Disable Groovy function by default

[snleee]

This is the last step for #7966 to disable groovy function by default.

Release Notes: We are disabling groovy function by default due to the potential security issues. To enable back the functionality, users can choose to use table-level config override or broker/controller config to turn it on globally.

# Enable Groovy globally on Pinot broker
pinot.broker.disable.query.groovy=false

# Enable Groovy globally on Pinot controller
controller.disable.ingestion.groovy=false

# Table override
{
  "tableName": "myTable",
  "tableType": "OFFLINE",
 
  "query" : {
    "disableGroovy": false
  }
}

[Jackie-Jiang]

Why do we change this? We can only allow groovy when both offline and realtime table has it enabled

[snleee]

I will improve this logic in that case. I was trying to handle offline/ realtime only case.

We need an extra null check for the table configs.

1. If both offline/realtime exists, allow if both got enabled.
2. if only one exists, allow if the specific table got enabled.

[snleee]

@Jackie-Jiang pls review the updated code.

[codecov-commenter]

Codecov Report

Merging #8711 (1b56986) into master (f90137b) will decrease coverage by 1.20%.
The diff coverage is 69.23%.

❗ Current head 1b56986 differs from pull request most recent head 5a82d27. Consider uploading reports for the commit 5a82d27 to get more accurate results

@@             Coverage Diff              @@
##             master    #8711      +/-   ##
============================================
- Coverage     69.65%   68.44%   -1.21%     
+ Complexity     4571     4555      -16     
============================================
  Files          1720     1725       +5     
  Lines         89835    90105     +270     
  Branches      13333    13416      +83     
============================================
- Hits          62574    61672     -902     
- Misses        22940    24124    +1184     
+ Partials       4321     4309      -12     

Flag	Coverage Δ
integration1	26.92% <23.07%> (-0.09%)	⬇️
integration2	?
unittests1	66.17% <81.35%> (+0.01%)	⬆️
unittests2	14.27% <19.53%> (-0.07%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
.../data/manager/offline/OfflineTableDataManager.java	100.00% <ø> (ø)
...ata/manager/realtime/RealtimeTableDataManager.java	45.41% <0.00%> (-22.86%)	⬇️
...inot/core/operator/filter/FilterOperatorUtils.java	86.25% <ø> (ø)
...inot/plugin/inputformat/csv/CSVMessageDecoder.java	0.00% <0.00%> (ø)
...va/org/apache/pinot/spi/utils/CommonConstants.java	21.31% <ø> (ø)
...va/org/apache/pinot/common/utils/SegmentUtils.java	53.84% <16.66%> (-17.59%)	⬇️
.../core/realtime/PinotLLCRealtimeSegmentManager.java	77.41% <20.00%> (-0.55%)	⬇️
.../controller/api/upload/SegmentValidationUtils.java	40.00% <40.00%> (ø)
...ces/PinotSegmentUploadDownloadRestletResource.java	53.75% <63.38%> (-3.52%)	⬇️
...roker/requesthandler/BaseBrokerRequestHandler.java	66.81% <65.21%> (-3.45%)	⬇️
... and 144 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f90137b...5a82d27. Read the comment docs.

[Jackie-Jiang]

LGTM

[abhs50]

Hello, Is there an ETA on when this fix will be released in latest version ? Thanks.

[Jackie-Jiang]

cc @atris Do we have an ETA for the 0.11.0 release?