Hi Flink Community, I'd like to propose an enhancement to the Catalog interface to better support access control scenarios.
Problem Statement For custom catalogs that implement access control, read and write permissions often need to be distinguished. Currently, Flink always invokes Catalog#getTableto look up tables, regardless of whether the operation is for reading or writing. This limitation makes it challenging for catalogs to enforce proper write-level access control. Proposed Solution I've submitted a PR that adds a new variant of getTable method which explicitly indicates when write privileges are required. Key aspects of this implementation: Backward Compatibility: The new method includes a default implementation that calls the existing getTable, ensuring no breaking changes Write Operation Coverage: All write operations (INSERT, UPDATE, DELETE, etc.) will use this new method for table lookup Industry Validation: This approach aligns with Apache Spark's similar interface enhancement (see https://github.com/apache/spark/pull/47772) Reference Materials FLIP Link: https://docs.google.com/document/d/1wf7PGYURa8jH69ISU-xV7HNctaWViZw3t9sy-niuAbI/edit?tab=t.0 JIRA Issue: https://issues.apache.org/jira/browse/FLINK-38848 Pull Request: https://github.com/apache/flink/pull/27389 Previous discussion thread: https://lists.apache.org/thread/gfq316x9vrdwmgpw0hx4r7gpc0qkgvk1 This enhancement would significantly improve catalog implementations' ability to enforce fine-grained access control, particularly important in multi-tenant environments. I'm happy to start a discussion on the dev mailing list if that would be more appropriate for this type of interface change. Looking forward to the community's feedback on this discussion Best Rory
