.toString(),
ResourceType.DATASOURCE);
+ if (operand.getKind() != SqlKind.LITERAL) {
+ throw DruidSqlValidator.buildCalciteContextException(
+ "All arguments to APPEND should be literal strings.",
+ operand
+ );
+ }
+ Resource resource = new Resource(((SqlLiteral)
operand).getValueAs(String.class), ResourceType.DATASOURCE);
ret.add(new ResourceAction(resource, Action.READ));
}
return ret;
diff --git
a/sql/src/test/java/org/apache/druid/sql/calcite/DruidPlannerResourceAnalyzeTest.java
b/sql/src/test/java/org/apache/druid/sql/calcite/DruidPlannerResourceAnalyzeTest.java
index 7027a5de975..8c8b8152858 100644
---
a/sql/src/test/java/org/apache/druid/sql/calcite/DruidPlannerResourceAnalyzeTest.java
+++
b/sql/src/test/java/org/apache/druid/sql/calcite/DruidPlannerResourceAnalyzeTest.java
@@ -322,4 +322,18 @@ public class DruidPlannerResourceAnalyzeTest extends
BaseCalciteQueryTest
)
);
}
+
+ @Test
+ public void testTableAppend()
+ {
+ final String sql = "SELECT * FROM TABLE(APPEND('foo', 'numfoo'))";
+
+ analyzeResources(
+ sql,
+ ImmutableList.of(
+ new ResourceAction(new Resource("foo", ResourceType.DATASOURCE),
Action.READ),
+ new ResourceAction(new Resource("numfoo",
ResourceType.DATASOURCE), Action.READ)
+ )
+ );
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
