You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by GitBox <gi...@apache.org> on 2022/04/18 16:56:40 UTC
[GitHub] [druid] jihoonson commented on a diff in pull request #12396: Add support for authorizing query context params
jihoonson commented on code in PR #12396:
URL: https://github.com/apache/druid/pull/12396#discussion_r852256537
##########
server/src/main/java/org/apache/druid/server/QueryHolder.java:
##########
@@ -0,0 +1,89 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.server;
+
+import com.google.common.base.Preconditions;
+import org.apache.druid.query.DataSource;
+import org.apache.druid.query.Query;
+
+/**
+ * Holder of a native Druid query.
+ *
+ * The native Druid query object has query context parameters in it (see {@link Query#getContext()}).
+ * During query processing, Druid can add extra parameters as it needs. However, when authorizing context params,
+ * only the params that the user sets should be authorized. To separate user params from others,
+ * the Druid native query entry uses {@link QueryContext}. After user context params are authorized
+ * in {@link QueryLifecycle#authorize}, QueryLifecycle sets the query context back to this query holder
+ * using {@link #withContext(QueryContext)}. When callers use query context, they should check first
+ * if the query holder has a valid query context using {@link #isValidContext()}.
+ */
+public class QueryHolder<T>
Review Comment:
I added `QueryHolder` at first because it was quite confusing which is the valid context between `Query.getContext()` and `QueryContext`. `QueryHolder` was a stateful object indicating whether `Query.getContext` is valid. `QueryLifecycle` could find a valid query context using `QueryHolder.isValidContext()`. A better approach is replacing the context map in `Query` with `QueryContext` as we can consolidate the query context stores. I didn't do it at first because it seems quite invasive. However, I was curious how invasive it would be, so went ahead and tried it. It actually doesn't seem that invasive, this PR is rather a little bit smaller than it was before.
The `Query` interface now has `getQueryContext()` which returns `QueryContext`. This new interface is preferred over `Query.getContext()` which internally simply calls `QueryContext.getMergedParams()`. `QueryContext` in `Query` is "valid" only in the broker in a sense that `defaultParams`, `userParams`, and `systemParams` will not be kept after serialization. All parameters will be stored in `userParams` after it is deserialized. This should not cause any issue today.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org