(polaris) branch main updated: Generic Table/Policy Store: Move feature config check to Adapter and some small refactoring (#1465)

Fri, 25 Apr 2025 13:29:42 -0700 

This is an automated email from the ASF dual-hosted git repository.

yufei pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git


The following commit(s) were added to refs/heads/main by this push:
     new fcd629a4d Generic Table/Policy Store: Move feature config check to 
Adapter and some small refactoring (#1465)
fcd629a4d is described below

commit fcd629a4dc325465651ec96154c510416d570720
Author: Honah (Jonas) J. <[email protected]>
AuthorDate: Fri Apr 25 15:29:16 2025 -0500

    Generic Table/Policy Store: Move feature config check to Adapter and some 
small refactoring (#1465)
---
 .../service/catalog/common/CatalogAdapter.java     | 10 ++++++++++
 .../generic/GenericTableCatalogAdapter.java        | 23 +++++++++++++---------
 .../generic/GenericTableCatalogHandler.java        | 14 -------------
 .../catalog/iceberg/IcebergCatalogAdapter.java     |  6 +-----
 .../catalog/policy/PolicyCatalogAdapter.java       | 10 ++++------
 .../catalog/policy/PolicyCatalogHandler.java       |  3 ---
 6 files changed, 29 insertions(+), 37 deletions(-)

diff --git 
a/service/common/src/main/java/org/apache/polaris/service/catalog/common/CatalogAdapter.java
 
b/service/common/src/main/java/org/apache/polaris/service/catalog/common/CatalogAdapter.java
index 56be4d925..c2b60fbff 100644
--- 
a/service/common/src/main/java/org/apache/polaris/service/catalog/common/CatalogAdapter.java
+++ 
b/service/common/src/main/java/org/apache/polaris/service/catalog/common/CatalogAdapter.java
@@ -18,10 +18,13 @@
  */
 package org.apache.polaris.service.catalog.common;
 
+import jakarta.ws.rs.core.SecurityContext;
 import java.net.URLEncoder;
 import java.nio.charset.Charset;
 import org.apache.iceberg.catalog.Namespace;
+import org.apache.iceberg.exceptions.NotAuthorizedException;
 import org.apache.iceberg.rest.RESTUtil;
+import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal;
 
 /**
  * A common interface for adapters between the REST interface and {@link 
CatalogHandler}
@@ -31,4 +34,11 @@ public interface CatalogAdapter {
   default Namespace decodeNamespace(String namespace) {
     return RESTUtil.decodeNamespace(URLEncoder.encode(namespace, 
Charset.defaultCharset()));
   }
+
+  default void validatePrincipal(SecurityContext securityContext) {
+    var authenticatedPrincipal = (AuthenticatedPolarisPrincipal) 
securityContext.getUserPrincipal();
+    if (authenticatedPrincipal == null) {
+      throw new NotAuthorizedException("Failed to find authenticatedPrincipal 
in SecurityContext");
+    }
+  }
 }
diff --git 
a/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogAdapter.java
 
b/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogAdapter.java
index bfd296904..f7e325b07 100644
--- 
a/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogAdapter.java
+++ 
b/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogAdapter.java
@@ -23,13 +23,13 @@ import jakarta.inject.Inject;
 import jakarta.ws.rs.core.Response;
 import jakarta.ws.rs.core.SecurityContext;
 import org.apache.iceberg.catalog.TableIdentifier;
-import org.apache.iceberg.exceptions.NotAuthorizedException;
-import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal;
 import org.apache.polaris.core.auth.PolarisAuthorizer;
+import org.apache.polaris.core.config.FeatureConfiguration;
 import org.apache.polaris.core.context.CallContext;
 import org.apache.polaris.core.context.RealmContext;
 import org.apache.polaris.core.persistence.PolarisEntityManager;
 import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
+import org.apache.polaris.service.catalog.CatalogPrefixParser;
 import 
org.apache.polaris.service.catalog.api.PolarisCatalogGenericTableApiService;
 import org.apache.polaris.service.catalog.common.CatalogAdapter;
 import org.apache.polaris.service.types.CreateGenericTableRequest;
@@ -44,36 +44,41 @@ public class GenericTableCatalogAdapter
 
   private static final Logger LOGGER = 
LoggerFactory.getLogger(GenericTableCatalogAdapter.class);
 
+  private final RealmContext realmContext;
   private final CallContext callContext;
   private final PolarisEntityManager entityManager;
   private final PolarisMetaStoreManager metaStoreManager;
   private final PolarisAuthorizer polarisAuthorizer;
+  private final CatalogPrefixParser prefixParser;
 
   @Inject
   public GenericTableCatalogAdapter(
+      RealmContext realmContext,
       CallContext callContext,
       PolarisEntityManager entityManager,
       PolarisMetaStoreManager metaStoreManager,
-      PolarisAuthorizer polarisAuthorizer) {
+      PolarisAuthorizer polarisAuthorizer,
+      CatalogPrefixParser prefixParser) {
+    this.realmContext = realmContext;
     this.callContext = callContext;
     this.entityManager = entityManager;
     this.metaStoreManager = metaStoreManager;
     this.polarisAuthorizer = polarisAuthorizer;
+    this.prefixParser = prefixParser;
   }
 
   private GenericTableCatalogHandler newHandlerWrapper(
-      SecurityContext securityContext, String catalogName) {
-    var authenticatedPrincipal = (AuthenticatedPolarisPrincipal) 
securityContext.getUserPrincipal();
-    if (authenticatedPrincipal == null) {
-      throw new NotAuthorizedException("Failed to find authenticatedPrincipal 
in SecurityContext");
-    }
+      SecurityContext securityContext, String prefix) {
+    FeatureConfiguration.enforceFeatureEnabledOrThrow(
+        callContext, FeatureConfiguration.ENABLE_GENERIC_TABLES);
+    validatePrincipal(securityContext);
 
     return new GenericTableCatalogHandler(
         callContext,
         entityManager,
         metaStoreManager,
         securityContext,
-        catalogName,
+        prefixParser.prefixToCatalogName(realmContext, prefix),
         polarisAuthorizer);
   }
 
diff --git 
a/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogHandler.java
 
b/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogHandler.java
index b1f2648f1..7f6d48cc6 100644
--- 
a/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogHandler.java
+++ 
b/service/common/src/main/java/org/apache/polaris/service/catalog/generic/GenericTableCatalogHandler.java
@@ -25,7 +25,6 @@ import org.apache.iceberg.catalog.Namespace;
 import org.apache.iceberg.catalog.TableIdentifier;
 import org.apache.polaris.core.auth.PolarisAuthorizableOperation;
 import org.apache.polaris.core.auth.PolarisAuthorizer;
-import org.apache.polaris.core.config.FeatureConfiguration;
 import org.apache.polaris.core.context.CallContext;
 import org.apache.polaris.core.entity.PolarisEntitySubType;
 import org.apache.polaris.core.entity.table.GenericTableEntity;
@@ -53,21 +52,8 @@ public class GenericTableCatalogHandler extends 
CatalogHandler {
     this.metaStoreManager = metaStoreManager;
   }
 
-  public void enforceGenericTablesEnabledOrThrow() {
-    boolean enabled =
-        callContext
-            .getPolarisCallContext()
-            .getConfigurationStore()
-            .getConfiguration(
-                callContext.getPolarisCallContext(), 
FeatureConfiguration.ENABLE_GENERIC_TABLES);
-    if (!enabled) {
-      throw new UnsupportedOperationException("Generic table support is not 
enabled");
-    }
-  }
-
   @Override
   protected void initializeCatalog() {
-    enforceGenericTablesEnabledOrThrow();
     this.genericTableCatalog =
         new GenericTableCatalog(metaStoreManager, callContext, 
this.resolutionManifest);
   }
diff --git 
a/service/common/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
 
b/service/common/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
index e2dcefc0b..d1c930bf4 100644
--- 
a/service/common/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
+++ 
b/service/common/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogAdapter.java
@@ -182,11 +182,7 @@ public class IcebergCatalogAdapter
 
   private IcebergCatalogHandler newHandlerWrapper(
       SecurityContext securityContext, String catalogName) {
-    AuthenticatedPolarisPrincipal authenticatedPrincipal =
-        (AuthenticatedPolarisPrincipal) securityContext.getUserPrincipal();
-    if (authenticatedPrincipal == null) {
-      throw new NotAuthorizedException("Failed to find authenticatedPrincipal 
in SecurityContext");
-    }
+    validatePrincipal(securityContext);
 
     return new IcebergCatalogHandler(
         callContext,
diff --git 
a/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogAdapter.java
 
b/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogAdapter.java
index fe70d00a8..ef000add5 100644
--- 
a/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogAdapter.java
+++ 
b/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogAdapter.java
@@ -23,10 +23,9 @@ import jakarta.inject.Inject;
 import jakarta.ws.rs.core.Response;
 import jakarta.ws.rs.core.SecurityContext;
 import org.apache.iceberg.catalog.Namespace;
-import org.apache.iceberg.exceptions.NotAuthorizedException;
 import org.apache.iceberg.rest.RESTUtil;
-import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal;
 import org.apache.polaris.core.auth.PolarisAuthorizer;
+import org.apache.polaris.core.config.FeatureConfiguration;
 import org.apache.polaris.core.context.CallContext;
 import org.apache.polaris.core.context.RealmContext;
 import org.apache.polaris.core.persistence.PolarisEntityManager;
@@ -74,10 +73,9 @@ public class PolicyCatalogAdapter implements 
PolarisCatalogPolicyApiService, Cat
   }
 
   private PolicyCatalogHandler newHandlerWrapper(SecurityContext 
securityContext, String prefix) {
-    var authenticatedPrincipal = (AuthenticatedPolarisPrincipal) 
securityContext.getUserPrincipal();
-    if (authenticatedPrincipal == null) {
-      throw new NotAuthorizedException("Failed to find authenticatedPrincipal 
in SecurityContext");
-    }
+    FeatureConfiguration.enforceFeatureEnabledOrThrow(
+        callContext, FeatureConfiguration.ENABLE_POLICY_STORE);
+    validatePrincipal(securityContext);
 
     return new PolicyCatalogHandler(
         callContext,
diff --git 
a/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogHandler.java
 
b/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogHandler.java
index 8273256ba..f4dea27b4 100644
--- 
a/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogHandler.java
+++ 
b/service/common/src/main/java/org/apache/polaris/service/catalog/policy/PolicyCatalogHandler.java
@@ -32,7 +32,6 @@ import org.apache.iceberg.exceptions.NotFoundException;
 import org.apache.polaris.core.auth.PolarisAuthorizableOperation;
 import org.apache.polaris.core.auth.PolarisAuthorizer;
 import org.apache.polaris.core.catalog.PolarisCatalogHelpers;
-import org.apache.polaris.core.config.FeatureConfiguration;
 import org.apache.polaris.core.context.CallContext;
 import org.apache.polaris.core.entity.PolarisEntitySubType;
 import org.apache.polaris.core.entity.PolarisEntityType;
@@ -73,8 +72,6 @@ public class PolicyCatalogHandler extends CatalogHandler {
 
   @Override
   protected void initializeCatalog() {
-    FeatureConfiguration.enforceFeatureEnabledOrThrow(
-        callContext, FeatureConfiguration.ENABLE_POLICY_STORE);
     this.policyCatalog = new PolicyCatalog(metaStoreManager, callContext, 
this.resolutionManifest);
   }

Reply via email to