From aecef5c6e11dbde29d5fccae439a3cdc2215d13f Mon Sep 17 00:00:00 2001 From: Kent Yao Date: Tue, 24 Oct 2023 21:36:38 +0800 Subject: [PATCH] [KYUUBI #5512] [AuthZ] Remove the non-existent query specs in Deletes and Updates ### _Why are the changes needed?_ This PR removes the non-existent query specs in DeleteFromTable and UpdateTable, and all its derives, such as iceberg and hudi. Timely stop abuse. ### _How was this patch tested?_ - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [ ] [Run test](https://kyuubi.readthedocs.io/en/master/contributing/code/testing.html#running-tests) locally before make a pull request ### _Was this patch authored or co-authored using generative AI tooling?_ no Closes #5512 from yaooqinn/du. Closes #5512 627768666 [Kent Yao] [AuthZ] Remove the non-existent query spec in Deletes and Updates Authored-by: Kent Yao Signed-off-by: Cheng Pan --- .../main/resources/table_command_spec.json | 30 ++++--------------- .../plugin/spark/authz/gen/HudiCommands.scala | 4 +-- .../spark/authz/gen/IcebergCommands.scala | 2 +- .../spark/authz/gen/TableCommands.scala | 2 +- 4 files changed, 10 insertions(+), 28 deletions(-) diff --git a/extensions/spark/kyuubi-spark-authz/src/main/resources/table_command_spec.json b/extensions/spark/kyuubi-spark-authz/src/main/resources/table_command_spec.json index f4d5eb60a2d..f5e64f0cb50 100644 --- a/extensions/spark/kyuubi-spark-authz/src/main/resources/table_command_spec.json +++ b/extensions/spark/kyuubi-spark-authz/src/main/resources/table_command_spec.json @@ -226,10 +226,7 @@ "setCurrentDatabaseIfMissing" : false } ], "opType" : "QUERY", - "queryDescs" : [ { - "fieldName" : "query", - "fieldExtractor" : "LogicalPlanQueryExtractor" - } ] + "queryDescs" : [ ] }, { "classname" : "org.apache.spark.sql.catalyst.plans.logical.DeleteFromTable", "tableDescs" : [ { @@ -247,10 +244,7 @@ "setCurrentDatabaseIfMissing" : false } ], "opType" : "QUERY", - "queryDescs" : [ { - "fieldName" : "query", - "fieldExtractor" : "LogicalPlanQueryExtractor" - } ] + "queryDescs" : [ ] }, { "classname" : "org.apache.spark.sql.catalyst.plans.logical.DescribeRelation", "tableDescs" : [ { @@ -658,10 +652,7 @@ "setCurrentDatabaseIfMissing" : false } ], "opType" : "QUERY", - "queryDescs" : [ { - "fieldName" : "query", - "fieldExtractor" : "LogicalPlanQueryExtractor" - } ] + "queryDescs" : [ ] }, { "classname" : "org.apache.spark.sql.catalyst.plans.logical.UpdateTable", "tableDescs" : [ { @@ -679,10 +670,7 @@ "setCurrentDatabaseIfMissing" : false } ], "opType" : "QUERY", - "queryDescs" : [ { - "fieldName" : "query", - "fieldExtractor" : "LogicalPlanQueryExtractor" - } ] + "queryDescs" : [ ] }, { "classname" : "org.apache.spark.sql.execution.command.AlterTableAddColumnsCommand", "tableDescs" : [ { @@ -1652,10 +1640,7 @@ "setCurrentDatabaseIfMissing" : false } ], "opType" : "QUERY", - "queryDescs" : [ { - "fieldName" : "query", - "fieldExtractor" : "LogicalPlanQueryExtractor" - } ] + "queryDescs" : [ ] }, { "classname" : "org.apache.spark.sql.hudi.command.DropHoodieTableCommand", "tableDescs" : [ { @@ -1795,8 +1780,5 @@ "setCurrentDatabaseIfMissing" : false } ], "opType" : "QUERY", - "queryDescs" : [ { - "fieldName" : "query", - "fieldExtractor" : "LogicalPlanQueryExtractor" - } ] + "queryDescs" : [ ] } ] \ No newline at end of file diff --git a/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/HudiCommands.scala b/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/HudiCommands.scala index 7909bef9bc8..62799a9f8c3 100644 --- a/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/HudiCommands.scala +++ b/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/HudiCommands.scala @@ -174,7 +174,7 @@ object HudiCommands { "dft", classOf[HudiDataSourceV2RelationTableExtractor], actionTypeDesc = Some(actionTypeDesc)) - TableCommandSpec(cmd, Seq(tableDesc), queryDescs = Seq(QueryDesc("query"))) + TableCommandSpec(cmd, Seq(tableDesc)) } val UpdateHoodieTableCommand = { @@ -185,7 +185,7 @@ object HudiCommands { "ut", classOf[HudiDataSourceV2RelationTableExtractor], actionTypeDesc = Some(actionTypeDesc)) - TableCommandSpec(cmd, Seq(tableDesc), queryDescs = Seq(QueryDesc("query"))) + TableCommandSpec(cmd, Seq(tableDesc)) } val MergeIntoHoodieTableCommand = { diff --git a/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/IcebergCommands.scala b/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/IcebergCommands.scala index 355143c402c..fb195b4554c 100644 --- a/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/IcebergCommands.scala +++ b/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/IcebergCommands.scala @@ -31,7 +31,7 @@ object IcebergCommands { "table", classOf[DataSourceV2RelationTableExtractor], actionTypeDesc = Some(actionTypeDesc)) - TableCommandSpec(cmd, Seq(tableDesc), queryDescs = Seq(QueryDesc("query"))) + TableCommandSpec(cmd, Seq(tableDesc)) } val UpdateIcebergTable = { diff --git a/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/TableCommands.scala b/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/TableCommands.scala index cf7fae0d860..9893953afb7 100644 --- a/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/TableCommands.scala +++ b/extensions/spark/kyuubi-spark-authz/src/test/scala/org/apache/kyuubi/plugin/spark/authz/gen/TableCommands.scala @@ -276,7 +276,7 @@ object TableCommands { "table", classOf[DataSourceV2RelationTableExtractor], actionTypeDesc = Some(actionTypeDesc)) - TableCommandSpec(cmd, Seq(tableDesc), queryDescs = Seq(queryQueryDesc)) + TableCommandSpec(cmd, Seq(tableDesc)) } val DeleteFromTable = {