heguanhui opened a new pull request, #63313: URL: https://github.com/apache/doris/pull/63313
### What problem does this PR solve? Issue Number: close #xxx Problem Summary: When a role is dropped, row policies bound to that role are not cleaned up. Similarly, when a user is dropped, row policies bound to that user are not cleaned up. This causes orphaned row policies that can never be removed through normal `DROP ROW POLICY` commands since the referenced role/user no longer exists. ### Release note Row policies bound to a role are now automatically cleaned up when the role is dropped. Row policies bound to a user are now automatically cleaned up when the user is dropped. ### Check List (For Author) - Test: Regression test - Behavior changed: Yes, row policies are now automatically cleaned up when dropping role/user - Does this need documentation: No ### Changes 1. Added `PolicyMgr.dropPoliciesByRole(String roleName, boolean isReplay)` - removes all row policies bound to a given role, with proper edit log handling for non-replay mode 2. Added `PolicyMgr.dropPoliciesByUser(UserIdentity user, boolean isReplay)` - removes all row policies bound to a given user, with proper edit log handling for non-replay mode 3. Modified `Auth.dropRoleInternal()` to call `dropPoliciesByRole` after the role is dropped 4. Modified `Auth.dropUserInternal()` to call `dropPoliciesByUser` after the user is dropped 5. Added regression test covering both drop role and drop user scenarios -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
