andrew4699 commented on code in PR #864:
URL: https://github.com/apache/polaris/pull/864#discussion_r1929174795
##########
service/common/src/main/java/org/apache/polaris/service/exception/IcebergExceptionMapper.java:
##########
@@ -144,4 +112,56 @@ public static boolean containsAnyAccessDeniedHint(String
message) {
public static Collection<String> getAccessDeniedHints() {
return ImmutableSet.copyOf(ACCESS_DENIED_HINTS);
}
+
+ static int mapExceptionToResponseCode(RuntimeException rex) {
+ // Cloud exceptions
+ if (rex instanceof S3Exception
+ || rex instanceof AzureException
+ || rex instanceof StorageException) {
+ if (doesAnyThrowableContainAccessDeniedHint(rex)) {
+ return Response.Status.FORBIDDEN.getStatusCode();
+ }
+
+ int httpCode =
+ switch (rex) {
+ case S3Exception s3e -> s3e.statusCode();
+ case HttpResponseException hre ->
hre.getResponse().getStatusCode();
+ case StorageException se -> se.getCode();
+ default -> -1;
+ };
+
+ if (300 <= httpCode && httpCode <= 499) {
+ return httpCode;
Review Comment:
> 401 on the storage side is still a 500 from the client perspective, IMHO,
because it basically means the server is not configured properly.
> 404 at storage level,if it bubbles up to this exception mapper is still a
500, IMHO. The storage requests that Polaris makes should be valid by
themselves. If the server accepted a request but could not find the file in
storage, that should be handled in core and probably wrapped in another
exception (which would them be converted to the appropriate error code here).
5xx errors should be reserved for incorrect actions the server is taking
with the information it has, rather than correct actions taken with invalid
client-provided information. Given that the client is responsible for providing
the catalog's storage config and actually maintaining its validity (ie not
tampering with permissions/files in S3), I think a 401 or 404 are client
issues. At a minimum, they are issues the client can attempt to resolve.
> I believe any 3xx error coming from storage, if it's unhandled by Polaris
Core, when it comes to this exception mapper is a 500 from the Polaris client
perspective. The server basically failed to interact with storage and there's
no client-side data that is a factor here.
Cloud Storage can return 3xx when the region is set incorrectly, the path is
invalid, and when files are moved. The region and path are both provided by the
client when creating the catalog. I don't think it's so simple for the server
to handle redirects.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
