Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
jerqi commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1900053828
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
It's ok. I can use this implement.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
tengqm commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1900043958
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
So... let's put aside my suggestions on using names/ids for post-deletion
operations or similar outcalls.
If the catalog objects are still valid, why don't we just use the objects?
```none
catalogs = loadCatalogs(ident);
bSuccess = dropCatalogs(ident, force);
if (bSuccess) callAuthorizationPlugin(..., catalogs);
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
jerqi commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1899958266
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
Actually, this is the cleanup process. Deleting the entity from the store
doesn't mean we have deleted the entity. The lifecycle of the catalog object
don't end when we just remove it from the store. So I don't think it's
dangerous.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
jerqi commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1899958266
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
Actually, this is the cleanup process. Deleting the entity from the store
doesn't mean we have deleted the entity. So I don't think it's dangerous.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
tengqm commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1899951197
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
Em ... I've rechecked the logic again.
The following logic requires the catalog object anyway, even after this
"callback" revision.
The real problem is that we are using the reference to an deleted object to
cleanup.
That is pretty dangerous in my viewpoint.
Can we check if we can simply pass object names or IDs, i.e. those primitive
types,
to the plugin?
```java
callAuthorizationPluginImpl(
authorizationPlugin -> {
authorizationPlugin.onMetadataUpdated(removeObject);
},
catalog);
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
jerqi commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1899881003
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
You can see the comment. The catalog contains the authorization plugin. If
we drop the catalog first, we can't load the catalog and call the method of the
plugin.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Re: [PR] [#6042] refactor: Use callback to delete the privilege of catalog [gravitino]
tengqm commented on code in PR #6045:
URL: https://github.com/apache/gravitino/pull/6045#discussion_r1899858815
##
core/src/main/java/org/apache/gravitino/hook/CatalogHookDispatcher.java:
##
@@ -126,8 +126,20 @@ public boolean dropCatalog(NameIdentifier ident) {
@Override
public boolean dropCatalog(NameIdentifier ident, boolean force)
throws NonEmptyEntityException, CatalogInUseException {
-AuthorizationUtils.authorizationPluginRemovePrivileges(ident,
Entity.EntityType.CATALOG);
-return dispatcher.dropCatalog(ident, force);
+// If we call the authorization plugin after dropping catalog, we can't
load the plugin of the
+// catalog
+Runnable removePrivilegesCallback = null;
+if (dispatcher.catalogExists(ident)) {
+ removePrivilegesCallback =
+ AuthorizationUtils.createRemovePrivilegesCallback(ident,
Entity.EntityType.CATALOG);
+}
+
+boolean dropped = dispatcher.dropCatalog(ident, force);
+
+if (dropped && removePrivilegesCallback != null) {
+ removePrivilegesCallback.run();
+}
Review Comment:
So why don't we just invoke the callback logic directly after checking
if `dropped` is true or false?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
