func (self *Permissions) AuthorizeSelectQuery(user common.User, db string, querySpec *parser.QuerySpec) (ok bool, err common.AuthorizationError) { // if this isn't a regex query do the permission check here fromClause := querySpec.SelectQuery().GetFromClause() for _, n := range fromClause.Names { if _, ok := n.Name.GetCompiledRegex(); ok { break } else if name := n.Name.Name; !user.HasReadAccess(name) { return false, common.NewAuthorizationError("User doesn't have read access to %s", name) } } return true, "" }