This is an automated email from the ASF dual-hosted git repository.
emaynard pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/main by this push:
new 818cd0071 Move more inner classes to top-level classes (#1106)
818cd0071 is described below
commit 818cd007121515188b83794eca6327d97e423c56
Author: Yufei Gu <[email protected]>
AuthorDate: Tue Mar 11 15:39:49 2025 -0700
Move more inner classes to top-level classes (#1106)
Co-authored-by: Yufei Gu <yufei.apache.org>
---
.../polaris/core/auth/PolarisGrantManager.java | 141 +--------------------
.../polaris/core/auth/PolarisSecretsManager.java | 48 +------
.../AtomicOperationMetaStoreManager.java | 5 +
.../LocalPolarisMetaStoreManagerFactory.java | 2 +-
.../core/persistence/MetaStoreManagerFactory.java | 2 +-
.../TransactionWorkspaceMetaStoreManager.java | 5 +
.../persistence/dao/entity/LoadGrantsResult.java | 119 +++++++++++++++++
.../dao/entity/PrincipalSecretsResult.java | 67 ++++++++++
.../persistence/dao/entity/PrivilegeResult.java | 66 ++++++++++
.../dao/entity/ScopedCredentialsResult.java | 72 +++++++++++
.../dao/entity/ValidateAccessResult.java | 67 ++++++++++
.../transactional/PolarisMetaStoreManagerImpl.java | 5 +
.../core/storage/PolarisCredentialVendor.java | 98 +-------------
.../core/storage/cache/StorageCredentialCache.java | 3 +-
.../storage/cache/StorageCredentialCacheEntry.java | 7 +-
.../storage/cache/StorageCredentialCacheTest.java | 2 +-
.../persistence/PolarisTestMetaStoreManager.java | 2 +-
.../apache/polaris/admintool/BootstrapCommand.java | 2 +-
.../service/quarkus/auth/JWTRSAKeyPairTest.java | 2 +-
.../quarkus/auth/JWTSymmetricKeyGeneratorTest.java | 3 +-
.../quarkus/catalog/BasePolarisCatalogTest.java | 2 +-
.../polaris/service/admin/PolarisAdminService.java | 2 +-
.../service/auth/DefaultActiveRolesProvider.java | 4 +-
.../polaris/service/auth/TestOAuth2ApiService.java | 2 +-
.../apache/polaris/service/auth/TokenBroker.java | 2 +-
.../InMemoryPolarisMetaStoreManagerFactory.java | 2 +-
26 files changed, 431 insertions(+), 301 deletions(-)
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisGrantManager.java
b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisGrantManager.java
index 60c2ba925..55177860f 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisGrantManager.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisGrantManager.java
@@ -18,20 +18,15 @@
*/
package org.apache.polaris.core.auth;
-import com.fasterxml.jackson.annotation.JsonCreator;
-import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.fasterxml.jackson.annotation.JsonProperty;
import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
import org.apache.polaris.core.PolarisCallContext;
import org.apache.polaris.core.entity.PolarisBaseEntity;
import org.apache.polaris.core.entity.PolarisEntityCore;
-import org.apache.polaris.core.entity.PolarisGrantRecord;
import org.apache.polaris.core.entity.PolarisPrivilege;
-import org.apache.polaris.core.persistence.dao.entity.BaseResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrivilegeResult;
/** Manage grants for Polaris entities. */
public interface PolarisGrantManager {
@@ -170,136 +165,4 @@ public interface PolarisGrantManager {
@Nonnull
LoadGrantsResult loadGrantsToGrantee(
PolarisCallContext callCtx, long granteeCatalogId, long granteeId);
-
- /** Result of a grant/revoke privilege call */
- class PrivilegeResult extends BaseResult {
-
- // null if not success.
- private final PolarisGrantRecord grantRecord;
-
- /**
- * Constructor for an error
- *
- * @param errorCode error code, cannot be SUCCESS
- * @param extraInformation extra information
- */
- public PrivilegeResult(
- @Nonnull BaseResult.ReturnStatus errorCode, @Nullable String
extraInformation) {
- super(errorCode, extraInformation);
- this.grantRecord = null;
- }
-
- /**
- * Constructor for success
- *
- * @param grantRecord grant record being granted or revoked
- */
- public PrivilegeResult(@Nonnull PolarisGrantRecord grantRecord) {
- super(BaseResult.ReturnStatus.SUCCESS);
- this.grantRecord = grantRecord;
- }
-
- @JsonCreator
- private PrivilegeResult(
- @JsonProperty("returnStatus") @Nonnull BaseResult.ReturnStatus
returnStatus,
- @JsonProperty("extraInformation") String extraInformation,
- @JsonProperty("grantRecord") PolarisGrantRecord grantRecord) {
- super(returnStatus, extraInformation);
- this.grantRecord = grantRecord;
- }
-
- public PolarisGrantRecord getGrantRecord() {
- return grantRecord;
- }
- }
-
- /** Result of a load grants call */
- class LoadGrantsResult extends BaseResult {
- // true if success. If false, the caller should retry because of some
concurrent change
- private final int grantsVersion;
-
- // null if not success. Else set of grants records on a securable or to a
grantee
- private final List<PolarisGrantRecord> grantRecords;
-
- // null if not success. Else, for each grant record, list of securable or
grantee entities
- private final List<PolarisBaseEntity> entities;
-
- /**
- * Constructor for an error
- *
- * @param errorCode error code, cannot be SUCCESS
- * @param extraInformation extra information
- */
- public LoadGrantsResult(
- @Nonnull BaseResult.ReturnStatus errorCode, @Nullable String
extraInformation) {
- super(errorCode, extraInformation);
- this.grantsVersion = 0;
- this.grantRecords = null;
- this.entities = null;
- }
-
- /**
- * Constructor for success
- *
- * @param grantsVersion version of the grants
- * @param grantRecords set of grant records
- */
- public LoadGrantsResult(
- int grantsVersion,
- @Nonnull List<PolarisGrantRecord> grantRecords,
- List<PolarisBaseEntity> entities) {
- super(BaseResult.ReturnStatus.SUCCESS);
- this.grantsVersion = grantsVersion;
- this.grantRecords = grantRecords;
- this.entities = entities;
- }
-
- @JsonCreator
- private LoadGrantsResult(
- @JsonProperty("returnStatus") @Nonnull BaseResult.ReturnStatus
returnStatus,
- @JsonProperty("extraInformation") String extraInformation,
- @JsonProperty("grantsVersion") int grantsVersion,
- @JsonProperty("grantRecords") List<PolarisGrantRecord> grantRecords,
- @JsonProperty("entities") List<PolarisBaseEntity> entities) {
- super(returnStatus, extraInformation);
- this.grantsVersion = grantsVersion;
- this.grantRecords = grantRecords;
- // old GS code might not serialize this argument
- this.entities = entities;
- }
-
- public int getGrantsVersion() {
- return grantsVersion;
- }
-
- public List<PolarisGrantRecord> getGrantRecords() {
- return grantRecords;
- }
-
- public List<PolarisBaseEntity> getEntities() {
- return entities;
- }
-
- @JsonIgnore
- public Map<Long, PolarisBaseEntity> getEntitiesAsMap() {
- return (this.getEntities() == null)
- ? null
- : this.getEntities().stream()
- .collect(Collectors.toMap(PolarisBaseEntity::getId, entity ->
entity));
- }
-
- @Override
- public String toString() {
- return "LoadGrantsResult{"
- + "grantsVersion="
- + grantsVersion
- + ", grantRecords="
- + grantRecords
- + ", entities="
- + entities
- + ", returnStatus="
- + getReturnStatus()
- + '}';
- }
- }
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisSecretsManager.java
b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisSecretsManager.java
index fa5c4cd34..553feacf7 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisSecretsManager.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisSecretsManager.java
@@ -18,13 +18,9 @@
*/
package org.apache.polaris.core.auth;
-import com.fasterxml.jackson.annotation.JsonCreator;
-import com.fasterxml.jackson.annotation.JsonProperty;
import jakarta.annotation.Nonnull;
-import jakarta.annotation.Nullable;
import org.apache.polaris.core.PolarisCallContext;
-import org.apache.polaris.core.entity.PolarisPrincipalSecrets;
-import org.apache.polaris.core.persistence.dao.entity.BaseResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
/** Manages secrets for Polaris principals. */
public interface PolarisSecretsManager {
@@ -58,46 +54,4 @@ public interface PolarisSecretsManager {
long principalId,
boolean reset,
@Nonnull String oldSecretHash);
-
- /** the result of load/rotate principal secrets */
- class PrincipalSecretsResult extends BaseResult {
-
- // principal client identifier and associated secrets. Null if error
- private final PolarisPrincipalSecrets principalSecrets;
-
- /**
- * Constructor for an error
- *
- * @param errorCode error code, cannot be SUCCESS
- * @param extraInformation extra information
- */
- public PrincipalSecretsResult(
- @Nonnull BaseResult.ReturnStatus errorCode, @Nullable String
extraInformation) {
- super(errorCode, extraInformation);
- this.principalSecrets = null;
- }
-
- /**
- * Constructor for success
- *
- * @param principalSecrets and associated secret information
- */
- public PrincipalSecretsResult(@Nonnull PolarisPrincipalSecrets
principalSecrets) {
- super(BaseResult.ReturnStatus.SUCCESS);
- this.principalSecrets = principalSecrets;
- }
-
- @JsonCreator
- private PrincipalSecretsResult(
- @JsonProperty("returnStatus") @Nonnull BaseResult.ReturnStatus
returnStatus,
- @JsonProperty("extraInformation") @Nullable String extraInformation,
- @JsonProperty("principalSecrets") @Nonnull PolarisPrincipalSecrets
principalSecrets) {
- super(returnStatus, extraInformation);
- this.principalSecrets = principalSecrets;
- }
-
- public PolarisPrincipalSecrets getPrincipalSecrets() {
- return principalSecrets;
- }
- }
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
index df3192c59..591edbdc5 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java
@@ -55,7 +55,12 @@ import
org.apache.polaris.core.persistence.dao.entity.EntitiesResult;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
import org.apache.polaris.core.persistence.dao.entity.EntityWithPath;
import org.apache.polaris.core.persistence.dao.entity.ListEntitiesResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrivilegeResult;
import org.apache.polaris.core.persistence.dao.entity.ResolvedEntityResult;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
+import org.apache.polaris.core.persistence.dao.entity.ValidateAccessResult;
import org.apache.polaris.core.storage.PolarisCredentialProperty;
import org.apache.polaris.core.storage.PolarisStorageActions;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
index 9af4e1763..104306c85 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java
@@ -26,7 +26,6 @@ import java.util.function.Supplier;
import org.apache.polaris.core.PolarisCallContext;
import org.apache.polaris.core.PolarisDefaultDiagServiceImpl;
import org.apache.polaris.core.PolarisDiagnostics;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.context.RealmContext;
import org.apache.polaris.core.entity.PolarisEntity;
@@ -38,6 +37,7 @@ import
org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
import org.apache.polaris.core.persistence.cache.EntityCache;
import org.apache.polaris.core.persistence.dao.entity.BaseResult;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import
org.apache.polaris.core.persistence.transactional.PolarisMetaStoreManagerImpl;
import
org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
import org.apache.polaris.core.storage.cache.StorageCredentialCache;
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java
index ee5d99bb4..b398cea91 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java
@@ -20,11 +20,11 @@ package org.apache.polaris.core.persistence;
import java.util.Map;
import java.util.function.Supplier;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.context.RealmContext;
import org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
import org.apache.polaris.core.persistence.cache.EntityCache;
import org.apache.polaris.core.persistence.dao.entity.BaseResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import
org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
import org.apache.polaris.core.storage.cache.StorageCredentialCache;
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/TransactionWorkspaceMetaStoreManager.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/TransactionWorkspaceMetaStoreManager.java
index 2691023a3..8ca542b1a 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/TransactionWorkspaceMetaStoreManager.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/TransactionWorkspaceMetaStoreManager.java
@@ -43,7 +43,12 @@ import
org.apache.polaris.core.persistence.dao.entity.EntityResult;
import org.apache.polaris.core.persistence.dao.entity.EntityWithPath;
import org.apache.polaris.core.persistence.dao.entity.GenerateEntityIdResult;
import org.apache.polaris.core.persistence.dao.entity.ListEntitiesResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrivilegeResult;
import org.apache.polaris.core.persistence.dao.entity.ResolvedEntityResult;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
+import org.apache.polaris.core.persistence.dao.entity.ValidateAccessResult;
import org.apache.polaris.core.storage.PolarisStorageActions;
/**
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/LoadGrantsResult.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/LoadGrantsResult.java
new file mode 100644
index 000000000..4eaa25da3
--- /dev/null
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/LoadGrantsResult.java
@@ -0,0 +1,119 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.polaris.core.persistence.dao.entity;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+import org.apache.polaris.core.entity.PolarisBaseEntity;
+import org.apache.polaris.core.entity.PolarisGrantRecord;
+
+/** Result of a load grants call */
+public class LoadGrantsResult extends BaseResult {
+ // true if success. If false, the caller should retry because of some
concurrent change
+ private final int grantsVersion;
+
+ // null if not success. Else set of grants records on a securable or to a
grantee
+ private final List<PolarisGrantRecord> grantRecords;
+
+ // null if not success. Else, for each grant record, list of securable or
grantee entities
+ private final List<PolarisBaseEntity> entities;
+
+ /**
+ * Constructor for an error
+ *
+ * @param errorCode error code, cannot be SUCCESS
+ * @param extraInformation extra information
+ */
+ public LoadGrantsResult(@Nonnull ReturnStatus errorCode, @Nullable String
extraInformation) {
+ super(errorCode, extraInformation);
+ this.grantsVersion = 0;
+ this.grantRecords = null;
+ this.entities = null;
+ }
+
+ /**
+ * Constructor for success
+ *
+ * @param grantsVersion version of the grants
+ * @param grantRecords set of grant records
+ */
+ public LoadGrantsResult(
+ int grantsVersion,
+ @Nonnull List<PolarisGrantRecord> grantRecords,
+ List<PolarisBaseEntity> entities) {
+ super(ReturnStatus.SUCCESS);
+ this.grantsVersion = grantsVersion;
+ this.grantRecords = grantRecords;
+ this.entities = entities;
+ }
+
+ @JsonCreator
+ private LoadGrantsResult(
+ @JsonProperty("returnStatus") @Nonnull ReturnStatus returnStatus,
+ @JsonProperty("extraInformation") String extraInformation,
+ @JsonProperty("grantsVersion") int grantsVersion,
+ @JsonProperty("grantRecords") List<PolarisGrantRecord> grantRecords,
+ @JsonProperty("entities") List<PolarisBaseEntity> entities) {
+ super(returnStatus, extraInformation);
+ this.grantsVersion = grantsVersion;
+ this.grantRecords = grantRecords;
+ // old GS code might not serialize this argument
+ this.entities = entities;
+ }
+
+ public int getGrantsVersion() {
+ return grantsVersion;
+ }
+
+ public List<PolarisGrantRecord> getGrantRecords() {
+ return grantRecords;
+ }
+
+ public List<PolarisBaseEntity> getEntities() {
+ return entities;
+ }
+
+ @JsonIgnore
+ public Map<Long, PolarisBaseEntity> getEntitiesAsMap() {
+ return (this.getEntities() == null)
+ ? null
+ : this.getEntities().stream()
+ .collect(Collectors.toMap(PolarisBaseEntity::getId, entity ->
entity));
+ }
+
+ @Override
+ public String toString() {
+ return "LoadGrantsResult{"
+ + "grantsVersion="
+ + grantsVersion
+ + ", grantRecords="
+ + grantRecords
+ + ", entities="
+ + entities
+ + ", returnStatus="
+ + getReturnStatus()
+ + '}';
+ }
+}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/PrincipalSecretsResult.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/PrincipalSecretsResult.java
new file mode 100644
index 000000000..ed00ffef8
--- /dev/null
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/PrincipalSecretsResult.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.polaris.core.persistence.dao.entity;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import org.apache.polaris.core.entity.PolarisPrincipalSecrets;
+
+/** the result of load/rotate principal secrets */
+public class PrincipalSecretsResult extends BaseResult {
+
+ // principal client identifier and associated secrets. Null if error
+ private final PolarisPrincipalSecrets principalSecrets;
+
+ /**
+ * Constructor for an error
+ *
+ * @param errorCode error code, cannot be SUCCESS
+ * @param extraInformation extra information
+ */
+ public PrincipalSecretsResult(
+ @Nonnull ReturnStatus errorCode, @Nullable String extraInformation) {
+ super(errorCode, extraInformation);
+ this.principalSecrets = null;
+ }
+
+ /**
+ * Constructor for success
+ *
+ * @param principalSecrets and associated secret information
+ */
+ public PrincipalSecretsResult(@Nonnull PolarisPrincipalSecrets
principalSecrets) {
+ super(ReturnStatus.SUCCESS);
+ this.principalSecrets = principalSecrets;
+ }
+
+ @JsonCreator
+ private PrincipalSecretsResult(
+ @JsonProperty("returnStatus") @Nonnull ReturnStatus returnStatus,
+ @JsonProperty("extraInformation") @Nullable String extraInformation,
+ @JsonProperty("principalSecrets") @Nonnull PolarisPrincipalSecrets
principalSecrets) {
+ super(returnStatus, extraInformation);
+ this.principalSecrets = principalSecrets;
+ }
+
+ public PolarisPrincipalSecrets getPrincipalSecrets() {
+ return principalSecrets;
+ }
+}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/PrivilegeResult.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/PrivilegeResult.java
new file mode 100644
index 000000000..a78c91674
--- /dev/null
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/PrivilegeResult.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.polaris.core.persistence.dao.entity;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import org.apache.polaris.core.entity.PolarisGrantRecord;
+
+/** Result of a grant/revoke privilege call */
+public class PrivilegeResult extends BaseResult {
+
+ // null if not success.
+ private final PolarisGrantRecord grantRecord;
+
+ /**
+ * Constructor for an error
+ *
+ * @param errorCode error code, cannot be SUCCESS
+ * @param extraInformation extra information
+ */
+ public PrivilegeResult(@Nonnull ReturnStatus errorCode, @Nullable String
extraInformation) {
+ super(errorCode, extraInformation);
+ this.grantRecord = null;
+ }
+
+ /**
+ * Constructor for success
+ *
+ * @param grantRecord grant record being granted or revoked
+ */
+ public PrivilegeResult(@Nonnull PolarisGrantRecord grantRecord) {
+ super(ReturnStatus.SUCCESS);
+ this.grantRecord = grantRecord;
+ }
+
+ @JsonCreator
+ private PrivilegeResult(
+ @JsonProperty("returnStatus") @Nonnull ReturnStatus returnStatus,
+ @JsonProperty("extraInformation") String extraInformation,
+ @JsonProperty("grantRecord") PolarisGrantRecord grantRecord) {
+ super(returnStatus, extraInformation);
+ this.grantRecord = grantRecord;
+ }
+
+ public PolarisGrantRecord getGrantRecord() {
+ return grantRecord;
+ }
+}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
new file mode 100644
index 000000000..2de1609d7
--- /dev/null
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ScopedCredentialsResult.java
@@ -0,0 +1,72 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.polaris.core.persistence.dao.entity;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import java.util.EnumMap;
+import java.util.Map;
+import org.apache.polaris.core.storage.PolarisCredentialProperty;
+
+/** Result of a getSubscopedCredsForEntity() call */
+public class ScopedCredentialsResult extends BaseResult {
+
+ // null if not success. Else, set of name/value pairs for the credentials
+ private final EnumMap<PolarisCredentialProperty, String> credentials;
+
+ /**
+ * Constructor for an error
+ *
+ * @param errorCode error code, cannot be SUCCESS
+ * @param extraInformation extra information
+ */
+ public ScopedCredentialsResult(
+ @Nonnull ReturnStatus errorCode, @Nullable String extraInformation) {
+ super(errorCode, extraInformation);
+ this.credentials = null;
+ }
+
+ /**
+ * Constructor for success
+ *
+ * @param credentials credentials
+ */
+ public ScopedCredentialsResult(@Nonnull EnumMap<PolarisCredentialProperty,
String> credentials) {
+ super(ReturnStatus.SUCCESS);
+ this.credentials = credentials;
+ }
+
+ @JsonCreator
+ private ScopedCredentialsResult(
+ @JsonProperty("returnStatus") @Nonnull ReturnStatus returnStatus,
+ @JsonProperty("extraInformation") String extraInformation,
+ @JsonProperty("credentials") Map<String, String> credentials) {
+ super(returnStatus, extraInformation);
+ this.credentials = new EnumMap<>(PolarisCredentialProperty.class);
+ if (credentials != null) {
+ credentials.forEach((k, v) ->
this.credentials.put(PolarisCredentialProperty.valueOf(k), v));
+ }
+ }
+
+ public EnumMap<PolarisCredentialProperty, String> getCredentials() {
+ return credentials;
+ }
+}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ValidateAccessResult.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ValidateAccessResult.java
new file mode 100644
index 000000000..61bc6bd28
--- /dev/null
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/dao/entity/ValidateAccessResult.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.polaris.core.persistence.dao.entity;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.annotation.Nonnull;
+import jakarta.annotation.Nullable;
+import java.util.Map;
+
+/** Result of a validateAccessToLocations() call */
+public class ValidateAccessResult extends BaseResult {
+
+ // null if not success. Else, set of location/validationResult pairs for
each location in the
+ // set
+ private final Map<String, String> validateResult;
+
+ /**
+ * Constructor for an error
+ *
+ * @param errorCode error code, cannot be SUCCESS
+ * @param extraInformation extra information
+ */
+ public ValidateAccessResult(@Nonnull ReturnStatus errorCode, @Nullable
String extraInformation) {
+ super(errorCode, extraInformation);
+ this.validateResult = null;
+ }
+
+ /**
+ * Constructor for success
+ *
+ * @param validateResult validate result
+ */
+ public ValidateAccessResult(@Nonnull Map<String, String> validateResult) {
+ super(ReturnStatus.SUCCESS);
+ this.validateResult = validateResult;
+ }
+
+ @JsonCreator
+ private ValidateAccessResult(
+ @JsonProperty("returnStatus") @Nonnull ReturnStatus returnStatus,
+ @JsonProperty("extraInformation") String extraInformation,
+ @JsonProperty("validateResult") Map<String, String> validateResult) {
+ super(returnStatus, extraInformation);
+ this.validateResult = validateResult;
+ }
+
+ public Map<String, String> getValidateResult() {
+ return this.validateResult;
+ }
+}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/PolarisMetaStoreManagerImpl.java
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/PolarisMetaStoreManagerImpl.java
index e89bc3a45..17ba13ab1 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/PolarisMetaStoreManagerImpl.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/PolarisMetaStoreManagerImpl.java
@@ -56,7 +56,12 @@ import
org.apache.polaris.core.persistence.dao.entity.EntitiesResult;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
import org.apache.polaris.core.persistence.dao.entity.EntityWithPath;
import org.apache.polaris.core.persistence.dao.entity.ListEntitiesResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
+import org.apache.polaris.core.persistence.dao.entity.PrivilegeResult;
import org.apache.polaris.core.persistence.dao.entity.ResolvedEntityResult;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
+import org.apache.polaris.core.persistence.dao.entity.ValidateAccessResult;
import org.apache.polaris.core.storage.PolarisCredentialProperty;
import org.apache.polaris.core.storage.PolarisStorageActions;
import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisCredentialVendor.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisCredentialVendor.java
index 6a51fba8b..536311afa 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisCredentialVendor.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisCredentialVendor.java
@@ -18,16 +18,12 @@
*/
package org.apache.polaris.core.storage;
-import com.fasterxml.jackson.annotation.JsonCreator;
-import com.fasterxml.jackson.annotation.JsonProperty;
import jakarta.annotation.Nonnull;
-import jakarta.annotation.Nullable;
-import java.util.EnumMap;
-import java.util.Map;
import java.util.Set;
import org.apache.polaris.core.PolarisCallContext;
import org.apache.polaris.core.entity.PolarisEntityType;
-import org.apache.polaris.core.persistence.dao.entity.BaseResult;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
+import org.apache.polaris.core.persistence.dao.entity.ValidateAccessResult;
/** Manage credentials for storage locations. */
public interface PolarisCredentialVendor {
@@ -95,94 +91,4 @@ public interface PolarisCredentialVendor {
PolarisEntityType entityType,
@Nonnull Set<PolarisStorageActions> actions,
@Nonnull Set<String> locations);
-
- /** Result of a getSubscopedCredsForEntity() call */
- class ScopedCredentialsResult extends BaseResult {
-
- // null if not success. Else, set of name/value pairs for the credentials
- private final EnumMap<PolarisCredentialProperty, String> credentials;
-
- /**
- * Constructor for an error
- *
- * @param errorCode error code, cannot be SUCCESS
- * @param extraInformation extra information
- */
- public ScopedCredentialsResult(
- @Nonnull BaseResult.ReturnStatus errorCode, @Nullable String
extraInformation) {
- super(errorCode, extraInformation);
- this.credentials = null;
- }
-
- /**
- * Constructor for success
- *
- * @param credentials credentials
- */
- public ScopedCredentialsResult(
- @Nonnull EnumMap<PolarisCredentialProperty, String> credentials) {
- super(BaseResult.ReturnStatus.SUCCESS);
- this.credentials = credentials;
- }
-
- @JsonCreator
- private ScopedCredentialsResult(
- @JsonProperty("returnStatus") @Nonnull BaseResult.ReturnStatus
returnStatus,
- @JsonProperty("extraInformation") String extraInformation,
- @JsonProperty("credentials") Map<String, String> credentials) {
- super(returnStatus, extraInformation);
- this.credentials = new EnumMap<>(PolarisCredentialProperty.class);
- if (credentials != null) {
- credentials.forEach(
- (k, v) ->
this.credentials.put(PolarisCredentialProperty.valueOf(k), v));
- }
- }
-
- public EnumMap<PolarisCredentialProperty, String> getCredentials() {
- return credentials;
- }
- }
-
- /** Result of a validateAccessToLocations() call */
- class ValidateAccessResult extends BaseResult {
-
- // null if not success. Else, set of location/validationResult pairs for
each location in the
- // set
- private final Map<String, String> validateResult;
-
- /**
- * Constructor for an error
- *
- * @param errorCode error code, cannot be SUCCESS
- * @param extraInformation extra information
- */
- public ValidateAccessResult(
- @Nonnull BaseResult.ReturnStatus errorCode, @Nullable String
extraInformation) {
- super(errorCode, extraInformation);
- this.validateResult = null;
- }
-
- /**
- * Constructor for success
- *
- * @param validateResult validate result
- */
- public ValidateAccessResult(@Nonnull Map<String, String> validateResult) {
- super(BaseResult.ReturnStatus.SUCCESS);
- this.validateResult = validateResult;
- }
-
- @JsonCreator
- private ValidateAccessResult(
- @JsonProperty("returnStatus") @Nonnull BaseResult.ReturnStatus
returnStatus,
- @JsonProperty("extraInformation") String extraInformation,
- @JsonProperty("validateResult") Map<String, String> validateResult) {
- super(returnStatus, extraInformation);
- this.validateResult = validateResult;
- }
-
- public Map<String, String> getValidateResult() {
- return this.validateResult;
- }
- }
}
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
index e92053852..bfc75214c 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCache.java
@@ -32,6 +32,7 @@ import org.apache.polaris.core.PolarisCallContext;
import org.apache.polaris.core.PolarisConfiguration;
import org.apache.polaris.core.entity.PolarisEntity;
import org.apache.polaris.core.entity.PolarisEntityType;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
import org.apache.polaris.core.storage.PolarisCredentialVendor;
import org.jetbrains.annotations.VisibleForTesting;
import org.slf4j.Logger;
@@ -143,7 +144,7 @@ public class StorageCredentialCache {
Function<StorageCredentialCacheKey, StorageCredentialCacheEntry> loader =
k -> {
LOGGER.atDebug().log("StorageCredentialCache::load");
- PolarisCredentialVendor.ScopedCredentialsResult
scopedCredentialsResult =
+ ScopedCredentialsResult scopedCredentialsResult =
credentialVendor.getSubscopedCredsForEntity(
k.getCallContext(),
k.getCatalogId(),
diff --git
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
index 71068e936..ae799457f 100644
---
a/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
+++
b/polaris-core/src/main/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheEntry.java
@@ -21,18 +21,17 @@ package org.apache.polaris.core.storage.cache;
import java.util.EnumMap;
import java.util.HashMap;
import java.util.Map;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
import org.apache.polaris.core.storage.PolarisCredentialProperty;
-import org.apache.polaris.core.storage.PolarisCredentialVendor;
/** A storage credential cached entry. */
public class StorageCredentialCacheEntry {
/** The scoped creds map that is fetched from a creds vending service */
public final EnumMap<PolarisCredentialProperty, String> credsMap;
- private final PolarisCredentialVendor.ScopedCredentialsResult
scopedCredentialsResult;
+ private final ScopedCredentialsResult scopedCredentialsResult;
- public StorageCredentialCacheEntry(
- PolarisCredentialVendor.ScopedCredentialsResult scopedCredentialsResult)
{
+ public StorageCredentialCacheEntry(ScopedCredentialsResult
scopedCredentialsResult) {
this.scopedCredentialsResult = scopedCredentialsResult;
this.credsMap = scopedCredentialsResult.getCredentials();
}
diff --git
a/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
b/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
index 74182eac1..ee00860f0 100644
---
a/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
+++
b/polaris-core/src/test/java/org/apache/polaris/core/storage/cache/StorageCredentialCacheTest.java
@@ -40,11 +40,11 @@ import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.PolarisObjectMapperUtil;
import org.apache.polaris.core.persistence.dao.entity.BaseResult;
+import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
import
org.apache.polaris.core.persistence.transactional.PolarisTreeMapMetaStoreSessionImpl;
import org.apache.polaris.core.persistence.transactional.PolarisTreeMapStore;
import
org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
import org.apache.polaris.core.storage.PolarisCredentialProperty;
-import
org.apache.polaris.core.storage.PolarisCredentialVendor.ScopedCredentialsResult;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.RepeatedTest;
import org.junit.jupiter.api.Test;
diff --git
a/polaris-core/src/testFixtures/java/org/apache/polaris/core/persistence/PolarisTestMetaStoreManager.java
b/polaris-core/src/testFixtures/java/org/apache/polaris/core/persistence/PolarisTestMetaStoreManager.java
index 81271305c..b85485de1 100644
---
a/polaris-core/src/testFixtures/java/org/apache/polaris/core/persistence/PolarisTestMetaStoreManager.java
+++
b/polaris-core/src/testFixtures/java/org/apache/polaris/core/persistence/PolarisTestMetaStoreManager.java
@@ -29,7 +29,6 @@ import java.util.Map;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.polaris.core.PolarisCallContext;
-import org.apache.polaris.core.auth.PolarisGrantManager.LoadGrantsResult;
import org.apache.polaris.core.entity.EntityNameLookupRecord;
import org.apache.polaris.core.entity.PolarisBaseEntity;
import org.apache.polaris.core.entity.PolarisChangeTrackingVersions;
@@ -48,6 +47,7 @@ import
org.apache.polaris.core.persistence.dao.entity.CreateCatalogResult;
import org.apache.polaris.core.persistence.dao.entity.CreatePrincipalResult;
import org.apache.polaris.core.persistence.dao.entity.DropEntityResult;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
import org.apache.polaris.core.persistence.dao.entity.ResolvedEntityResult;
import org.assertj.core.api.Assertions;
diff --git
a/quarkus/admin/src/main/java/org/apache/polaris/admintool/BootstrapCommand.java
b/quarkus/admin/src/main/java/org/apache/polaris/admintool/BootstrapCommand.java
index bc8539414..8ddb35095 100644
---
a/quarkus/admin/src/main/java/org/apache/polaris/admintool/BootstrapCommand.java
+++
b/quarkus/admin/src/main/java/org/apache/polaris/admintool/BootstrapCommand.java
@@ -21,8 +21,8 @@ package org.apache.polaris.admintool;
import java.nio.file.Path;
import java.util.List;
import java.util.Map;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import picocli.CommandLine;
@CommandLine.Command(
diff --git
a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTRSAKeyPairTest.java
b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTRSAKeyPairTest.java
index d48db6157..84ca59926 100644
---
a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTRSAKeyPairTest.java
+++
b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTRSAKeyPairTest.java
@@ -30,13 +30,13 @@ import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import org.apache.polaris.core.PolarisCallContext;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.entity.PolarisBaseEntity;
import org.apache.polaris.core.entity.PolarisEntitySubType;
import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.entity.PolarisPrincipalSecrets;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import org.apache.polaris.service.auth.JWTRSAKeyPair;
import org.apache.polaris.service.auth.LocalRSAKeyProvider;
import org.apache.polaris.service.auth.PemUtils;
diff --git
a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTSymmetricKeyGeneratorTest.java
b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTSymmetricKeyGeneratorTest.java
index b12fd9fc2..fed5d20db 100644
---
a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTSymmetricKeyGeneratorTest.java
+++
b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/JWTSymmetricKeyGeneratorTest.java
@@ -34,6 +34,7 @@ import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.entity.PolarisPrincipalSecrets;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import org.apache.polaris.service.auth.JWTSymmetricKeyBroker;
import org.apache.polaris.service.auth.TokenBroker;
import org.apache.polaris.service.auth.TokenRequestValidator;
@@ -71,7 +72,7 @@ public class JWTSymmetricKeyGeneratorTest {
PolarisPrincipalSecrets principalSecrets =
new PolarisPrincipalSecrets(1L, clientId, mainSecret, "otherSecret");
Mockito.when(metastoreManager.loadPrincipalSecrets(polarisCallContext,
clientId))
- .thenReturn(new
PolarisMetaStoreManager.PrincipalSecretsResult(principalSecrets));
+ .thenReturn(new PrincipalSecretsResult(principalSecrets));
PolarisBaseEntity principal =
new PolarisBaseEntity(
0L,
diff --git
a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java
b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java
index e51ded52f..aef75c2dd 100644
---
a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java
+++
b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java
@@ -79,7 +79,6 @@ import
org.apache.polaris.core.admin.model.AwsStorageConfigInfo;
import org.apache.polaris.core.admin.model.StorageConfigInfo;
import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal;
import org.apache.polaris.core.auth.PolarisAuthorizerImpl;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.context.RealmContext;
import org.apache.polaris.core.entity.CatalogEntity;
@@ -97,6 +96,7 @@ import
org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
import org.apache.polaris.core.persistence.cache.EntityCache;
import org.apache.polaris.core.persistence.dao.entity.BaseResult;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import
org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
import org.apache.polaris.core.storage.PolarisCredentialProperty;
import org.apache.polaris.core.storage.PolarisStorageActions;
diff --git
a/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java
b/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java
index c05a6b2a3..21d30c1d8 100644
---
a/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java
+++
b/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java
@@ -65,7 +65,6 @@ import org.apache.polaris.core.admin.model.ViewPrivilege;
import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal;
import org.apache.polaris.core.auth.PolarisAuthorizableOperation;
import org.apache.polaris.core.auth.PolarisAuthorizer;
-import org.apache.polaris.core.auth.PolarisGrantManager.LoadGrantsResult;
import org.apache.polaris.core.catalog.PolarisCatalogHelpers;
import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.entity.CatalogEntity;
@@ -88,6 +87,7 @@ import
org.apache.polaris.core.persistence.dao.entity.CreateCatalogResult;
import org.apache.polaris.core.persistence.dao.entity.CreatePrincipalResult;
import org.apache.polaris.core.persistence.dao.entity.DropEntityResult;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
import org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest;
import org.apache.polaris.core.persistence.resolver.ResolverPath;
import org.apache.polaris.core.persistence.resolver.ResolverStatus;
diff --git
a/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java
b/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java
index 95ed838ca..ba0444ac3 100644
---
a/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java
+++
b/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java
@@ -28,7 +28,6 @@ import java.util.stream.Collectors;
import org.apache.iceberg.exceptions.NotAuthorizedException;
import org.apache.polaris.core.PolarisCallContext;
import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal;
-import org.apache.polaris.core.auth.PolarisGrantManager;
import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.context.RealmContext;
import org.apache.polaris.core.entity.PolarisEntity;
@@ -37,6 +36,7 @@ import org.apache.polaris.core.entity.PrincipalRoleEntity;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.LoadGrantsResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -67,7 +67,7 @@ public class DefaultActiveRolesProvider implements
ActiveRolesProvider {
protected List<PrincipalRoleEntity> loadActivePrincipalRoles(
Set<String> tokenRoles, PolarisEntity principal, PolarisMetaStoreManager
metaStoreManager) {
PolarisCallContext polarisContext =
CallContext.getCurrentContext().getPolarisCallContext();
- PolarisGrantManager.LoadGrantsResult principalGrantResults =
+ LoadGrantsResult principalGrantResults =
metaStoreManager.loadGrantsToGrantee(polarisContext, principal);
polarisContext
.getDiagServices()
diff --git
a/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java
b/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java
index 5b1361771..fefa71090 100644
---
a/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java
+++
b/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java
@@ -28,7 +28,6 @@ import java.util.Map;
import java.util.Objects;
import org.apache.iceberg.exceptions.NotAuthorizedException;
import org.apache.polaris.core.PolarisCallContext;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.context.CallContext;
import org.apache.polaris.core.context.RealmContext;
import org.apache.polaris.core.entity.PolarisEntitySubType;
@@ -36,6 +35,7 @@ import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.persistence.MetaStoreManagerFactory;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import org.apache.polaris.service.catalog.api.IcebergRestOAuth2ApiService;
import org.apache.polaris.service.types.TokenType;
import org.slf4j.Logger;
diff --git
a/service/common/src/main/java/org/apache/polaris/service/auth/TokenBroker.java
b/service/common/src/main/java/org/apache/polaris/service/auth/TokenBroker.java
index 289600802..b5d242070 100644
---
a/service/common/src/main/java/org/apache/polaris/service/auth/TokenBroker.java
+++
b/service/common/src/main/java/org/apache/polaris/service/auth/TokenBroker.java
@@ -21,11 +21,11 @@ package org.apache.polaris.service.auth;
import jakarta.annotation.Nonnull;
import java.util.Optional;
import org.apache.polaris.core.PolarisCallContext;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.entity.PolarisEntityType;
import org.apache.polaris.core.entity.PrincipalEntity;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.dao.entity.EntityResult;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import org.apache.polaris.service.types.TokenType;
/** Generic token class intended to be extended by different token types */
diff --git
a/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
b/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
index 407d514cb..932e882f3 100644
---
a/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
+++
b/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java
@@ -29,11 +29,11 @@ import java.util.Map;
import java.util.Set;
import java.util.function.Supplier;
import org.apache.polaris.core.PolarisDiagnostics;
-import
org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult;
import org.apache.polaris.core.context.RealmContext;
import org.apache.polaris.core.persistence.LocalPolarisMetaStoreManagerFactory;
import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
import org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
+import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
import
org.apache.polaris.core.persistence.transactional.PolarisTreeMapMetaStoreSessionImpl;
import org.apache.polaris.core.persistence.transactional.PolarisTreeMapStore;
import
org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
