bharos opened a new pull request, #9212:
URL: https://github.com/apache/gravitino/pull/9212
<!--
1. Title: [#<issue>] <type>(<scope>): <subject>
Examples:
- "[#123] feat(operator): support xxx"
- "[#233] fix: check null before access result in xxx"
- "[MINOR] refactor: fix typo in variable name"
- "[MINOR] docs: fix typo in README"
- "[#255] test: fix flaky test NameOfTheTest"
Reference: https://www.conventionalcommits.org/en/v1.0.0/
2. If the PR is unfinished, please mark this PR as draft.
-->
### What changes were proposed in this pull request?
Modified IcebergNamespaceOperationExecutor to override the client-provided
owner property with the authenticated user from OAuth/JWT tokens when creating
Iceberg schemas.
### Why are the changes needed?
When namespaces are created via Spark or other Iceberg clients, the client
sends its own 'owner' property value (e.g., 'spark', 'system', etc.) in the
CreateNamespaceRequest. This results in incorrect namespace ownership being
stored in the metadata, making audit trails unreliable and not reflecting the
actual authenticated user.
The fix ensures that schema ownership reflects the actual authenticated user
rather than the client's environment or default values.
Fix: #69
### Does this PR introduce _any_ user-facing change?
Yes. Namespaces created through the Iceberg REST API will now show the
authenticated user (from OAuth/JWT token) as the owner instead of the value
sent by the client (e.g., 'spark')
### How was this patch tested?
Unit tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
