tibrewalpratik17 commented on code in PR #11437: URL: https://github.com/apache/pinot/pull/11437#discussion_r1323605056
########## pinot-broker/src/main/java/org/apache/pinot/broker/requesthandler/BaseBrokerRequestHandler.java: ########## @@ -242,19 +246,23 @@ public BrokerResponse handleRequest(JsonNode request, @Nullable SqlNodeAndOption throws Exception { requestContext.setRequestArrivalTimeMillis(System.currentTimeMillis()); + long requestId = _brokerIdGenerator.get(); + requestContext.setRequestId(requestId); + // First-stage access control to prevent unauthenticated requests from using up resources. Secondary table-level // check comes later. boolean hasAccess = _accessControlFactory.create().hasAccess(requesterIdentity); if (!hasAccess) { _brokerMetrics.addMeteredGlobalValue(BrokerMeter.REQUEST_DROPPED_DUE_TO_ACCESS_ERROR, 1); requestContext.setErrorCode(QueryException.ACCESS_DENIED_ERROR_CODE); + _brokerQueryEventListener.onQueryCompletion(new BrokerQueryEventInfo(requestContext)); throw new WebApplicationException("Permission denied", Response.Status.FORBIDDEN); } - long requestId = _brokerIdGenerator.get(); - requestContext.setRequestId(requestId); JsonNode sql = request.get(Broker.Request.SQL); if (sql == null) { + requestContext.setErrorCode(QueryException.BROKER_REQUEST_SEND_ERROR_CODE); Review Comment: Updated. Even i was kind of confused between these 2. Updated one makes more sense. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org