visit2rahul opened a new issue, #4521: URL: https://github.com/apache/polaris/issues/4521
## Context `CatalogEntity.Builder.setStorageConfigurationInfo` (`polaris-core/src/main/java/org/apache/polaris/core/entity/CatalogEntity.java`, line 283) silently appends `defaultBaseLocation` to the `allowedLocations` set before serializing the storage config: ```java allowedLocations.add(defaultBaseLocation); ``` The TODO immediately above (lines 275-281) already documents this and proposes the cleaner alternative: > TODO: Reconsider whether this should actually just be a check up-front or if we actually want to silently add to the allowed locations. Maybe ideally we only add to the allowedLocations if allowedLocations is empty for the simple case, but if the caller provided allowedLocations explicitly, then we just verify that the defaultBaseLocation is at least a subpath of one of the allowedLocations. ## The problem The silent-add affects both `createCatalog` and `updateCatalog`: 1. **Create**: user submits `allowedLocations = [s3://A/]` and `defaultBaseLocation = s3://B/`. The catalog is stored with `allowedLocations = [s3://A/, s3://B/]`. The user's fencing intent is silently defeated. 2. **Update**: same. PR #4422 currently works around this in the update path by validating the user-submitted allowed list *before* the builder runs (commit `a28670530`), but the underlying silent-add still exists for any other caller. ## Proposed fix Per the TODO, replace the silent-add with an up-front check: - If `allowedLocations` is empty: keep simple behavior (add `defaultBaseLocation`), OR reject as inconsistent. - If `allowedLocations` is non-empty: require `defaultBaseLocation` to be a subpath of at least one entry; throw `BadRequestException` if not. Changes the create-catalog behavior too, so test fixtures and possibly callers will need updates. ## Related - Surfaced during review of #4422 ([discussion](https://github.com/apache/polaris/pull/4422#discussion_r3277305916)). - PR #4422 added the update-time validation workaround at the call site; fixing the builder properly would let that workaround simplify. - TODO at `CatalogEntity.java:275-281`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
