AngersZhuuuu opened a new pull request, #5796:
URL: https://github.com/apache/kyuubi/pull/5796
# :mag: Description
## Issue References ๐
<!-- Append the issue number after #. If there is no issue for you to link
create one or -->
<!-- If there are no issues to link, please provide details here. -->
This pull request fixes #5793
## Describe Your Solution ๐ง
For SQL have nested scalar-subquery, since the scalar-subquery in
scalar-subquery was not wrapped by `PVM`, this pr fix this.
Note :This bug is not imported by #5780
## Types of changes :bookmark:
<!--- What types of changes does your code introduce? Put an `x` in all the
boxes that apply: -->
- [x] Bugfix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to change)
## Test Plan ๐งช
#### Behavior Without This Pull Request :coffin:
```
CREATE VIEW $db1.$view1
AS
SELECT id, name, max(scope) as max_scope, sum(age) sum_age
FROM $db1.$table2
WHERE scope in (
SELECT max(scope) max_scope
FROM $db1.$table1
WHERE id IN (SELECT id FROM $db1.$table3)
)
GROUP BY id, name
```
when we query `$db1.$view1` and if we have `view1`'s privilege, it will throw
```
Permission denied: user [user_perm_view_only] does not have [select]
privilege on [default/table3/id]
org.apache.kyuubi.plugin.spark.authz.AccessControlException: Permission
denied: user [user_perm_view_only] does not have [select] privilege on
[default/table3/id]
at
org.apache.kyuubi.plugin.spark.authz.ranger.SparkRangerAdminPlugin$.verify(SparkRangerAdminPlugin.scala:167)
```
#### Behavior With This Pull Request :tada:
Won't request `table3`'s privilege
#### Related Unit Tests
---
# Checklists
## ๐ Author Self Checklist
<!--- Go over all the following points, and put an `x` in all the boxes that
apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here
to help! -->
- [x] My code follows the [style
guidelines](https://kyuubi.readthedocs.io/en/master/contributing/code/style.html)
of this project
- [x] I have performed a self-review
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [x] I have added tests that prove my fix is effective or that my feature
works
- [x] New and existing unit tests pass locally with my changes
- [x] This patch was not authored or co-authored using [Generative
Tooling](https://www.apache.org/legal/generative-tooling.html)
## ๐ Committer Pre-Merge Checklist
- [x] Pull request title is okay.
- [x] No license issues.
- [x] Milestone correctly set?
- [x] Test coverage is ok
- [x] Assignees are selected.
- [x] Minimum number of approvals
- [x] No changes are requested
**Be nice. Be informative.**
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
