Skip to main content

enforce_column_access

Function enforce_column_access 

Source
pub fn enforce_column_access(
    sql: &str,
    schema: &DatasetSchema,
) -> Result<(), AppError>
Expand description

Enforce a dataset’s column-level access filters on a raw-SQL statement.

The structured /query endpoint can tell a projection column from a filter column, so it distinguishes the two filters precisely. Raw SQL cannot be re-planned that cheaply, so the SQL endpoint applies a single conservative rule: a column that is hidden from projection or blocked from predicates may not be referenced at all, and SELECT * is rejected whenever any column is hidden (it would otherwise expand to include the hidden ones). A column reference that does not name a real schema column (an alias, CTE column, or function) is ignored — only the engine can resolve those.

schema is the referenced dataset’s schema. A no-op when the schema carries no active filters. On a parse failure the statement is passed through unchanged so the backend surfaces the real parse error.