Re: [PR] [#9643] improvement: Filter sensitive properties by privileges. [gravitino]

Tue, 10 Feb 2026 04:57:47 -0800 


roryqi commented on code in PR #9785:
URL: https://github.com/apache/gravitino/pull/9785#discussion_r2787807635


##########
server/src/main/java/org/apache/gravitino/server/web/rest/CatalogOperations.java:
##########
@@ -101,16 +113,32 @@ public Response listCatalogs(
             // Lock the root and the metalake with WRITE lock to ensure the 
consistency of the list.
             if (verbose) {
               Catalog[] catalogs = 
catalogDispatcher.listCatalogsInfo(catalogNS);
-              catalogs =
-                  MetadataAuthzHelper.filterByExpression(
-                      metalake,
-                      
AuthorizationExpressionConstants.LOAD_CATALOG_AUTHORIZATION_EXPRESSION,
-                      Entity.EntityType.CATALOG,
-                      catalogs,
-                      (catalogEntity) ->
-                          NameIdentifierUtil.ofCatalog(metalake, 
catalogEntity.name()));
-              Response response = Utils.ok(new 
CatalogListResponse(DTOConverters.toDTOs(catalogs)));
-              LOG.info("List {} catalogs info under metalake: {}", 
catalogs.length, metalake);
+              CatalogDTO[] catalogDTOs;
+              if (filterSensitiveProperties) {
+                MetadataAuthzHelper.FilterResult<Catalog, Catalog> 
filterResult =
+                    MetadataAuthzHelper.partitionByTwoExpressions(
+                        metalake,
+                        
AuthorizationExpressionConstants.CATALOG_OWNER_EXPRESSION,
+                        
AuthorizationExpressionConstants.USE_CATALOG_EXPRESSION,
+                        Entity.EntityType.CATALOG,
+                        catalogs,
+                        (catalogEntity) ->
+                            NameIdentifierUtil.ofCatalog(metalake, 
catalogEntity.name()));
+                // First array: catalogs with full access (can see sensitive 
properties)
+                CatalogDTO[] fullAccessCatalogs = 
DTOConverters.toDTOs(filterResult.getFirst());
+                // Second array: catalogs with use access only (hide sensitive 
properties)
+                CatalogDTO[] limitedAccessCatalogs =
+                    
buildCatalogDTOsWithoutSensitiveProps(filterResult.getSecond());
+                catalogDTOs =
+                    Stream.concat(
+                            Arrays.stream(fullAccessCatalogs), 
Arrays.stream(limitedAccessCatalogs))
+                        .toArray(CatalogDTO[]::new);
+              } else {
+                // If filtering is disabled, return all catalogs with full 
properties
+                catalogDTOs = DTOConverters.toDTOs(catalogs);
+              }

Review Comment:
   You are right. I will fix this.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to