a638011 opened a new pull request, #10132: URL: https://github.com/apache/gravitino/pull/10132
### What changes were proposed in this pull request? Guard privilege removal behind operation success in `TableHookDispatcher.dropTable()` and `TableHookDispatcher.purgeTable()`. ### Why are the changes needed? Currently, `TableHookDispatcher.dropTable()` and `purgeTable()` call `AuthorizationUtils.authorizationPluginRemovePrivileges()` unconditionally. If the underlying dispatcher returns false (table not dropped/purged), privileges are still removed, causing authorization metadata to become inconsistent with the table's actual state. Fix #10131 ### Does this PR introduce any user-facing change? No. This is an internal bug fix that prevents authorization metadata inconsistency. ### How was this patch tested? Added comprehensive unit tests in `TestTableHookDispatcher`: - `testDropTableShouldNotRemovePrivilegesWhenDropFails` - verifies privileges are NOT removed when drop fails - `testDropTableShouldRemovePrivilegesWhenDropSucceeds` - verifies privileges ARE removed when drop succeeds - `testPurgeTableShouldNotRemovePrivilegesWhenPurgeFails` - verifies privileges are NOT removed when purge fails - `testPurgeTableShouldRemovePrivilegesWhenPurgeSucceeds` - verifies privileges ARE removed when purge succeeds All tests use Mockito to mock the underlying dispatcher and verify the authorization plugin behavior. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
