Re: [PR] [SPEC] Add finer grained read restrictions as part of loadTable [iceberg]

Thu, 11 Jun 2026 14:57:49 -0700 


rdblue commented on code in PR #13879:
URL: https://github.com/apache/iceberg/pull/13879#discussion_r3399420988


##########
open-api/rest-catalog-open-api.yaml:
##########
@@ -3632,6 +3632,343 @@ components:
           additionalProperties:
             type: string
 
+    ReadRestrictions:
+      type: object
+      description: >
+          Read restrictions for a table, including column projections and row 
filter expressions.
+
+          A client SHOULD support the read-restrictions field. If a client 
supports
+          read-restrictions, it MUST fail if it cannot apply any returned 
restriction
+          (including unrecognized action or expression types). Read 
restrictions returned
+          in a loadTable response apply to every read operation on the loaded 
table
+          performed using this response, including subsequent planTableScan and
+          fetchScanTasks calls.
+
+          In this section, "reader" refers to the read-side actor that applies 
restrictions
+          per row or per column. "Engine" refers to the broader 
query-execution context
+          that defines query lifetime and scope (e.g. a SQL session, a single 
PyIceberg
+          scan), and is the actor responsible for query-scoped behavior such 
as salt
+          generation in sha-256-query-local.
+
+          These restrictions apply only to the authenticated principal, user, 
or account
+          associated with the request. They MUST NOT be interpreted as global 
policy and
+          MUST NOT be applied beyond the entity identified by the 
Authentication header
+          (or other applicable authentication mechanism).

Review Comment:
   I think this goes beyond what we need to say, but I'm fine with the idea 
overall. I would also say that this is better to say when associated with an 
endpoint. We could later reuse this object in ways where this paragraph makes 
no sense.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to