Ma77Ball opened a new pull request, #5648: URL: https://github.com/apache/texera/pull/5648
### What changes were proposed in this PR? - Replace the two-DAO lookup in `ComputingUnitAccess.getComputingUnitAccess` (fetch the unit by `cuid`, then fetch all of the user's access rows by `uid` and filter them in memory) with a single `LEFT JOIN` of `WORKFLOW_COMPUTING_UNIT` to `COMPUTING_UNIT_USER_ACCESS` on `(cuid, uid)`, returning the owner uid and the caller's privilege in one round-trip. - Resolve the privilege from that single row: the owner gets `WRITE`, a present access row yields its privilege, and a null join (no grant) yields `NONE`. - A missing computing unit now resolves to `NONE` instead of throwing; the sole caller (`AccessControlResource`) already maps both `NONE` and a thrown exception to `403 FORBIDDEN`, so the externally observable behavior is unchanged. ### Any related issues, documentation, discussions? Closes: #5645 ### How was this PR tested? - `sbt Auth/compile`, expect a clean compile of the rewritten jOOQ query (the `Auth` module has no DB-backed unit test for this helper, so no automated assertion was added; flagging that gap rather than implying coverage). - Manual, via the access-control route backed by `AccessControlResource`: request a computing unit as its owner, expect `WRITE`; as a user holding a shared grant, expect that grant's privilege; as a user with no grant, or for a non-existent `cuid`, expect `403 FORBIDDEN`. - Behavior-preservation check: confirm the only caller maps `NONE` to `403`, so the missing-unit path (previously a thrown NPE, now `NONE`) still yields `403`. ### Was this PR authored or co-authored using generative AI tooling? Generated-by: Claude Opus 4.8 (Claude Code), in compliance with the ASF Generative Tooling Guidance -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
