dimas-b commented on code in PR #4540: URL: https://github.com/apache/polaris/pull/4540#discussion_r3314061483
########## runtime/service/src/test/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandlerTest.java: ########## @@ -0,0 +1,232 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.polaris.service.catalog.iceberg; + +import static org.apache.polaris.service.catalog.AccessDelegationMode.VENDED_CREDENTIALS; +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyBoolean; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import jakarta.enterprise.inject.Instance; +import java.time.Clock; +import java.util.Map; +import java.util.Optional; +import java.util.Set; +import org.apache.iceberg.BaseTable; +import org.apache.iceberg.TableMetadata; +import org.apache.iceberg.TableOperations; +import org.apache.iceberg.catalog.Catalog; +import org.apache.iceberg.catalog.Namespace; +import org.apache.iceberg.catalog.TableIdentifier; +import org.apache.iceberg.rest.credentials.Credential; +import org.apache.iceberg.rest.responses.ImmutableLoadCredentialsResponse; +import org.apache.polaris.core.PolarisDiagnostics; +import org.apache.polaris.core.auth.PolarisAuthorizer; +import org.apache.polaris.core.auth.PolarisPrincipal; +import org.apache.polaris.core.catalog.LocalCatalogFactory; +import org.apache.polaris.core.config.RealmConfig; +import org.apache.polaris.core.context.CallContext; +import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.credentials.PolarisCredentialManager; +import org.apache.polaris.core.entity.CatalogEntity; +import org.apache.polaris.core.entity.PolarisBaseEntity; +import org.apache.polaris.core.entity.PolarisEntity; +import org.apache.polaris.core.entity.PolarisEntitySubType; +import org.apache.polaris.core.entity.PolarisEntityType; +import org.apache.polaris.core.entity.table.IcebergTableLikeEntity; +import org.apache.polaris.core.persistence.PolarisMetaStoreManager; +import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper; +import org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest; +import org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory; +import org.apache.polaris.core.persistence.resolver.ResolverFactory; +import org.apache.polaris.core.storage.StorageAccessConfig; +import org.apache.polaris.service.catalog.AccessDelegationModeResolver; +import org.apache.polaris.service.catalog.CatalogPrefixParser; +import org.apache.polaris.service.catalog.io.StorageAccessConfigProvider; +import org.apache.polaris.service.config.ReservedProperties; +import org.apache.polaris.service.events.EventAttributeMap; +import org.apache.polaris.service.reporting.PolarisMetricsReporter; +import org.junit.jupiter.api.Test; + +class IcebergCatalogHandlerTest { + + private static final String CATALOG_NAME = "test"; + private static final Namespace NS1 = Namespace.of("ns1"); + private static final TableIdentifier TABLE2 = TableIdentifier.of(NS1, "table2"); + + private final PolarisResolutionManifest resolutionManifest = + mock(PolarisResolutionManifest.class); + private final PolarisResolvedPathWrapper resolvedPath = mock(PolarisResolvedPathWrapper.class); + private final CatalogEntity catalogEntity = mock(CatalogEntity.class); + private final CallContext callContext = mock(CallContext.class); + private final RealmConfig realmConfig = mock(RealmConfig.class); + private final LocalCatalogFactory localCatalogFactory = mock(LocalCatalogFactory.class); + private final AccessDelegationModeResolver accessDelegationModeResolver = + mock(AccessDelegationModeResolver.class); + private final StorageAccessConfigProvider storageAccessConfigProvider = + mock(StorageAccessConfigProvider.class); + + @SuppressWarnings({"unchecked", "rawtypes"}) + private IcebergCatalogHandler newHandler() { + when(callContext.getRealmConfig()).thenReturn(realmConfig); + when(callContext.getRealmContext()).thenReturn(mock(RealmContext.class)); + + // Resolution manifest factory always returns our pre-configured manifest mock so we can + // observe and stub interactions with it. + ResolutionManifestFactory resolutionManifestFactory = mock(ResolutionManifestFactory.class); + when(resolutionManifestFactory.createResolutionManifest(any(), any())) + .thenReturn(resolutionManifest); + + // Authorization path: any resolved path lookup returns a non-null wrapper so the + // "not found" check in CatalogHandler#authorizeBasicTableLikeOperationsOrThrow passes. + when(resolutionManifest.getResolvedPath(any(), any(), anyBoolean())).thenReturn(resolvedPath); + when(resolutionManifest.getResolvedPath(any(), any())).thenReturn(resolvedPath); + when(resolutionManifest.getResolvedPath(any())).thenReturn(resolvedPath); + when(resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles()).thenReturn(Set.of()); + + // initializeCatalog() reads the resolved catalog entity to decide federated vs. local. + // Return a CatalogEntity without a connection config so we take the local-catalog path. + when(resolutionManifest.getResolvedCatalogEntity()).thenReturn(catalogEntity); + when(catalogEntity.getConnectionConfigInfoDpo()).thenReturn(null); + + return ImmutableIcebergCatalogHandler.builder() Review Comment: For the tests added in this PR the main purpose (as far as I can tell) was validating specific and somewhat complex code paths... These tests used to use Mockito for that and they continue to use Mockito. I think that is appropriate for the present purpose. I would not want to mix Mockito with `@QuarkusTest` though. I think it would defeat the purpose of running a full server. Perhaps there is a better way to structure and test the related code, but for now I'm moving these tests out of `AbstractIcebergCatalogHandlerAuthzTest` specifically to reduce the amount of mocks in the server :slightly_smiling_face: ... this proved to complicate the refactoring in #4136 ... I should have mentioned that PR upfront :facepalm: -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
