This is an automated email from the ASF dual-hosted git repository.
ruifengz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push:
new b3e64ad4b155 [SPARK-51059][ML][CONNECT][DOCS] Document how
ALLOWED_ATTRIBUTES works
b3e64ad4b155 is described below
commit b3e64ad4b155d532f312df30c1f8fff3aec8978e
Author: Ruifeng Zheng <ruife...@apache.org>
AuthorDate: Thu Feb 13 12:31:31 2025 +0800
[SPARK-51059][ML][CONNECT][DOCS] Document how ALLOWED_ATTRIBUTES works
### What changes were proposed in this pull request?
Document how ALLOWED_ATTRIBUTES works
### Why are the changes needed?
to explain how the reflection is checked
### Does this PR introduce _any_ user-facing change?
doc-only
### How was this patch tested?
ci
### Was this patch authored or co-authored using generative AI tooling?
no
Closes #49918 from zhengruifeng/ml_doc_attr_list.
Authored-by: Ruifeng Zheng <ruife...@apache.org>
Signed-off-by: Ruifeng Zheng <ruife...@apache.org>
---
.../main/scala/org/apache/spark/sql/connect/ml/MLUtils.scala | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git
a/sql/connect/server/src/main/scala/org/apache/spark/sql/connect/ml/MLUtils.scala
b/sql/connect/server/src/main/scala/org/apache/spark/sql/connect/ml/MLUtils.scala
index 7f2e687579b5..2d91a4a4bc72 100644
---
a/sql/connect/server/src/main/scala/org/apache/spark/sql/connect/ml/MLUtils.scala
+++
b/sql/connect/server/src/main/scala/org/apache/spark/sql/connect/ml/MLUtils.scala
@@ -450,7 +450,16 @@ private[ml] object MLUtils {
// Since we're using reflection way to get the attribute, in order not to
// leave a security hole, we define an allowed attribute list that can be
accessed.
- // The attributes could be retrieved from the corresponding python class
+ // The attributes could be retrieved from the Connect clients.
+ // Before each invocation, both the object type and method name need to be
checked here.
+ // Class inheritance is also considered.
+ // For example, if the object is a subclass of
'ProbabilisticClassificationModel',
+ // methods defined in the superclass ('ClassificationModel',
'PredictionModel' and
+ // 'Identifiable') are also allowed.
+ // So if a 3-rd party model extends 'ProbabilisticClassificationModel', then
+ // 'model.predictRaw' defined in 'ClassificationModel' is allowed to invoke.
+ // If the object is not the expected type or the method is not allowed,
+ // we throw an exception 'MLAttributeNotAllowedException'.
private lazy val ALLOWED_ATTRIBUTES = Seq(
(classOf[Identifiable], Set("toString")),
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org
