From 09e739c03d1fe4dfdfdc88dc36c0a588e2ff59d2 Mon Sep 17 00:00:00 2001 From: Alexandre Dutra Date: Sun, 20 Apr 2025 17:24:04 +0200 Subject: [PATCH] Remove activatedPrincipalRoles property from AuthenticatedPolarisPrincipal This seems to be a leftover from when ActiveRolesProvider was introduced. The setter was still used, but the getter wasn't, which hints at the fact that this property can be safely removed. As a bonus, AuthenticatedPolarisPrincipal now becomes immutable, which is imho a very good thing. --- .../auth/AuthenticatedPolarisPrincipal.java | 18 +----------------- .../resolver/PolarisResolutionManifest.java | 13 ------------- 2 files changed, 1 insertion(+), 30 deletions(-) diff --git a/polaris-core/src/main/java/org/apache/polaris/core/auth/AuthenticatedPolarisPrincipal.java b/polaris-core/src/main/java/org/apache/polaris/core/auth/AuthenticatedPolarisPrincipal.java index 0e8ccf5777..dbfd404424 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/auth/AuthenticatedPolarisPrincipal.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/auth/AuthenticatedPolarisPrincipal.java @@ -19,24 +19,18 @@ package org.apache.polaris.core.auth; import jakarta.annotation.Nonnull; -import java.util.List; import java.util.Set; import org.apache.polaris.core.entity.PolarisEntity; -import org.apache.polaris.core.entity.PrincipalRoleEntity; /** Holds the results of request authentication. */ public class AuthenticatedPolarisPrincipal implements java.security.Principal { private final PolarisEntity principalEntity; private final Set activatedPrincipalRoleNames; - // only known and set after the above set of principal role names have been resolved. Before - // this, this list is null - private List activatedPrincipalRoles; public AuthenticatedPolarisPrincipal( @Nonnull PolarisEntity principalEntity, @Nonnull Set activatedPrincipalRoles) { this.principalEntity = principalEntity; this.activatedPrincipalRoleNames = activatedPrincipalRoles; - this.activatedPrincipalRoles = null; } @Override @@ -52,21 +46,11 @@ public Set getActivatedPrincipalRoleNames() { return activatedPrincipalRoleNames; } - public List getActivatedPrincipalRoles() { - return activatedPrincipalRoles; - } - - public void setActivatedPrincipalRoles(List activatedPrincipalRoles) { - this.activatedPrincipalRoles = activatedPrincipalRoles; - } - @Override public String toString() { return "principalEntity=" + getPrincipalEntity() + ";activatedPrincipalRoleNames=" - + getActivatedPrincipalRoleNames() - + ";activatedPrincipalRoles=" - + getActivatedPrincipalRoles(); + + getActivatedPrincipalRoleNames(); } } diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/resolver/PolarisResolutionManifest.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/resolver/PolarisResolutionManifest.java index 4b2d5ce96e..4fe7c8261a 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/resolver/PolarisResolutionManifest.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/resolver/PolarisResolutionManifest.java @@ -27,7 +27,6 @@ import java.util.List; import java.util.Map; import java.util.Set; -import java.util.stream.Collectors; import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.context.CallContext; @@ -35,7 +34,6 @@ import org.apache.polaris.core.entity.PolarisEntityConstants; import org.apache.polaris.core.entity.PolarisEntitySubType; import org.apache.polaris.core.entity.PolarisEntityType; -import org.apache.polaris.core.entity.PrincipalRoleEntity; import org.apache.polaris.core.persistence.PolarisEntityManager; import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper; import org.apache.polaris.core.persistence.ResolvedPolarisEntity; @@ -56,7 +54,6 @@ public class PolarisResolutionManifest implements PolarisResolutionManifestCatal private final PolarisEntityManager entityManager; private final CallContext callContext; private final SecurityContext securityContext; - private final AuthenticatedPolarisPrincipal authenticatedPrincipal; private final String catalogName; private final Resolver primaryResolver; private final PolarisDiagnostics diagnostics; @@ -96,8 +93,6 @@ public PolarisResolutionManifest( "invalid_principal_type_for_resolution_manifest", "principal={}", securityContext.getUserPrincipal()); - this.authenticatedPrincipal = - (AuthenticatedPolarisPrincipal) securityContext.getUserPrincipal(); // TODO: Make the rootContainer lookup no longer optional in the persistence store. // For now, we'll try to resolve the rootContainer as "optional", and only if we fail to find @@ -149,14 +144,6 @@ public ResolverStatus resolveAll() { != ResolverStatus.StatusEnum.CALLER_PRINCIPAL_DOES_NOT_EXIST, "caller_principal_does_not_exist_at_resolution_time"); - // activated principal roles are known, add them to the call context - if (primaryResolverStatus.getStatus() == ResolverStatus.StatusEnum.SUCCESS) { - List activatedPrincipalRoles = - primaryResolver.getResolvedCallerPrincipalRoles().stream() - .map(ce -> PrincipalRoleEntity.of(ce.getEntity())) - .collect(Collectors.toList()); - this.authenticatedPrincipal.setActivatedPrincipalRoles(activatedPrincipalRoles); - } return primaryResolverStatus; }