(polaris) branch main updated: Core: Add Java doc for the class PolarisPrivilege (#3757)

Thu, 19 Feb 2026 09:04:35 -0800 

This is an automated email from the ASF dual-hosted git repository.

yufei pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git


The following commit(s) were added to refs/heads/main by this push:
     new d1fbf2e06 Core: Add Java doc for the class PolarisPrivilege (#3757)
d1fbf2e06 is described below

commit d1fbf2e06f679fccda615eefb25240d95f50272b
Author: Yufei Gu <[email protected]>
AuthorDate: Thu Feb 19 09:04:24 2026 -0800

    Core: Add Java doc for the class PolarisPrivilege (#3757)
---
 .../org/apache/polaris/core/entity/PolarisPrivilege.java    | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git 
a/polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java
 
b/polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java
index d76a6d457..636d31aae 100644
--- 
a/polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java
+++ 
b/polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java
@@ -24,7 +24,18 @@ import jakarta.annotation.Nonnull;
 import jakarta.annotation.Nullable;
 import java.util.List;
 
-/** List of privileges */
+/**
+ * Enumerates the privileges used by the built-in RBAC authorizer ({@link
+ * org.apache.polaris.core.auth.PolarisAuthorizerImpl}). In Polaris' RBAC 
model, a
+ * <em>securable</em> is a Polaris entity (such as a catalog, namespace, 
table, or policy) on which
+ * access may be controlled by granting privileges to a grantee (typically a 
catalog role or
+ * principal role). Each privilege in this enum targets a specific {@link 
PolarisEntityType} of
+ * securable and is checked against that securable during authorization.
+ *
+ * <p>Alternative authorizer implementations such as the OPA-based authorizer 
may not use these
+ * privileges. They operate at the {@link 
org.apache.polaris.core.auth.PolarisAuthorizableOperation}
+ * level and delegate all privilege/permission logic to external PDPs.
+ */
 public enum PolarisPrivilege {
   SERVICE_MANAGE_ACCESS(1, PolarisEntityType.ROOT),
   CATALOG_MANAGE_ACCESS(2, PolarisEntityType.CATALOG),

Reply via email to