snazy commented on code in PR #4396:
URL: https://github.com/apache/polaris/pull/4396#discussion_r3224766150
##########
persistence/nosql/persistence/metastore/src/main/java/org/apache/polaris/persistence/nosql/metastore/mutation/PrincipalMutations.java:
##########
@@ -157,7 +158,11 @@ public ChangeResult<R> change(
.ifPresent(
clientId -> {
var clientIdKey = IndexKey.key(clientId);
- byClientId.put(clientIdKey, updatedPrincipalObjRef);
+ if (!byClientId.put(clientIdKey, updatedPrincipalObjRef)) {
+ throw new AlreadyExistsException(
+ String.format("Client ID already in use: %s", clientId));
+ }
+ ;
Review Comment:
Stale `;` (spotless/checkstyle/findbugs likely trips over this)
##########
runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java:
##########
@@ -1077,6 +1077,16 @@ public void deletePrincipal(String name) {
throw new ValidationException(
"Cannot reset credentials for a federated principal: %s",
principalName);
}
+ if (customClientId != null) {
+ PolarisPrincipalSecrets collidingSecrets =
+ metaStoreManager
+ .loadPrincipalSecrets(getCurrentPolarisContext(), customClientId)
+ .getPrincipalSecrets();
+ if (collidingSecrets != null
+ && collidingSecrets.getPrincipalId() !=
currentPrincipalEntity.getId()) {
Review Comment:
Yea, using persistence as the sole authority is fine, for the stated reasons.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
