HarshMehta112 commented on issue #9084:
URL: https://github.com/apache/gravitino/issues/9084#issuecomment-3525178472
@justinmclean, I observed the following issues:
- The method is called from `JcasbinAuthorizer.loadRolePrivilege()`.
- The runnable modifies shared state (`allowEnforcer`, `denyEnforcer`).
- It performs I/O operations (database reads).
- Multiple threads could corrupt the enforcer state if they run concurrently.
### Recommendation
It’s better to implement **double-checked locking** as shown below:
```java
public void loadRole(Runnable runnable) {
if (hasLoadRole.get()) {
return;
}
synchronized (this) {
// Double-check after acquiring lock (prevents race)
if (hasLoadRole.get()) {
return;
}
try {
runnable.run(); // Execute the loading
hasLoadRole.set(true); // Mark as loaded ONLY after success
} catch (Exception e) {
// Don't set flag on failure - allow retry
throw e;
}
}
}
```
If role loading failsfor any reason the flag remains false, allowing a retry.
I’d appreciate your feedback or suggestions on this.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
