apache · clintropolis · Jul 27, 2022 · Jun 26, 2022 · Jul 15, 2022 · Jul 15, 2022
diff --git a/...ion-tests/src/test/java/org/apache/druid/tests/security/ITBasicAuthConfigurationTest.java b/...ion-tests/src/test/java/org/apache/druid/tests/security/ITBasicAuthConfigurationTest.java
@@ -48,7 +48,7 @@ public class ITBasicAuthConfigurationTest extends AbstractAuthConfigurationTest
   private static final String BASIC_AUTHORIZER = "basic";
 
   private static final String EXPECTED_AVATICA_AUTH_ERROR = "Error while executing SQL \"SELECT * FROM INFORMATION_SCHEMA.COLUMNS\": Remote driver error: QueryInterruptedException: User metadata store authentication failed. -> BasicSecurityAuthenticationException: User metadata store authentication failed.";
-  private static final String EXPECTED_AVATICA_AUTHZ_ERROR = "Error while executing SQL \"SELECT * FROM INFORMATION_SCHEMA.COLUMNS\": Remote driver error: RuntimeException: org.apache.druid.server.security.ForbiddenException: Allowed:false, Message: -> ForbiddenException: Allowed:false, Message:";
+  private static final String EXPECTED_AVATICA_AUTHZ_ERROR = "Error while executing SQL \"SELECT * FROM INFORMATION_SCHEMA.COLUMNS\": Remote driver error: ForbiddenException: Allowed:false, Message:";
 
   private HttpClient druid99;
 

diff --git a/...tests/src/test/java/org/apache/druid/tests/security/ITBasicAuthLdapConfigurationTest.java b/...tests/src/test/java/org/apache/druid/tests/security/ITBasicAuthLdapConfigurationTest.java
@@ -54,7 +54,7 @@ public class ITBasicAuthLdapConfigurationTest extends AbstractAuthConfigurationT
   private static final String LDAP_AUTHORIZER = "ldapauth";
 
   private static final String EXPECTED_AVATICA_AUTH_ERROR = "Error while executing SQL \"SELECT * FROM INFORMATION_SCHEMA.COLUMNS\": Remote driver error: QueryInterruptedException: User LDAP authentication failed. -> BasicSecurityAuthenticationException: User LDAP authentication failed.";
-  private static final String EXPECTED_AVATICA_AUTHZ_ERROR = "Error while executing SQL \"SELECT * FROM INFORMATION_SCHEMA.COLUMNS\": Remote driver error: RuntimeException: org.apache.druid.server.security.ForbiddenException: Allowed:false, Message: -> ForbiddenException: Allowed:false, Message:";
+  private static final String EXPECTED_AVATICA_AUTHZ_ERROR = "Error while executing SQL \"SELECT * FROM INFORMATION_SCHEMA.COLUMNS\": Remote driver error: ForbiddenException: Allowed:false, Message:";
 
   @Inject
   IntegrationTestingConfig config;

diff --git a/sql/src/main/java/org/apache/druid/sql/SqlLifecycle.java b/sql/src/main/java/org/apache/druid/sql/SqlLifecycle.java
@@ -170,7 +170,7 @@ private String sqlQueryId()
   }
 
   /**
-   * Assign dynamic parameters to be used to substitute values during query exection. This can be performed at any
+   * Assign dynamic parameters to be used to substitute values during query execution. This can be performed at any
    * part of the lifecycle.
    */
   public void setParameters(List<TypedValue> parameters)

diff --git a/sql/src/main/java/org/apache/druid/sql/SqlQueryPlus.java b/sql/src/main/java/org/apache/druid/sql/SqlQueryPlus.java
@@ -0,0 +1,128 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.sql;
+
+import com.google.common.base.Preconditions;
+import org.apache.calcite.avatica.remote.TypedValue;
+import org.apache.druid.query.QueryContext;
+import org.apache.druid.server.security.AuthenticationResult;
+import org.apache.druid.sql.http.SqlParameter;
+import org.apache.druid.sql.http.SqlQuery;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Captures the inputs to a SQL execution request: the statement,
+ * the context, parameters, and the authorization result. Pass this
+ * around rather than the quad of items. The request can evolve:
+ * items can be filled in later as needed (except for the SQL
+ * and auth result, which are required.)
+ */
+public class SqlQueryPlus
+{
+  private final String sql;
+  private final QueryContext queryContext;
+  private final List<TypedValue> parameters;
+  private final AuthenticationResult authResult;
+
+  public SqlQueryPlus(
+      String sql,
+      QueryContext queryContext,
+      List<TypedValue> parameters,
+      AuthenticationResult authResult
+  )
+  {
+    this.sql = Preconditions.checkNotNull(sql);
+    this.queryContext = queryContext == null
+        ? new QueryContext()
+        : queryContext;
+    this.parameters = parameters == null
+        ? Collections.emptyList()
+        : parameters;
+    this.authResult = Preconditions.checkNotNull(authResult);
+  }
+
+  public SqlQueryPlus(final String sql, final AuthenticationResult authResult)
+  {
+    this(sql, (QueryContext) null, null, authResult);
+  }
+
+  public static SqlQueryPlus fromSqlParameters(
+      String sql,
+      Map<String, Object> queryContext,
+      List<SqlParameter> parameters,
+      AuthenticationResult authResult
+  )
+  {
+    return new SqlQueryPlus(
+        sql,
+        queryContext == null ? null : new QueryContext(queryContext),
+        parameters == null ? null : SqlQuery.getParameterList(parameters),
+        authResult
+     );
+  }
+
+  public static SqlQueryPlus from(
+      String sql,
+      Map<String, Object> queryContext,
+      List<TypedValue> parameters,
+      AuthenticationResult authResult
+  )
+  {
+    return new SqlQueryPlus(
+        sql,
+        queryContext == null ? null : new QueryContext(queryContext),
+        parameters,
+        authResult
+    );
+  }
+
+  public String sql()
+  {
+    return sql;
+  }
+
+  public QueryContext context()
+  {
+    return queryContext;
+  }
+
+  public List<TypedValue> parameters()
+  {
+    return parameters;
+  }
+
+  public AuthenticationResult authResult()
+  {
+    return authResult;
+  }
+
+  public SqlQueryPlus withContext(QueryContext context)
+  {
+    return new SqlQueryPlus(sql, context, parameters, authResult);
+  }
+
+  public SqlQueryPlus withParameters(List<TypedValue> parameters)
+  {
+    return new SqlQueryPlus(sql, queryContext, parameters, authResult);
+  }
+}