flyrain commented on code in PR #4409:
URL: https://github.com/apache/polaris/pull/4409#discussion_r3244651963
##########
polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizer.java:
##########
@@ -38,26 +39,85 @@ public interface PolarisAuthorizer {
* <p>This method should not perform authorization decisions directly.
*/
void resolveAuthorizationInputs(
- @Nonnull AuthorizationState authzState, @Nonnull AuthorizationRequest
request);
+ @Nonnull AuthorizationState authzState,
+ @Nonnull PolarisPrincipal polarisPrincipal,
Review Comment:
I’m not sure CDI should drive the shape of the authorization model here. To
me, AuthorizationRequest should be self contained and represent the full
authorization question, which includes the principal.
It is fine for callers to obtain the principal from request context, but
once we construct an AuthorizationRequest, I think it should carry the subject,
operation, and target together. Otherwise we are really modeling an
AuthorizationIntent, not a full authorization request.
I also don’t really see the need to split PolarisAuthorizer into a front end
and back end interface. That feels like implementation complexity leaking into
the core authorization model.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
