Skip to content

driver impersonation fix#6

Merged
AbhishekGedela merged 1 commit intomasterfrom
fix_driver_6
Apr 16, 2026
Merged

driver impersonation fix#6
AbhishekGedela merged 1 commit intomasterfrom
fix_driver_6

Conversation

@AbhishekGedela
Copy link
Copy Markdown
Collaborator

@AbhishekGedela AbhishekGedela commented Apr 16, 2026

No description provided.

@AbhishekGedela AbhishekGedela merged commit 58d3cb5 into master Apr 16, 2026
4 of 6 checks passed
Copilot AI reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the Starburst driver’s Trino session-user impersonation logic to rely solely on the JDBC clientInfo flag (impersonate:true) and removes the previous PAT-/database-specific override behavior.

Changes:

  • Simplifies impersonate-user to set Trino sessionUser only when clientInfo includes impersonate:true, using the current Metabase user’s email.
  • Simplifies remove-impersonation to clear Trino sessionUser only when clientInfo includes impersonate:true.
  • Removes the prior special-casing for PAT auth / specific database IDs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread drivers/starburst/src/metabase/driver/implementation/execute.clj
Comment on lines +165 to +169
(if
(clojure.string/includes? (.getProperty (.getClientInfo conn) "ClientInfo" "") "impersonate:true")
(let [email (get (deref api/*current-user*) :email)]
(.setSessionUser (.unwrap conn TrinoConnection) email))
nil))
Copy link

Copilot AI Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change removes the previous PAT-specific fallback (and the ability to set a non-email session user) and now always derives the Trino session user from api/*current-user*. If *current-user* is unset/empty in PAT or other non-request contexts, email will be nil and setSessionUser will receive null, which can break query execution. Consider restoring a safe fallback (e.g., use the DB connection user, a dedicated service user, or skip impersonation with a clear error) when :email is missing, and clarify the intended behavior for PAT flows.

Copilot uses AI. Check for mistakes.
Comment thread drivers/starburst/src/metabase/driver/implementation/execute.clj
nil)))
(if
(clojure.string/includes? (.getProperty (.getClientInfo conn) "ClientInfo" "") "impersonate:true")
(let [email (get (deref api/*current-user*) :email)]
Copy link

Copilot AI Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With the removal of the previous force-pat-user? path, there’s no test coverage ensuring Starburst queries behave correctly when executed via PAT / non-interactive auth (where api/*current-user* may differ or be absent). Add a regression test covering impersonation/session-user behavior for PAT (or explicitly assert it’s unsupported) to prevent breaking token-based access.

Suggested change
(let [email (get (deref api/*current-user*) :email)]
(when-let [email (some-> api/*current-user* deref :email not-empty)]

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@UtkarshPurohit03 UtkarshPurohit03 UtkarshPurohit03 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AbhishekGedela @UtkarshPurohit03