stevenzwu commented on code in PR #14519:
URL: https://github.com/apache/iceberg/pull/14519#discussion_r2528287258
##########
open-api/rest-catalog-open-api.yaml:
##########
@@ -1192,6 +1192,13 @@ paths:
- Catalog API
summary: Load vended credentials for a table from the catalog
operationId: loadCredentials
+ parameters:
+ - name: planId
+ in: query
+ required: false
+ schema:
+ type: string
+ description: The plan ID that has been used for server-side scan
planning
Review Comment:
> My understanding is since the plan-id is issued to a client by the server,
server is aware of authenticated principal / roles, the server knows who this
plan-id was issued to, so that it can then later authorize based on that and
bubble up appropriate 403 error codes if its some other client's plan id is
used. If this brings clarity we can be explicit about this expectation in the
spec.
> There are already rest endpoints such as
/v1/{prefix}/namespaces/{namespace}/tables/{table}/plan/{plan-id}, where the
client can check status of the plan by passing in the plan-id, if the plan-id
is not something the client is authorized to access, the server is expected to
throw 403 is my understanding
thanks @singhpk234 for answering my question in dev thread regarding planId
validation. Should we clarify that server is expected to validate the planId
was issued to the requesting user and return 403 otherwise?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
