freesinger opened a new pull request, #11605: URL: https://github.com/apache/gravitino/pull/11605
Route internal catalog, schema, table, fileset, and topic lookups through
dedicated internal dispatchers so service code can bypass user-facing
authorization checks when validating privileges or loading metadata.
<!--
1. Title: [#<issue>] <type>(<scope>): <subject>
Examples:
- "[#123] feat(operator): Support xxx"
- "[#233] fix: Check null before access result in xxx"
- "[MINOR] refactor: Fix typo in variable name"
- "[MINOR] docs: Fix typo in README"
- "[#255] test: Fix flaky test NameOfTheTest"
Reference: https://www.conventionalcommits.org/en/v1.0.0/
2. If the PR is unfinished, please mark this PR as draft.
-->
### What changes were proposed in this pull request?
This PR audits several internal metadata-loading paths and switches them
from the regular dispatchers to internal dispatchers so they do not trigger
user-visible hook/event/audit chains.
The change includes:
- Exposing internal dispatcher entry points in `GravitinoEnv`
- Updating `AuthorizationUtils` to use internal catalog/schema/table/fileset
dispatchers
- Updating internal schema-loading paths in `TableOperationDispatcher`,
`TopicOperationDispatcher`, and `ViewOperationDispatcher`
- Updating Iceberg REST metadata import/sync paths to use internal
dispatchers
- Updating Ranger authorization plugin internal catalog/table lookups to use
internal dispatchers
- Adjusting unit tests so they verify the internal dispatcher paths are used
### Why are the changes needed?
Some internal infrastructure/helper flows still loaded metadata through the
regular dispatchers, which may go through normal hook/event/audit logic and
produce misleading user-visible events for non-user-facing operations.
This is especially problematic for:
- authorization helper metadata lookups
- Ranger policy translation/update flows
- operation-dispatcher internal schema checks
- Iceberg REST metadata synchronization/import
These paths are internal implementation details and should use
internal/no-event dispatchers instead of the regular user-facing dispatcher
chain.
Fix: #11389
### Does this PR introduce _any_ user-facing change?
No.
This PR does not add or change user-facing APIs or configuration keys.
It only changes internal metadata-loading paths so infrastructure operations
no longer reuse the regular dispatcher chain.
### How was this patch tested?
I added/updated unit tests covering the affected internal paths and ran
targeted tests successfully.
Executed verification:
```bash
./gradlew :core:test \
--tests org.apache.gravitino.authorization.TestAuthorizationUtils \
--tests org.apache.gravitino.catalog.TestTableOperationDispatcher \
--tests org.apache.gravitino.catalog.TestTopicOperationDispatcher \
--tests org.apache.gravitino.catalog.TestViewOperationDispatcher \
-PskipITs -PskipDockerTests=false
./gradlew :iceberg:iceberg-rest-server:test \
--tests
org.apache.gravitino.iceberg.service.dispatcher.TestIcebergNamespaceHookDispatcher
\
--tests
org.apache.gravitino.iceberg.service.dispatcher.TestIcebergTableHookDispatcher
\
--tests
org.apache.gravitino.iceberg.service.dispatcher.TestIcebergViewHookDispatcher \
--tests
org.apache.gravitino.iceberg.service.provider.TestDynamicIcebergConfigProvider
\
-PskipITs -PskipDockerTests=false
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
