(polaris) branch main updated: Remove `@RolesAllowed` from generated API code (#875)

Fri, 24 Jan 2025 10:52:40 -0800 

This is an automated email from the ASF dual-hosted git repository.

dimas pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git


The following commit(s) were added to refs/heads/main by this push:
     new 06893c2f Remove `@RolesAllowed` from generated API code (#875)
06893c2f is described below

commit 06893c2f2b3e2f8cb8039f4a2e80c133b412acc6
Author: Dmitri Bourlatchkov <[email protected]>
AuthorDate: Fri Jan 24 13:52:30 2025 -0500

    Remove `@RolesAllowed` from generated API code (#875)
    
    As discussed on the `dev` list, these annotations are no
    longer relevant. `PolarisAuthorizer` is the source of truth
    for access control decisions.
---
 server-templates/api.mustache | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/server-templates/api.mustache b/server-templates/api.mustache
index c097c16c..bf694284 100644
--- a/server-templates/api.mustache
+++ b/server-templates/api.mustache
@@ -105,8 +105,7 @@ public class {{classname}}  {
   @{{httpMethod}}{{#subresourceOperation}}
   @Path("{{{path}}}"){{/subresourceOperation}}{{#hasConsumes}}
   @Consumes({ {{#consumes}}"{{{mediaType}}}"{{^-last}}, 
{{/-last}}{{/consumes}} }){{/hasConsumes}}{{#hasProduces}}
-  @Produces({ {{#produces}}"{{{mediaType}}}"{{^-last}}, 
{{/-last}}{{/produces}} }){{/hasProduces}}{{#hasAuthMethods}}
-  {{#authMethods}}{{#isOAuth}}@RolesAllowed({ 
{{#scopes}}"{{scope}}"{{^-last}}, {{/-last}}{{/scopes}} 
}){{/isOAuth}}{{/authMethods}}{{/hasAuthMethods}}
+  @Produces({ {{#produces}}"{{{mediaType}}}"{{^-last}}, 
{{/-last}}{{/produces}} }){{/hasProduces}}
   @Timed("{{metricsPrefix}}.{{baseName}}.{{nickname}}")
   public Response {{nickname}}({{#isMultipart}}MultipartFormDataInput 
input,{{/isMultipart}}{{#allParams}}{{>queryParams}}{{>pathParams}}{{>headerParams}}{{>bodyParams}}{{^isMultipart}}{{>formParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}@Context
 @MeterTag(key="realm_id",expression="realm.id") RealmId realmId,@Context 
SecurityContext securityContext) {
 {{! Don't log form or header params in case there are secrets, e.g., OAuth 
tokens }}

Reply via email to