roryqi opened a new pull request, #11627:
URL: https://github.com/apache/gravitino/pull/11627

   ### What changes were proposed in this pull request?
   
   - Pass explicit required privileges when Spark loads Gravitino tables.
   - Defer table authorization failures until Spark analysis completes.
   - Aggregate and report all denied tables and required privileges.
   - Register the authorization check through Spark session extensions.
   
   ### Why are the changes needed?
   
   Spark currently fails on the first table without sufficient privileges 
during relation resolution. This prevents users from seeing all privileges 
required by a query.
   
   Fix: #10198
   
   ### Does this PR introduce _any_ user-facing change?
   
   Yes. Spark queries now report all inaccessible tables and their required 
Gravitino privileges in one authorization error.
   
   ### How was this patch tested?
   
   - `./gradlew :spark-connector:spark-common:test`
   - Compiled production and test sources for Spark 3.3, 3.4, and 3.5.
   - Added tests for privilege propagation, proxy delegation, aggregated 
reporting, and extension registration.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to