gh-yzou commented on code in PR #1147:
URL: https://github.com/apache/polaris/pull/1147#discussion_r1991963383
##########
polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java:
##########
@@ -41,22 +41,22 @@ public enum PolarisPrivilege {
TABLE_CREATE(6, PolarisEntityType.NAMESPACE),
VIEW_CREATE(7, PolarisEntityType.NAMESPACE),
NAMESPACE_DROP(8, PolarisEntityType.NAMESPACE),
- TABLE_DROP(9, PolarisEntityType.TABLE_LIKE, PolarisEntitySubType.TABLE),
- VIEW_DROP(10, PolarisEntityType.TABLE_LIKE, PolarisEntitySubType.VIEW),
+ TABLE_DROP(9, PolarisEntityType.ICEBERG_TABLE_LIKE,
PolarisEntitySubType.TABLE),
Review Comment:
I am not quite sure how we plan to do this at authentication level, if we
are going to do some special check to allow the operation with TABLE_DROP, I
felt it is kind of hack. The privilege here seems defines that it is for the
Iceberg table only, if we want to extend the definition, and have a different
entity type there, we might have to take a list of <entity type, entity sub
type>. compare with let the definition take an entity type, and list of
subtype, the latter seems making more sense to me.
i don't think I am suggesting to completely reuse the TABLE LIKE entity
here, i am just suggesting to refactor the TABLE_LIKE entity to a base entity
class, and extend it to ICEBERG_TABLE_LIKE entity and GENERIC_TABLE entity, so
we can still address the concern about having methods or keywords that only
make sense for ICEBERG also appear as part of GENERIC_TABLE entity. Also, since
all those have to be unique under the same namespace, i think it make sense to
have them to share the same entity type, but use different subtype.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
