Upgrade: cross join guardrail from warning to ValidationError

Saurabh Badenkal · Saurabh Badenkal · commit 70966245b1a9 · 2026-03-21T21:56:17.000-07:00
Implicit cross joins (FROM a, b without ON) now raise ValidationError
instead of UserWarning. The server allows these but they produce
cartesian products (N*M intermediate rows) that degrade shared DB.

SDK now blocks with clear error: 'Implicit cross join detected...
Use explicit JOIN...ON syntax instead.'

New subcode: validation_sql_cross_join_blocked

SDK guardrail summary:
- INSERT/UPDATE/DELETE -&gt; ValidationError (blocked)
- FROM a, b (cartesian) -&gt; ValidationError (blocked) &lt;-- upgraded
- LIKE '%value' -&gt; UserWarning (performance advisory)
- SELECT * with JOIN -&gt; UserWarning (partial expansion)

756 unit tests passing.
diff --git a/src/PowerPlatform/Dataverse/core/_error_codes.py b/src/PowerPlatform/Dataverse/core/_error_codes.py
@@ -42,6 +42,7 @@
 VALIDATION_SQL_NOT_STRING = "validation_sql_not_string"
 VALIDATION_SQL_EMPTY = "validation_sql_empty"
 VALIDATION_SQL_WRITE_BLOCKED = "validation_sql_write_blocked"
+VALIDATION_SQL_CROSS_JOIN_BLOCKED = "validation_sql_cross_join_blocked"
 VALIDATION_ENUM_NO_MEMBERS = "validation_enum_no_members"
 VALIDATION_ENUM_NON_INT_VALUE = "validation_enum_non_int_value"
 VALIDATION_UNSUPPORTED_COLUMN_TYPE = "validation_unsupported_column_type"
diff --git a/src/PowerPlatform/Dataverse/data/_odata.py b/src/PowerPlatform/Dataverse/data/_odata.py
@@ -29,6 +29,7 @@
     VALIDATION_SQL_NOT_STRING,
     VALIDATION_SQL_EMPTY,
     VALIDATION_SQL_WRITE_BLOCKED,
+    VALIDATION_SQL_CROSS_JOIN_BLOCKED,
     METADATA_ENTITYSET_NOT_FOUND,
     METADATA_ENTITYSET_NAME_MISSING,
     METADATA_TABLE_NOT_FOUND,
@@ -926,15 +927,15 @@ def _sql_guardrails(self, sql: str) -> str:
                 stacklevel=4,
             )
 
-        # 3. Warn on implicit cross joins
+        # 3. Block implicit cross joins
         if self._SQL_IMPLICIT_CROSS_JOIN_RE.search(sql):
-            warnings.warn(
-                "Query appears to use an implicit cross join "
-                "(FROM table1, table2). This produces a cartesian product "
-                "and may return excessive rows. Use explicit JOIN...ON "
-                "syntax instead.",
-                UserWarning,
-                stacklevel=4,
+            raise ValidationError(
+                "Implicit cross join detected (FROM table1, table2). "
+                "This produces a cartesian product that can generate "
+                "millions of intermediate rows and degrade shared database "
+                "performance. Use explicit JOIN...ON syntax instead: "
+                "FROM table1 a JOIN table2 b ON a.column = b.column",
+                subcode=VALIDATION_SQL_CROSS_JOIN_BLOCKED,
             )
 
         return sql
diff --git a/tests/unit/data/test_sql_guardrails.py b/tests/unit/data/test_sql_guardrails.py
@@ -156,38 +156,30 @@ def test_no_like_no_warning(self):
 
 
 # ===================================================================
-# 4. Warn on implicit cross joins
+# 4. Block implicit cross joins
 # ===================================================================
 
 
-class TestImplicitCrossJoinWarning:
-    """FROM a, b (comma syntax) should emit a UserWarning."""
+class TestImplicitCrossJoinBlocked:
+    """FROM a, b (comma syntax) must be blocked with ValidationError."""
 
-    def test_comma_join_warns(self):
+    def test_comma_join_raises(self):
         c = _client()
-        with warnings.catch_warnings(record=True) as w:
-            warnings.simplefilter("always")
+        with pytest.raises(ValidationError, match="cross join"):
             c._sql_guardrails("SELECT TOP 10 a.name, c.fullname FROM account a, contact c")
-            cross_warnings = [x for x in w if "cross join" in str(x.message).lower()]
-            assert len(cross_warnings) == 1
 
-    def test_explicit_join_no_warning(self):
+    def test_explicit_join_not_blocked(self):
         c = _client()
-        with warnings.catch_warnings(record=True) as w:
-            warnings.simplefilter("always")
-            c._sql_guardrails(
-                "SELECT TOP 10 a.name FROM account a " "JOIN contact c ON a.accountid = c.parentcustomerid"
-            )
-            cross_warnings = [x for x in w if "cross join" in str(x.message).lower()]
-            assert len(cross_warnings) == 0
+        # Should NOT raise
+        result = c._sql_guardrails(
+            "SELECT TOP 10 a.name FROM account a " "JOIN contact c ON a.accountid = c.parentcustomerid"
+        )
+        assert "JOIN" in result
 
-    def test_single_table_no_warning(self):
+    def test_single_table_not_blocked(self):
         c = _client()
-        with warnings.catch_warnings(record=True) as w:
-            warnings.simplefilter("always")
-            c._sql_guardrails("SELECT TOP 10 name FROM account")
-            cross_warnings = [x for x in w if "cross join" in str(x.message).lower()]
-            assert len(cross_warnings) == 0
+        result = c._sql_guardrails("SELECT TOP 10 name FROM account")
+        assert "SELECT" in result
 
 
 # ===================================================================
