Re: [PR] [#3733] feat(core): Unified authorization framework [gravitino]

via GitHub Wed, 03 Jul 2024 07:10:10 -0700


xunliu commented on code in PR #3946:
URL: https://github.com/apache/gravitino/pull/3946#discussion_r1664259903



##########
core/src/main/java/com/datastrato/gravitino/authorization/AuthorizationUserHook.java:
##########
@@ -0,0 +1,112 @@
+/*
+ * Copyright 2024 Datastrato Pvt Ltd.
+ * This software is licensed under the Apache License version 2.
+ */
+package com.datastrato.gravitino.authorization;
+
+import java.util.List;
+
+/**
+ * Interface for authorization User and Group hooks operation of the 
underlying access control
+ * system.
+ */
+public interface AuthorizationUserHook {
+  /**
+   * Add a new User to underlying access control system.
+   *
+   * @param user The user entity.
+   * @return True if the add User was successfully added, false if the add 
User was failed.
+   * @throws RuntimeException If adding the User encounters storage issues.
+   */
+  Boolean onAddUser(User user) throws RuntimeException;
+
+  /**
+   * Removes a User from underlying access control system.
+   *
+   * @param user The name of the User.
+   * @return True if the User was successfully removed, false if the remove 
User was failed.
+   * @throws RuntimeException If removing the User encounters storage issues.
+   */
+  Boolean onRemoveUser(String user) throws RuntimeException;
+
+  /**
+   * Gets a User from underlying access control system. Because User 
information already storage in
+   * the Gravition, so we don't need to get the User from the underlying 
access control system. We
+   * only need to check if the User exists in the underlying access control 
system.
+   *
+   * @param user The name of the User.
+   * @return The getting User instance.
+   * @throws RuntimeException If getting the User encounters storage issues.
+   */
+  User onGetUser(String user) throws RuntimeException;

Review Comment:
   Changed to `Boolean onCheckUser()...`



##########
core/src/main/java/com/datastrato/gravitino/authorization/AuthorizationUserHook.java:
##########
@@ -0,0 +1,112 @@
+/*
+ * Copyright 2024 Datastrato Pvt Ltd.
+ * This software is licensed under the Apache License version 2.
+ */
+package com.datastrato.gravitino.authorization;
+
+import java.util.List;
+
+/**
+ * Interface for authorization User and Group hooks operation of the 
underlying access control
+ * system.
+ */
+public interface AuthorizationUserHook {
+  /**
+   * Add a new User to underlying access control system.
+   *
+   * @param user The user entity.
+   * @return True if the add User was successfully added, false if the add 
User was failed.
+   * @throws RuntimeException If adding the User encounters storage issues.
+   */
+  Boolean onAddUser(User user) throws RuntimeException;
+
+  /**
+   * Removes a User from underlying access control system.
+   *
+   * @param user The name of the User.
+   * @return True if the User was successfully removed, false if the remove 
User was failed.
+   * @throws RuntimeException If removing the User encounters storage issues.
+   */
+  Boolean onRemoveUser(String user) throws RuntimeException;
+
+  /**
+   * Gets a User from underlying access control system. Because User 
information already storage in
+   * the Gravition, so we don't need to get the User from the underlying 
access control system. We
+   * only need to check if the User exists in the underlying access control 
system.
+   *
+   * @param user The name of the User.
+   * @return The getting User instance.
+   * @throws RuntimeException If getting the User encounters storage issues.
+   */
+  User onGetUser(String user) throws RuntimeException;
+
+  /**
+   * Adds a new Group to underlying access control system.
+   *
+   * @param group The name of the Group.
+   * @return True if the add Group was successfully added, false if the add 
Group was failed.
+   * @throws RuntimeException If adding the Group encounters storage issues.
+   */
+  Boolean onAddGroup(String group) throws RuntimeException;
+
+  /**
+   * Removes a Group from underlying access control system.
+   *
+   * @param group THe name of the Group.
+   * @return True if the remove Group was successfully removed, false if the 
remove Group was
+   *     failed.
+   * @throws RuntimeException If removing the Group encounters storage issues.
+   */
+  Boolean onRemoveGroup(String group) throws RuntimeException;
+
+  /**
+   * Gets a Group from underlying access control system. Because Group 
information already storage
+   * in the Gravition, so we don't need to get the Group from the underlying 
access control system.
+   * We only need to check if the Group exists in the underlying access 
control system.
+   *
+   * @param group The name of the Group.
+   * @return The getting Group instance.
+   * @throws RuntimeException If getting the Group encounters storage issues.
+   */
+  Group onGetGroup(String group);

Review Comment:
   Changed to `Boolean onCheckGroup()...`



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] [#3733] feat(core): Unified authorization framework [gravitino]

Reply via email to