xunliu commented on code in PR #4239:
URL: https://github.com/apache/gravitino/pull/4239#discussion_r1701270570
##########
core/src/main/java/org/apache/gravitino/authorization/AuthorizationUtils.java:
##########
@@ -116,4 +123,67 @@ public static void checkRoleNamespace(Namespace namespace)
{
"Role namespace must have 3 levels, the input namespace is %s",
namespace);
}
+
+ // Install some post hooks used for ownership. The ownership will have the
all privileges
+ // of securable objects, users, groups, roles.
+ public static <T> void prepareAuthorizationHooks(T manager, DispatcherHooks
hooks) {
+ if (manager instanceof SupportsMetalakes) {
+ hooks.addPostHook(
+ "createMetalake",
Review Comment:
hi @jerqi I think using function name string comparing is too error-prone.
We can create a `SetOwner` annotation to supports, for example:
```
public class MetalakeManager implements MetalakeDispatcher {
@Override
@SetOwner
public BaseMetalake createMetalake(
NameIdentifier ident, String comment, Map<String, String> properties)
throws MetalakeAlreadyExistsException {
long uid = idGenerator.nextId();
......
```
Use `SetOwner` annotation to comparing
```
if (method.isAnnotationPresent(SetOwner.class)) {
NameIdentifier identifier = (NameIdentifier) ((Object[]) args)[0];
GravitinoEnv.getInstance()
.ownershipManager()
.setOwner(
identifier,
Entity.EntityType.METALAKE,
PrincipalUtils.getCurrentUserName(),
Owner.Type.USER);
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
