bharos opened a new pull request, #8857: URL: https://github.com/apache/gravitino/pull/8857
### What changes were proposed in this pull request? Modified IcebergTableOperationExecutor to override the client-provided owner property with the authenticated user from OAuth/JWT tokens when creating Iceberg tables. ### Why are the changes needed? When tables are created via Spark or other Iceberg clients, the client sends its own 'owner' property value (e.g., 'spark', 'system', etc.) in the CreateTableRequest. This results in incorrect table ownership being stored in the metadata, making audit trails unreliable and not reflecting the actual authenticated user. The fix ensures that table ownership reflects the actual authenticated user rather than the client's environment or default values. ### Does this PR introduce _any_ user-facing change? Yes. Tables created through the Iceberg REST API will now show the authenticated user (from OAuth/JWT token) as the owner instead of the value sent by the client (e.g., 'spark'). ### How was this patch tested? Tested with Spark SQL creating tables through Gravitino Iceberg REST service with OAuth authentication. Verified that: - Tables now show correct owner (e.g., '[email protected]') - Previous behavior showed 'spark' as owner - Backward compatible when OAuth is disabled Fixes: #8856 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
