hdygxsj commented on code in PR #9585: URL: https://github.com/apache/gravitino/pull/9585#discussion_r2659646292
########## server/src/main/java/org/apache/gravitino/server/web/rest/TableOperations.java: ########## @@ -164,14 +165,17 @@ public Response createTable( @Timed(name = "load-table." + MetricNames.HTTP_PROCESS_DURATION, absolute = true) @ResponseMetered(name = "load-table", absolute = true) @AuthorizationExpression( - expression = AuthorizationExpressionConstants.loadTableAuthorizationExpression, + expression = AuthorizationExpressionConstants.LOAD_TABLE_AUTHORIZATION_EXPRESSION, Review Comment: Since LoadTableAuthorizationExecutor replaces the authorization expression, we should add explanatory comments to clarify this behavior and prevent users from being confused by apparent inconsistencies between the declared privileges and the actual expressions. Alternatively, we could make the behavior more transparent by encoding the logic directly into the expression itself—for example: ```java PRIVILEGE == 'MODIFY_TABLE' && MODIFY_TABLE_AUTHORIZATION_EXPRESSION || PRIVILEGE == null && LOAD_TABLE_AUTHORIZATION_EXPRESSION ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
