From 85defa94e1bb3fe40cd754fc7c6e29b4ef505cbf Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Tue, 26 Aug 2025 22:42:24 -0700 Subject: [PATCH 1/8] Add Events for PolarisServiceImpl APIs --- .../PolarisCatalogsEventServiceDelegator.java | 80 +++++-- ...isPrincipalRolesEventServiceDelegator.java | 53 ++++- ...olarisPrincipalsEventServiceDelegator.java | 52 ++++- .../service/admin/PolarisServiceImpl.java | 61 +++--- .../service/events/CatalogsServiceEvents.java | 126 +++++++++++ .../service/events/PolarisEventListener.java | 202 ++++++++++++++++++ .../events/PrincipalRolesServiceEvents.java | 63 ++++++ .../events/PrincipalsServiceEvents.java | 54 +++++ 8 files changed, 626 insertions(+), 65 deletions(-) create mode 100644 runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java create mode 100644 runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java create mode 100644 runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java index 76c320ae6b..93087ca440 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java @@ -26,6 +26,8 @@ import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.SecurityContext; import org.apache.polaris.core.admin.model.AddGrantRequest; +import org.apache.polaris.core.admin.model.Catalog; +import org.apache.polaris.core.admin.model.CatalogRole; import org.apache.polaris.core.admin.model.CreateCatalogRequest; import org.apache.polaris.core.admin.model.CreateCatalogRoleRequest; import org.apache.polaris.core.admin.model.RevokeGrantRequest; @@ -33,29 +35,42 @@ import org.apache.polaris.core.admin.model.UpdateCatalogRoleRequest; import org.apache.polaris.core.context.RealmContext; import org.apache.polaris.service.admin.api.PolarisCatalogsApiService; +import org.apache.polaris.service.events.CatalogsServiceEvents; +import org.apache.polaris.service.events.PolarisEventListener; @Decorator @Priority(1000) public class PolarisCatalogsEventServiceDelegator implements PolarisCatalogsApiService { @Inject @Delegate PolarisCatalogsApiService delegate; + @Inject PolarisEventListener polarisEventListener; @Override public Response createCatalog( CreateCatalogRequest request, RealmContext realmContext, SecurityContext securityContext) { - return delegate.createCatalog(request, realmContext, securityContext); + polarisEventListener.onBeforeCatalogCreated(new CatalogsServiceEvents.BeforeCatalogCreatedEvent(request.getCatalog().getName())); + Response resp = delegate.createCatalog(request, realmContext, securityContext); + polarisEventListener.onAfterCatalogCreated(new CatalogsServiceEvents.AfterCatalogCreatedEvent(resp.readEntity(Catalog.class))); + // If we are okay to start returning the catalog in the response, then we can simply return `resp`. + return Response.status(Response.Status.CREATED).build(); } @Override public Response deleteCatalog( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.deleteCatalog(catalogName, realmContext, securityContext); + polarisEventListener.onBeforeCatalogDeleted(new CatalogsServiceEvents.BeforeCatalogDeletedEvent(catalogName)); + Response resp = delegate.deleteCatalog(catalogName, realmContext, securityContext); + polarisEventListener.onAfterCatalogDeleted(new CatalogsServiceEvents.AfterCatalogDeletedEvent(catalogName)); + return resp; } @Override public Response getCatalog( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.getCatalog(catalogName, realmContext, securityContext); + polarisEventListener.onBeforeCatalogGet(new CatalogsServiceEvents.BeforeCatalogGetEvent(catalogName)); + Response resp = delegate.getCatalog(catalogName, realmContext, securityContext); + polarisEventListener.onAfterCatalogGet(new CatalogsServiceEvents.AfterCatalogGetEvent(resp.readEntity(Catalog.class))); + return resp; } @Override @@ -64,12 +79,18 @@ public Response updateCatalog( UpdateCatalogRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - return delegate.updateCatalog(catalogName, updateRequest, realmContext, securityContext); + polarisEventListener.onBeforeCatalogUpdated(new CatalogsServiceEvents.BeforeCatalogUpdatedEvent(catalogName, updateRequest)); + Response resp = delegate.updateCatalog(catalogName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterCatalogUpdated(new CatalogsServiceEvents.AfterCatalogUpdatedEvent(resp.readEntity(Catalog.class))); + return resp; } @Override public Response listCatalogs(RealmContext realmContext, SecurityContext securityContext) { - return delegate.listCatalogs(realmContext, securityContext); + polarisEventListener.onBeforeCatalogList(new CatalogsServiceEvents.BeforeCatalogListEvent()); + Response resp = delegate.listCatalogs(realmContext, securityContext); + polarisEventListener.onAfterCatalogList(new CatalogsServiceEvents.AfterCatalogListEvent()); + return resp; } @Override @@ -78,7 +99,10 @@ public Response createCatalogRole( CreateCatalogRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - return delegate.createCatalogRole(catalogName, request, realmContext, securityContext); + polarisEventListener.onBeforeCatalogRoleCreate(new CatalogsServiceEvents.BeforeCatalogRoleCreateEvent(catalogName, request.getCatalogRole().getName())); + Response resp = delegate.createCatalogRole(catalogName, request, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleCreate(new CatalogsServiceEvents.AfterCatalogRoleCreateEvent(catalogName, resp.readEntity(CatalogRole.class))); + return resp; } @Override @@ -87,7 +111,10 @@ public Response deleteCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.deleteCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onBeforeCatalogRoleDelete(new CatalogsServiceEvents.BeforeCatalogRoleDeleteEvent(catalogName, catalogRoleName)); + Response resp = delegate.deleteCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleDelete(new CatalogsServiceEvents.AfterCatalogRoleDeleteEvent( catalogName, catalogRoleName)); + return resp; } @Override @@ -96,7 +123,10 @@ public Response getCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.getCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onBeforeCatalogRoleGet(new CatalogsServiceEvents.BeforeCatalogRoleGetEvent(catalogName, catalogRoleName)); + Response resp = delegate.getCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleGet(new CatalogsServiceEvents.AfterCatalogRoleGetEvent(catalogName, resp.readEntity(CatalogRole.class))); + return resp; } @Override @@ -106,14 +136,20 @@ public Response updateCatalogRole( UpdateCatalogRoleRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - return delegate.updateCatalogRole( + polarisEventListener.onBeforeCatalogRoleUpdate(new CatalogsServiceEvents.BeforeCatalogRoleUpdateEvent(catalogName, catalogRoleName, updateRequest)); + Response resp = delegate.updateCatalogRole( catalogName, catalogRoleName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleUpdate(new CatalogsServiceEvents.AfterCatalogRoleUpdateEvent(catalogName, resp.readEntity(CatalogRole.class))); + return resp; } @Override public Response listCatalogRoles( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.listCatalogRoles(catalogName, realmContext, securityContext); + polarisEventListener.onBeforeCatalogList(new CatalogsServiceEvents.BeforeCatalogListEvent()); + Response resp = delegate.listCatalogRoles(catalogName, realmContext, securityContext); + polarisEventListener.onAfterCatalogList(new CatalogsServiceEvents.AfterCatalogListEvent()); + return resp; } @Override @@ -123,8 +159,14 @@ public Response addGrantToCatalogRole( AddGrantRequest grantRequest, RealmContext realmContext, SecurityContext securityContext) { - return delegate.addGrantToCatalogRole( + polarisEventListener.onBeforeAddGrantToCatalogRole(new CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent( catalogName, catalogRoleName, grantRequest)); + Response resp = delegate.addGrantToCatalogRole( catalogName, catalogRoleName, grantRequest, realmContext, securityContext); + PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper entityWrapper = resp.readEntity(PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper.class); + if (resp.getStatus() != Response.Status.BAD_REQUEST.getStatusCode()) { + polarisEventListener.onAfterAddGrantToCatalogRole(new CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent(catalogName, catalogRoleName, entityWrapper.polarisPrivilege(), entityWrapper.grantResource())); + } + return resp; } @Override @@ -135,8 +177,12 @@ public Response revokeGrantFromCatalogRole( RevokeGrantRequest grantRequest, RealmContext realmContext, SecurityContext securityContext) { - return delegate.revokeGrantFromCatalogRole( + polarisEventListener.onBeforeRevokeGrantFromCatalogRole(new CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent(catalogName, catalogRoleName, grantRequest, cascade)); + Response resp = delegate.revokeGrantFromCatalogRole( catalogName, catalogRoleName, cascade, grantRequest, realmContext, securityContext); + PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper entityWrapper = resp.readEntity(PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper.class); + polarisEventListener.onAfterRevokeGrantFromCatalogRole(new CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent(catalogName, catalogRoleName, entityWrapper.polarisPrivilege(), entityWrapper.grantResource(), entityWrapper.cascade())); + return resp; } @Override @@ -145,8 +191,11 @@ public Response listAssigneePrincipalRolesForCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.listAssigneePrincipalRolesForCatalogRole( + polarisEventListener.onBeforeListAssigneePrincipalRolesForCatalogRole(new CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent(catalogName, catalogRoleName)); + Response resp = delegate.listAssigneePrincipalRolesForCatalogRole( catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterListAssigneePrincipalRolesForCatalogRole(new CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent(catalogName, catalogRoleName)); + return resp; } @Override @@ -155,7 +204,10 @@ public Response listGrantsForCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.listGrantsForCatalogRole( + polarisEventListener.onBeforeListGrantsForCatalogRole(new CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent( catalogName, catalogRoleName)); + Response resp = delegate.listGrantsForCatalogRole( catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterListGrantsForCatalogRole(new CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent( catalogName, catalogRoleName)); + return resp; } } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java index d473906a31..ed57b0985b 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java @@ -27,34 +27,50 @@ import jakarta.ws.rs.core.SecurityContext; import org.apache.polaris.core.admin.model.CreatePrincipalRoleRequest; import org.apache.polaris.core.admin.model.GrantCatalogRoleRequest; +import org.apache.polaris.core.admin.model.PrincipalRole; import org.apache.polaris.core.admin.model.UpdatePrincipalRoleRequest; import org.apache.polaris.core.context.RealmContext; import org.apache.polaris.service.admin.api.PolarisPrincipalRolesApiService; +import org.apache.polaris.service.events.PolarisEventListener; +import org.apache.polaris.service.events.PrincipalRolesServiceEvents; @Decorator @Priority(1000) public class PolarisPrincipalRolesEventServiceDelegator implements PolarisPrincipalRolesApiService { @Inject @Delegate PolarisPrincipalRolesApiService delegate; + @Inject PolarisEventListener polarisEventListener; @Override public Response createPrincipalRole( CreatePrincipalRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - return delegate.createPrincipalRole(request, realmContext, securityContext); + polarisEventListener.onBeforePrincipalRoleCreate(new PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent(request)); + Response resp = delegate.createPrincipalRole(request, realmContext, securityContext); + PrincipalRole principalRole = resp.readEntity(PrincipalRole.class); + polarisEventListener.onAfterPrincipalRoleCreate(new PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent(principalRole)); + // If we are okay to start returning the PrincipalRole in the response, then we can simply return `resp`. + return Response.status(Response.Status.CREATED).build(); } @Override public Response deletePrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.deletePrincipalRole(principalRoleName, realmContext, securityContext); + polarisEventListener.onBeforePrincipalRoleDelete(new PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent(principalRoleName)); + Response resp = delegate.deletePrincipalRole(principalRoleName, realmContext, securityContext); + polarisEventListener.onAfterPrincipalRoleDelete(new PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent(principalRoleName)); + return resp; } @Override public Response getPrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.getPrincipalRole(principalRoleName, realmContext, securityContext); + polarisEventListener.onBeforePrincipalRoleGet(new PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent(principalRoleName)); + Response resp = delegate.getPrincipalRole(principalRoleName, realmContext, securityContext); + PrincipalRole principalRole = resp.readEntity(PrincipalRole.class); + polarisEventListener.onAfterPrincipalRoleGet(new PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent(principalRole)); + return resp; } @Override @@ -63,13 +79,18 @@ public Response updatePrincipalRole( UpdatePrincipalRoleRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - return delegate.updatePrincipalRole( - principalRoleName, updateRequest, realmContext, securityContext); + polarisEventListener.onBeforePrincipalRoleUpdate(new PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent(principalRoleName, updateRequest)); + Response resp = delegate.updatePrincipalRole(principalRoleName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterPrincipalRoleUpdate(new PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent(resp.readEntity(PrincipalRole.class))); + return resp; } @Override public Response listPrincipalRoles(RealmContext realmContext, SecurityContext securityContext) { - return delegate.listPrincipalRoles(realmContext, securityContext); + polarisEventListener.onBeforePrincipalRolesList(new PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent()); + Response resp = delegate.listPrincipalRoles(realmContext, securityContext); + polarisEventListener.onAfterPrincipalRolesList(new PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent()); + return resp; } @Override @@ -79,8 +100,11 @@ public Response assignCatalogRoleToPrincipalRole( GrantCatalogRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - return delegate.assignCatalogRoleToPrincipalRole( + polarisEventListener.onBeforeCatalogRoleAssignToPrincipalRole(new PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent(principalRoleName, catalogName, request.getCatalogRole().getName())); + Response resp = delegate.assignCatalogRoleToPrincipalRole( principalRoleName, catalogName, request, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleAssignToPrincipalRole(new PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent(principalRoleName, catalogName, request.getCatalogRole().getName())); + return resp; } @Override @@ -90,15 +114,21 @@ public Response revokeCatalogRoleFromPrincipalRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.revokeCatalogRoleFromPrincipalRole( + polarisEventListener.onBeforeCatalogRoleRevokeFromPrincipalRole(new PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent(principalRoleName, catalogName, catalogRoleName)); + Response resp = delegate.revokeCatalogRoleFromPrincipalRole( principalRoleName, catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleRevokeFromPrincipalRole(new PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent(principalRoleName, catalogName, catalogRoleName)); + return resp; } @Override public Response listAssigneePrincipalsForPrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.listAssigneePrincipalsForPrincipalRole( + polarisEventListener.onBeforeListAssigneePrincipalsForPrincipalRole(new PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent(principalRoleName)); + Response resp = delegate.listAssigneePrincipalsForPrincipalRole( principalRoleName, realmContext, securityContext); + polarisEventListener.onAfterListAssigneePrincipalsForPrincipalRole(new PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent(principalRoleName)); + return resp; } @Override @@ -107,7 +137,10 @@ public Response listCatalogRolesForPrincipalRole( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.listCatalogRolesForPrincipalRole( + polarisEventListener.onBeforeListCatalogRolesForPrincipalRole(new PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent(principalRoleName, catalogName)); + Response resp = delegate.listCatalogRolesForPrincipalRole( principalRoleName, catalogName, realmContext, securityContext); + polarisEventListener.onAfterListCatalogRolesForPrincipalRole(new PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent(principalRoleName, catalogName)); + return resp; } } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java index b281290b14..fe80ee4497 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java @@ -27,32 +27,46 @@ import jakarta.ws.rs.core.SecurityContext; import org.apache.polaris.core.admin.model.CreatePrincipalRequest; import org.apache.polaris.core.admin.model.GrantPrincipalRoleRequest; +import org.apache.polaris.core.admin.model.Principal; +import org.apache.polaris.core.admin.model.PrincipalWithCredentials; import org.apache.polaris.core.admin.model.UpdatePrincipalRequest; import org.apache.polaris.core.context.RealmContext; import org.apache.polaris.service.admin.api.PolarisPrincipalsApiService; +import org.apache.polaris.service.events.PolarisEventListener; +import org.apache.polaris.service.events.PrincipalsServiceEvents; @Decorator @Priority(1000) public class PolarisPrincipalsEventServiceDelegator implements PolarisPrincipalsApiService { @Inject @Delegate PolarisPrincipalsApiService delegate; + @Inject PolarisEventListener polarisEventListener; @Override public Response createPrincipal( CreatePrincipalRequest request, RealmContext realmContext, SecurityContext securityContext) { - return delegate.createPrincipal(request, realmContext, securityContext); + polarisEventListener.onBeforePrincipalCreate(new PrincipalsServiceEvents.BeforePrincipalCreateEvent(request.getPrincipal().getName())); + Response resp = delegate.createPrincipal(request, realmContext, securityContext); + polarisEventListener.onAfterPrincipalCreate(new PrincipalsServiceEvents.AfterPrincipalCreateEvent(resp.readEntity(Principal.class))); + return resp; } @Override public Response deletePrincipal( String principalName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.deletePrincipal(principalName, realmContext, securityContext); + polarisEventListener.onBeforePrincipalDelete(new PrincipalsServiceEvents.BeforePrincipalDeleteEvent(principalName)); + Response resp = delegate.deletePrincipal(principalName, realmContext, securityContext); + polarisEventListener.onAfterPrincipalDelete(new PrincipalsServiceEvents.AfterPrincipalDeleteEvent(principalName)); + return resp; } @Override public Response getPrincipal( String principalName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.getPrincipal(principalName, realmContext, securityContext); + polarisEventListener.onBeforePrincipalGet(new PrincipalsServiceEvents.BeforePrincipalGetEvent(principalName)); + Response resp = delegate.getPrincipal(principalName, realmContext, securityContext); + polarisEventListener.onAfterPrincipalGet(new PrincipalsServiceEvents.AfterPrincipalGetEvent(resp.readEntity(Principal.class))); + return resp; } @Override @@ -61,18 +75,28 @@ public Response updatePrincipal( UpdatePrincipalRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - return delegate.updatePrincipal(principalName, updateRequest, realmContext, securityContext); + polarisEventListener.onBeforePrincipalUpdate(new PrincipalsServiceEvents.BeforePrincipalUpdateEvent(principalName, updateRequest)); + Response resp = delegate.updatePrincipal(principalName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterPrincipalUpdate(new PrincipalsServiceEvents.AfterPrincipalUpdateEvent(resp.readEntity(Principal.class))); + return resp; } @Override public Response rotateCredentials( String principalName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.rotateCredentials(principalName, realmContext, securityContext); + polarisEventListener.onBeforeCredentialsRotate(new PrincipalsServiceEvents.BeforeCredentialsRotateEvent(principalName)); + Response resp = delegate.rotateCredentials(principalName, realmContext, securityContext); + PrincipalWithCredentials principalWithCredentials = resp.readEntity(PrincipalWithCredentials.class); + polarisEventListener.onAfterCredentialsRotate(new PrincipalsServiceEvents.AfterCredentialsRotateEvent(principalWithCredentials.getPrincipal())); + return resp; } @Override public Response listPrincipals(RealmContext realmContext, SecurityContext securityContext) { - return delegate.listPrincipals(realmContext, securityContext); + polarisEventListener.onBeforePrincipalsList(new PrincipalsServiceEvents.BeforePrincipalsListEvent()); + Response resp = delegate.listPrincipals(realmContext, securityContext); + polarisEventListener.onAfterPrincipalsList(new PrincipalsServiceEvents.AfterPrincipalsListEvent()); + return resp; } @Override @@ -81,7 +105,10 @@ public Response assignPrincipalRole( GrantPrincipalRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - return delegate.assignPrincipalRole(principalName, request, realmContext, securityContext); + polarisEventListener.onBeforeAssignPrincipalRole(new PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent(principalName, request.getPrincipalRole())); + Response resp = delegate.assignPrincipalRole(principalName, request, realmContext, securityContext); + polarisEventListener.onAfterAssignPrincipalRole(new PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent(principalName, request.getPrincipalRole())); + return resp; } @Override @@ -90,13 +117,18 @@ public Response revokePrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.revokePrincipalRole( - principalName, principalRoleName, realmContext, securityContext); + polarisEventListener.onBeforeRevokePrincipalRole(new PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent(principalName, principalRoleName)); + Response resp = delegate.revokePrincipalRole(principalName, principalRoleName, realmContext, securityContext); + polarisEventListener.onAfterRevokePrincipalRole(new PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent(principalName, principalRoleName)); + return resp; } @Override public Response listPrincipalRolesAssigned( String principalName, RealmContext realmContext, SecurityContext securityContext) { - return delegate.listPrincipalRolesAssigned(principalName, realmContext, securityContext); + polarisEventListener.onBeforePrincipalRolesAssignedList(new PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent(principalName)); + Response resp = delegate.listPrincipalRolesAssigned(principalName, realmContext, securityContext); + polarisEventListener.onAfterPrincipalRolesAssignedList(new PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent(principalName)); + return resp; } } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java index c455e9c991..9cf6a10705 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java @@ -141,7 +141,7 @@ private PolarisAdminService newAdminService( reservedProperties); } - private static Response toResponse(BaseResult result, Response.Status successStatus) { + private static Response toResponse(BaseResult result, Response.Status successStatus, Object entity) { if (!result.isSuccess()) { ErrorResponse icebergErrorResponse = ErrorResponse.builder() @@ -154,7 +154,11 @@ private static Response toResponse(BaseResult result, Response.Status successSta .entity(icebergErrorResponse) .build(); } - return Response.status(successStatus).build(); + Response.ResponseBuilder responseBuilder = Response.status(successStatus); + if (entity != null) { + responseBuilder.entity(entity); + } + return responseBuilder.build(); } /** From PolarisCatalogsApiService */ @@ -167,7 +171,7 @@ public Response createCatalog( validateExternalCatalog(catalog); Catalog newCatalog = CatalogEntity.of(adminService.createCatalog(request)).asCatalog(); LOGGER.info("Created new catalog {}", newCatalog); - return Response.status(Response.Status.CREATED).build(); + return Response.status(Response.Status.CREATED).entity(newCatalog).build(); } private void validateStorageConfig(StorageConfigInfo storageConfigInfo) { @@ -357,7 +361,7 @@ public Response createPrincipalRole( PrincipalRole newPrincipalRole = new PrincipalRoleEntity(adminService.createPrincipalRole(entity)).asPrincipalRole(); LOGGER.info("Created new principalRole {}", newPrincipalRole); - return Response.status(Response.Status.CREATED).build(); + return Response.status(Response.Status.CREATED).entity(newPrincipalRole).build(); } /** From PolarisPrincipalRolesApiService */ @@ -418,7 +422,7 @@ public Response createCatalogRole( CatalogRole newCatalogRole = new CatalogRoleEntity(adminService.createCatalogRole(catalogName, entity)).asCatalogRole(); LOGGER.info("Created new catalogRole {}", newCatalogRole); - return Response.status(Response.Status.CREATED).build(); + return Response.status(Response.Status.CREATED).entity(newCatalogRole).build(); } /** From PolarisCatalogsApiService */ @@ -486,7 +490,7 @@ public Response assignPrincipalRole( PolarisAdminService adminService = newAdminService(realmContext, securityContext); PrivilegeResult result = adminService.assignPrincipalRole(principalName, request.getPrincipalRole().getName()); - return toResponse(result, Response.Status.CREATED); + return toResponse(result, Response.Status.CREATED, null); } /** From PolarisPrincipalsApiService */ @@ -499,7 +503,7 @@ public Response revokePrincipalRole( LOGGER.info("Revoking principalRole {} from principal {}", principalRoleName, principalName); PolarisAdminService adminService = newAdminService(realmContext, securityContext); PrivilegeResult result = adminService.revokePrincipalRole(principalName, principalRoleName); - return toResponse(result, Response.Status.NO_CONTENT); + return toResponse(result, Response.Status.NO_CONTENT, null); } /** From PolarisPrincipalsApiService */ @@ -534,7 +538,7 @@ public Response assignCatalogRoleToPrincipalRole( PrivilegeResult result = adminService.assignCatalogRoleToPrincipalRole( principalRoleName, catalogName, request.getCatalogRole().getName()); - return toResponse(result, Response.Status.CREATED); + return toResponse(result, Response.Status.CREATED, null); } /** From PolarisPrincipalRolesApiService */ @@ -554,7 +558,7 @@ public Response revokeCatalogRoleFromPrincipalRole( PrivilegeResult result = adminService.revokeCatalogRoleFromPrincipalRole( principalRoleName, catalogName, catalogRoleName); - return toResponse(result, Response.Status.NO_CONTENT); + return toResponse(result, Response.Status.NO_CONTENT, null); } /** From PolarisPrincipalRolesApiService */ @@ -590,6 +594,9 @@ public Response listCatalogRolesForPrincipalRole( return Response.ok(catalogRoles).build(); } + record AddGrantToCatalogRoleEntityWrapper(PolarisPrivilege polarisPrivilege, GrantResource grantResource) {} + record RevokeGrantFromCatalogRoleEntityWrapper(PolarisPrivilege polarisPrivilege, GrantResource grantResource, boolean cascade) {} + /** From PolarisCatalogsApiService */ @Override public Response addGrantToCatalogRole( @@ -605,13 +612,13 @@ public Response addGrantToCatalogRole( catalogName); PolarisAdminService adminService = newAdminService(realmContext, securityContext); PrivilegeResult result; + PolarisPrivilege privilege; switch (grantRequest.getGrant()) { // The per-securable-type Privilege enums must be exact String match for a subset of all // PolarisPrivilege values. case ViewGrant viewGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(viewGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(viewGrant.getPrivilege().toString()); String viewName = viewGrant.getViewName(); String[] namespaceParts = viewGrant.getNamespace().toArray(new String[0]); result = @@ -624,8 +631,7 @@ public Response addGrantToCatalogRole( } case TableGrant tableGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(tableGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(tableGrant.getPrivilege().toString()); String tableName = tableGrant.getTableName(); String[] namespaceParts = tableGrant.getNamespace().toArray(new String[0]); result = @@ -638,8 +644,7 @@ public Response addGrantToCatalogRole( } case NamespaceGrant namespaceGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(namespaceGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(namespaceGrant.getPrivilege().toString()); String[] namespaceParts = namespaceGrant.getNamespace().toArray(new String[0]); result = adminService.grantPrivilegeOnNamespaceToRole( @@ -648,16 +653,14 @@ public Response addGrantToCatalogRole( } case CatalogGrant catalogGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(catalogGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(catalogGrant.getPrivilege().toString()); result = adminService.grantPrivilegeOnCatalogToRole(catalogName, catalogRoleName, privilege); break; } case PolicyGrant policyGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(policyGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(policyGrant.getPrivilege().toString()); String policyName = policyGrant.getPolicyName(); String[] namespaceParts = policyGrant.getNamespace().toArray(new String[0]); result = @@ -676,7 +679,7 @@ public Response addGrantToCatalogRole( .log("Don't know how to handle privilege grant: {}", grantRequest); return Response.status(Response.Status.BAD_REQUEST).build(); } - return toResponse(result, Response.Status.CREATED); + return toResponse(result, Response.Status.CREATED, new AddGrantToCatalogRoleEntityWrapper(privilege, grantRequest.getGrant())); } /** From PolarisCatalogsApiService */ @@ -700,13 +703,13 @@ public Response revokeGrantFromCatalogRole( PolarisAdminService adminService = newAdminService(realmContext, securityContext); PrivilegeResult result; + PolarisPrivilege privilege; switch (grantRequest.getGrant()) { // The per-securable-type Privilege enums must be exact String match for a subset of all // PolarisPrivilege values. case ViewGrant viewGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(viewGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(viewGrant.getPrivilege().toString()); String viewName = viewGrant.getViewName(); String[] namespaceParts = viewGrant.getNamespace().toArray(new String[0]); result = @@ -719,8 +722,7 @@ public Response revokeGrantFromCatalogRole( } case TableGrant tableGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(tableGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(tableGrant.getPrivilege().toString()); String tableName = tableGrant.getTableName(); String[] namespaceParts = tableGrant.getNamespace().toArray(new String[0]); result = @@ -733,8 +735,7 @@ public Response revokeGrantFromCatalogRole( } case NamespaceGrant namespaceGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(namespaceGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(namespaceGrant.getPrivilege().toString()); String[] namespaceParts = namespaceGrant.getNamespace().toArray(new String[0]); result = adminService.revokePrivilegeOnNamespaceFromRole( @@ -743,8 +744,7 @@ public Response revokeGrantFromCatalogRole( } case CatalogGrant catalogGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(catalogGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(catalogGrant.getPrivilege().toString()); result = adminService.revokePrivilegeOnCatalogFromRole( catalogName, catalogRoleName, privilege); @@ -752,8 +752,7 @@ public Response revokeGrantFromCatalogRole( } case PolicyGrant policyGrant: { - PolarisPrivilege privilege = - PolarisPrivilege.valueOf(policyGrant.getPrivilege().toString()); + privilege = PolarisPrivilege.valueOf(policyGrant.getPrivilege().toString()); String policyName = policyGrant.getPolicyName(); String[] namespaceParts = policyGrant.getNamespace().toArray(new String[0]); result = @@ -772,7 +771,7 @@ public Response revokeGrantFromCatalogRole( .log("Don't know how to handle privilege revocation: {}", grantRequest); return Response.status(Response.Status.BAD_REQUEST).build(); } - return toResponse(result, Response.Status.CREATED); + return toResponse(result, Response.Status.CREATED, new RevokeGrantFromCatalogRoleEntityWrapper(privilege, grantRequest.getGrant(), cascade)); } /** From PolarisCatalogsApiService */ diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java b/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java new file mode 100644 index 0000000000..8bc5f7b913 --- /dev/null +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java @@ -0,0 +1,126 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.polaris.service.events; + +import org.apache.polaris.core.admin.model.AddGrantRequest; +import org.apache.polaris.core.admin.model.Catalog; +import org.apache.polaris.core.admin.model.CatalogRole; +import org.apache.polaris.core.admin.model.GrantResource; +import org.apache.polaris.core.admin.model.RevokeGrantRequest; +import org.apache.polaris.core.admin.model.UpdateCatalogRequest; +import org.apache.polaris.core.admin.model.UpdateCatalogRoleRequest; +import org.apache.polaris.core.entity.PolarisPrivilege; + +public class CatalogsServiceEvents { + public record BeforeCatalogCreatedEvent(String catalogName) implements PolarisEvent {} + public record AfterCatalogCreatedEvent(Catalog catalog) implements PolarisEvent {} + + public record BeforeCatalogDeletedEvent(String catalogName) implements PolarisEvent {} + public record AfterCatalogDeletedEvent(String catalogName) implements PolarisEvent {} + + public record BeforeCatalogGetEvent(String catalogName) implements PolarisEvent {} + public record AfterCatalogGetEvent(Catalog catalog) implements PolarisEvent {} + + public record BeforeCatalogUpdatedEvent(String catalogName, UpdateCatalogRequest updateRequest) implements PolarisEvent {} + public record AfterCatalogUpdatedEvent(Catalog catalog) implements PolarisEvent {} + + public record BeforeCatalogListEvent() implements PolarisEvent {} + public record AfterCatalogListEvent() implements PolarisEvent {} + + public record BeforeCatalogRoleCreateEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} + public record AfterCatalogRoleCreateEvent(String catalogName, CatalogRole catalogRole) implements PolarisEvent {} + + public record BeforeCatalogRoleDeleteEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} + public record AfterCatalogRoleDeleteEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} + + public record BeforeCatalogRoleGetEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} + public record AfterCatalogRoleGetEvent(String catalogName, CatalogRole catalogRole) implements PolarisEvent {} + + public record BeforeCatalogRoleUpdateEvent( + String catalogName, String catalogRoleName, UpdateCatalogRoleRequest updateRequest) + implements PolarisEvent {} + public record AfterCatalogRoleUpdateEvent(String catalogName, CatalogRole updatedCatalogRole) implements PolarisEvent {} + + public record BeforeCatalogRolesListEvent(String catalogName) implements PolarisEvent {} + public record AfterCatalogRolesListEvent(String catalogName) implements PolarisEvent {} + + /** + * Event fired before a grant is added to a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param grantRequest the grant request + */ + public record BeforeAddGrantToCatalogRoleEvent( + String catalogName, String catalogRoleName, AddGrantRequest grantRequest) + implements PolarisEvent {} + /** + * Event fired after a grant is added to a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param privilege the privilege granted + * @param grantResource the grant resource + */ + public record AfterAddGrantToCatalogRoleEvent( + String catalogName, + String catalogRoleName, + PolarisPrivilege privilege, + GrantResource grantResource) + implements PolarisEvent {} + + /** + * Event fired before a grant is revoked from a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param grantRequest the revoke grant request + * @param cascade whether the revoke is cascading + */ + public record BeforeRevokeGrantFromCatalogRoleEvent( + String catalogName, String catalogRoleName, RevokeGrantRequest grantRequest, Boolean cascade) + implements PolarisEvent {} + /** + * Event fired after a grant is revoked from a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param privilege the privilege revoked + * @param grantResource the revoke grant resource + * @param cascade whether to cascade the revocation + */ + public record AfterRevokeGrantFromCatalogRoleEvent( + String catalogName, + String catalogRoleName, + PolarisPrivilege privilege, + GrantResource grantResource, + Boolean cascade) + implements PolarisEvent {} + + public record BeforeListAssigneePrincipalRolesForCatalogRoleEvent( + String catalogName, String catalogRoleName) implements PolarisEvent {} + public record AfterListAssigneePrincipalRolesForCatalogRoleEvent( + String catalogName, String catalogRoleName) implements PolarisEvent {} + + public record BeforeListGrantsForCatalogRoleEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} + public record AfterListGrantsForCatalogRoleEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} +} diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java index 485766bb24..308158645d 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java @@ -55,4 +55,206 @@ public void onBeforeTaskAttempted(BeforeTaskAttemptedEvent event) {} /** {@link AfterTaskAttemptedEvent} */ public void onAfterTaskAttempted(AfterTaskAttemptedEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogCreatedEvent} */ + public void onBeforeCatalogCreated(CatalogsServiceEvents.BeforeCatalogCreatedEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogCreatedEvent} */ + public void onAfterCatalogCreated(CatalogsServiceEvents.AfterCatalogCreatedEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogDeletedEvent} */ + public void onBeforeCatalogDeleted(CatalogsServiceEvents.BeforeCatalogDeletedEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogDeletedEvent} */ + public void onAfterCatalogDeleted(CatalogsServiceEvents.AfterCatalogDeletedEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogGetEvent} */ + public void onBeforeCatalogGet(CatalogsServiceEvents.BeforeCatalogGetEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogGetEvent} */ + public void onAfterCatalogGet(CatalogsServiceEvents.AfterCatalogGetEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogUpdatedEvent} */ + public void onBeforeCatalogUpdated(CatalogsServiceEvents.BeforeCatalogUpdatedEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogUpdatedEvent} */ + public void onAfterCatalogUpdated(CatalogsServiceEvents.AfterCatalogUpdatedEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogListEvent} */ + public void onBeforeCatalogList(CatalogsServiceEvents.BeforeCatalogListEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogListEvent} */ + public void onAfterCatalogList(CatalogsServiceEvents.AfterCatalogListEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforePrincipalCreateEvent} */ + public void onBeforePrincipalCreate(PrincipalsServiceEvents.BeforePrincipalCreateEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterPrincipalCreateEvent} */ + public void onAfterPrincipalCreate(PrincipalsServiceEvents.AfterPrincipalCreateEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforePrincipalDeleteEvent} */ + public void onBeforePrincipalDelete(PrincipalsServiceEvents.BeforePrincipalDeleteEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterPrincipalDeleteEvent} */ + public void onAfterPrincipalDelete(PrincipalsServiceEvents.AfterPrincipalDeleteEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforePrincipalGetEvent} */ + public void onBeforePrincipalGet(PrincipalsServiceEvents.BeforePrincipalGetEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterPrincipalGetEvent} */ + public void onAfterPrincipalGet(PrincipalsServiceEvents.AfterPrincipalGetEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforePrincipalUpdateEvent} */ + public void onBeforePrincipalUpdate(PrincipalsServiceEvents.BeforePrincipalUpdateEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterPrincipalUpdateEvent} */ + public void onAfterPrincipalUpdate(PrincipalsServiceEvents.AfterPrincipalUpdateEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforeCredentialsRotateEvent} */ + public void onBeforeCredentialsRotate(PrincipalsServiceEvents.BeforeCredentialsRotateEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterCredentialsRotateEvent} */ + public void onAfterCredentialsRotate(PrincipalsServiceEvents.AfterCredentialsRotateEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforePrincipalsListEvent} */ + public void onBeforePrincipalsList(PrincipalsServiceEvents.BeforePrincipalsListEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterPrincipalsListEvent} */ + public void onAfterPrincipalsList(PrincipalsServiceEvents.AfterPrincipalsListEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent} */ + public void onBeforePrincipalRoleCreate(PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent} */ + public void onAfterPrincipalRoleCreate(PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent} */ + public void onBeforePrincipalRoleDelete(PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent} */ + public void onAfterPrincipalRoleDelete(PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent} */ + public void onBeforePrincipalRoleGet(PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent} */ + public void onAfterPrincipalRoleGet(PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent} */ + public void onBeforePrincipalRoleUpdate(PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent} */ + public void onAfterPrincipalRoleUpdate(PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent} */ + public void onBeforePrincipalRolesList(PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent} */ + public void onAfterPrincipalRolesList(PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogRoleCreateEvent} */ + public void onBeforeCatalogRoleCreate(CatalogsServiceEvents.BeforeCatalogRoleCreateEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogRoleCreateEvent} */ + public void onAfterCatalogRoleCreate(CatalogsServiceEvents.AfterCatalogRoleCreateEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogRoleDeleteEvent} */ + public void onBeforeCatalogRoleDelete(CatalogsServiceEvents.BeforeCatalogRoleDeleteEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogRoleDeleteEvent} */ + public void onAfterCatalogRoleDelete(CatalogsServiceEvents.AfterCatalogRoleDeleteEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogRoleGetEvent} */ + public void onBeforeCatalogRoleGet(CatalogsServiceEvents.BeforeCatalogRoleGetEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogRoleGetEvent} */ + public void onAfterCatalogRoleGet(CatalogsServiceEvents.AfterCatalogRoleGetEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogRoleUpdateEvent} */ + public void onBeforeCatalogRoleUpdate(CatalogsServiceEvents.BeforeCatalogRoleUpdateEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogRoleUpdateEvent} */ + public void onAfterCatalogRoleUpdate(CatalogsServiceEvents.AfterCatalogRoleUpdateEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeCatalogRolesListEvent} */ + public void onBeforeCatalogRolesList(CatalogsServiceEvents.BeforeCatalogRolesListEvent event) {} + + /** {@link CatalogsServiceEvents.AfterCatalogRolesListEvent} */ + public void onAfterCatalogRolesList(CatalogsServiceEvents.AfterCatalogRolesListEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent} */ + public void onBeforeAssignPrincipalRole(PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent} */ + public void onAfterAssignPrincipalRole(PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent} */ + public void onBeforeRevokePrincipalRole(PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent} */ + public void onAfterRevokePrincipalRole(PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent event) {} + + /** {@link PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent} */ + public void onBeforePrincipalRolesAssignedList(PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent event) {} + + /** {@link PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent} */ + public void onAfterPrincipalRolesAssignedList(PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent} */ + public void onBeforeCatalogRoleAssignToPrincipalRole( + PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent} */ + public void onAfterCatalogRoleAssignToPrincipalRole( + PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent} */ + public void onBeforeCatalogRoleRevokeFromPrincipalRole( + PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent} */ + public void onAfterCatalogRoleRevokeFromPrincipalRole( + PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent} */ + public void onBeforeListAssigneePrincipalsForPrincipalRole( + PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent} */ + public void onAfterListAssigneePrincipalsForPrincipalRole( + PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent} */ + public void onBeforeListCatalogRolesForPrincipalRole( + PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent event) {} + + /** {@link PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent} */ + public void onAfterListCatalogRolesForPrincipalRole( + PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent} */ + public void onBeforeAddGrantToCatalogRole(CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent} */ + public void onAfterAddGrantToCatalogRole(CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent} */ + public void onBeforeRevokeGrantFromCatalogRole(CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent} */ + public void onAfterRevokeGrantFromCatalogRole(CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent} */ + public void onBeforeListAssigneePrincipalRolesForCatalogRole( + CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent} */ + public void onAfterListAssigneePrincipalRolesForCatalogRole( + CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent} */ + public void onBeforeListGrantsForCatalogRole(CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent event) {} + + /** {@link CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent} */ + public void onAfterListGrantsForCatalogRole(CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent event) {} } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java new file mode 100644 index 0000000000..1bfc9eb3b4 --- /dev/null +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java @@ -0,0 +1,63 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.polaris.service.events; + +import org.apache.polaris.core.admin.model.CreatePrincipalRoleRequest; +import org.apache.polaris.core.admin.model.PrincipalRole; +import org.apache.polaris.core.admin.model.UpdatePrincipalRoleRequest; + +public class PrincipalRolesServiceEvents { + public record AfterPrincipalRoleCreateEvent(PrincipalRole principalRole) implements PolarisEvent {} + public record BeforePrincipalRoleCreateEvent(CreatePrincipalRoleRequest createPrincipalRoleRequest) + implements PolarisEvent {} + + public record AfterPrincipalRoleDeleteEvent(String principalRoleName) implements PolarisEvent {} + public record BeforePrincipalRoleDeleteEvent(String principalRoleName) implements PolarisEvent {} + + public record AfterPrincipalRoleGetEvent(PrincipalRole principalRole) implements PolarisEvent {} + public record BeforePrincipalRoleGetEvent(String principalRoleName) implements PolarisEvent {} + + public record AfterPrincipalRoleUpdateEvent(PrincipalRole updatedPrincipalRole) + implements PolarisEvent {} + public record BeforePrincipalRoleUpdateEvent( + String principalRoleName, UpdatePrincipalRoleRequest updateRequest) implements PolarisEvent {} + + public record AfterPrincipalRolesListEvent() implements PolarisEvent {} + public record BeforePrincipalRolesListEvent() implements PolarisEvent {} + + public record AfterCatalogRoleAssignToPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) implements PolarisEvent {} + public record BeforeCatalogRoleAssignToPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterCatalogRoleRevokeFromPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) implements PolarisEvent {} + public record BeforeCatalogRoleRevokeFromPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) implements PolarisEvent {} + + public record AfterListAssigneePrincipalsForPrincipalRoleEvent(String principalRoleName) implements PolarisEvent {} + public record BeforeListAssigneePrincipalsForPrincipalRoleEvent(String principalRoleName) implements PolarisEvent {} + + public record AfterListCatalogRolesForPrincipalRoleEvent( + String principalRoleName, String catalogName) implements PolarisEvent {} + public record BeforeListCatalogRolesForPrincipalRoleEvent( + String principalRoleName, String catalogName) implements PolarisEvent {} +} diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java new file mode 100644 index 0000000000..a0323df0df --- /dev/null +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java @@ -0,0 +1,54 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.polaris.service.events; + +import org.apache.polaris.core.admin.model.Principal; +import org.apache.polaris.core.admin.model.PrincipalRole; +import org.apache.polaris.core.admin.model.UpdatePrincipalRequest; + +public class PrincipalsServiceEvents { + public record AfterPrincipalCreateEvent(Principal principal) implements PolarisEvent {} + public record BeforePrincipalCreateEvent(String principalName) implements PolarisEvent {} + + public record AfterPrincipalDeleteEvent(String principalName) implements PolarisEvent {} + public record BeforePrincipalDeleteEvent(String principalName) implements PolarisEvent {} + + + public record AfterPrincipalGetEvent(Principal principal) implements PolarisEvent {} + public record BeforePrincipalGetEvent(String principalName) implements PolarisEvent {} + + public record AfterPrincipalUpdateEvent(Principal principal) implements PolarisEvent {} + public record BeforePrincipalUpdateEvent(String principalName, UpdatePrincipalRequest updatePrincipalRequest) implements PolarisEvent {} + + public record AfterCredentialsRotateEvent(Principal rotatedPrincipal) implements PolarisEvent {} + public record BeforeCredentialsRotateEvent(String principalName) implements PolarisEvent {} + + public record AfterPrincipalsListEvent() implements PolarisEvent {} + public record BeforePrincipalsListEvent() implements PolarisEvent {} + + public record AfterAssignPrincipalRoleEvent(String principalName, PrincipalRole principalRole) implements PolarisEvent {} + public record BeforeAssignPrincipalRoleEvent(String principalName, PrincipalRole principalRole) implements PolarisEvent {} + + public record AfterRevokePrincipalRoleEvent(String principalName, String principalRoleName) implements PolarisEvent {} + public record BeforeRevokePrincipalRoleEvent(String principalName, String principalRoleName) implements PolarisEvent {} + + public record AfterPrincipalRolesAssignedListEvent(String principalName) implements PolarisEvent {} + public record BeforePrincipalRolesAssignedListEvent(String principalName) implements PolarisEvent {} +} From 516c492e4a4d3da621068980a9006c7b5f409b60 Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Sat, 30 Aug 2025 23:21:22 -0700 Subject: [PATCH 2/8] spotlessapply --- .../PolarisCatalogsEventServiceDelegator.java | 134 +++++++---- ...isPrincipalRolesEventServiceDelegator.java | 91 +++++--- ...olarisPrincipalsEventServiceDelegator.java | 75 +++++-- .../service/admin/PolarisServiceImpl.java | 20 +- .../service/events/CatalogsServiceEvents.java | 210 ++++++++++-------- .../service/events/PolarisEventListener.java | 89 +++++--- .../events/PrincipalRolesServiceEvents.java | 87 +++++--- .../events/PrincipalsServiceEvents.java | 52 +++-- 8 files changed, 481 insertions(+), 277 deletions(-) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java index 93087ca440..5e91dde107 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java @@ -48,28 +48,35 @@ public class PolarisCatalogsEventServiceDelegator implements PolarisCatalogsApiS @Override public Response createCatalog( CreateCatalogRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogCreated(new CatalogsServiceEvents.BeforeCatalogCreatedEvent(request.getCatalog().getName())); + polarisEventListener.onBeforeCatalogCreated( + new CatalogsServiceEvents.BeforeCatalogCreatedEvent(request.getCatalog().getName())); Response resp = delegate.createCatalog(request, realmContext, securityContext); - polarisEventListener.onAfterCatalogCreated(new CatalogsServiceEvents.AfterCatalogCreatedEvent(resp.readEntity(Catalog.class))); - // If we are okay to start returning the catalog in the response, then we can simply return `resp`. + polarisEventListener.onAfterCatalogCreated( + new CatalogsServiceEvents.AfterCatalogCreatedEvent(resp.readEntity(Catalog.class))); + // If we are okay to start returning the catalog in the response, then we can simply return + // `resp`. return Response.status(Response.Status.CREATED).build(); } @Override public Response deleteCatalog( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogDeleted(new CatalogsServiceEvents.BeforeCatalogDeletedEvent(catalogName)); + polarisEventListener.onBeforeCatalogDeleted( + new CatalogsServiceEvents.BeforeCatalogDeletedEvent(catalogName)); Response resp = delegate.deleteCatalog(catalogName, realmContext, securityContext); - polarisEventListener.onAfterCatalogDeleted(new CatalogsServiceEvents.AfterCatalogDeletedEvent(catalogName)); + polarisEventListener.onAfterCatalogDeleted( + new CatalogsServiceEvents.AfterCatalogDeletedEvent(catalogName)); return resp; } @Override public Response getCatalog( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogGet(new CatalogsServiceEvents.BeforeCatalogGetEvent(catalogName)); + polarisEventListener.onBeforeCatalogGet( + new CatalogsServiceEvents.BeforeCatalogGetEvent(catalogName)); Response resp = delegate.getCatalog(catalogName, realmContext, securityContext); - polarisEventListener.onAfterCatalogGet(new CatalogsServiceEvents.AfterCatalogGetEvent(resp.readEntity(Catalog.class))); + polarisEventListener.onAfterCatalogGet( + new CatalogsServiceEvents.AfterCatalogGetEvent(resp.readEntity(Catalog.class))); return resp; } @@ -79,9 +86,12 @@ public Response updateCatalog( UpdateCatalogRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogUpdated(new CatalogsServiceEvents.BeforeCatalogUpdatedEvent(catalogName, updateRequest)); - Response resp = delegate.updateCatalog(catalogName, updateRequest, realmContext, securityContext); - polarisEventListener.onAfterCatalogUpdated(new CatalogsServiceEvents.AfterCatalogUpdatedEvent(resp.readEntity(Catalog.class))); + polarisEventListener.onBeforeCatalogUpdated( + new CatalogsServiceEvents.BeforeCatalogUpdatedEvent(catalogName, updateRequest)); + Response resp = + delegate.updateCatalog(catalogName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterCatalogUpdated( + new CatalogsServiceEvents.AfterCatalogUpdatedEvent(resp.readEntity(Catalog.class))); return resp; } @@ -99,9 +109,13 @@ public Response createCatalogRole( CreateCatalogRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogRoleCreate(new CatalogsServiceEvents.BeforeCatalogRoleCreateEvent(catalogName, request.getCatalogRole().getName())); + polarisEventListener.onBeforeCatalogRoleCreate( + new CatalogsServiceEvents.BeforeCatalogRoleCreateEvent( + catalogName, request.getCatalogRole().getName())); Response resp = delegate.createCatalogRole(catalogName, request, realmContext, securityContext); - polarisEventListener.onAfterCatalogRoleCreate(new CatalogsServiceEvents.AfterCatalogRoleCreateEvent(catalogName, resp.readEntity(CatalogRole.class))); + polarisEventListener.onAfterCatalogRoleCreate( + new CatalogsServiceEvents.AfterCatalogRoleCreateEvent( + catalogName, resp.readEntity(CatalogRole.class))); return resp; } @@ -111,9 +125,12 @@ public Response deleteCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogRoleDelete(new CatalogsServiceEvents.BeforeCatalogRoleDeleteEvent(catalogName, catalogRoleName)); - Response resp = delegate.deleteCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); - polarisEventListener.onAfterCatalogRoleDelete(new CatalogsServiceEvents.AfterCatalogRoleDeleteEvent( catalogName, catalogRoleName)); + polarisEventListener.onBeforeCatalogRoleDelete( + new CatalogsServiceEvents.BeforeCatalogRoleDeleteEvent(catalogName, catalogRoleName)); + Response resp = + delegate.deleteCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleDelete( + new CatalogsServiceEvents.AfterCatalogRoleDeleteEvent(catalogName, catalogRoleName)); return resp; } @@ -123,9 +140,13 @@ public Response getCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogRoleGet(new CatalogsServiceEvents.BeforeCatalogRoleGetEvent(catalogName, catalogRoleName)); - Response resp = delegate.getCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); - polarisEventListener.onAfterCatalogRoleGet(new CatalogsServiceEvents.AfterCatalogRoleGetEvent(catalogName, resp.readEntity(CatalogRole.class))); + polarisEventListener.onBeforeCatalogRoleGet( + new CatalogsServiceEvents.BeforeCatalogRoleGetEvent(catalogName, catalogRoleName)); + Response resp = + delegate.getCatalogRole(catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleGet( + new CatalogsServiceEvents.AfterCatalogRoleGetEvent( + catalogName, resp.readEntity(CatalogRole.class))); return resp; } @@ -136,10 +157,15 @@ public Response updateCatalogRole( UpdateCatalogRoleRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogRoleUpdate(new CatalogsServiceEvents.BeforeCatalogRoleUpdateEvent(catalogName, catalogRoleName, updateRequest)); - Response resp = delegate.updateCatalogRole( - catalogName, catalogRoleName, updateRequest, realmContext, securityContext); - polarisEventListener.onAfterCatalogRoleUpdate(new CatalogsServiceEvents.AfterCatalogRoleUpdateEvent(catalogName, resp.readEntity(CatalogRole.class))); + polarisEventListener.onBeforeCatalogRoleUpdate( + new CatalogsServiceEvents.BeforeCatalogRoleUpdateEvent( + catalogName, catalogRoleName, updateRequest)); + Response resp = + delegate.updateCatalogRole( + catalogName, catalogRoleName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleUpdate( + new CatalogsServiceEvents.AfterCatalogRoleUpdateEvent( + catalogName, resp.readEntity(CatalogRole.class))); return resp; } @@ -159,12 +185,21 @@ public Response addGrantToCatalogRole( AddGrantRequest grantRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeAddGrantToCatalogRole(new CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent( catalogName, catalogRoleName, grantRequest)); - Response resp = delegate.addGrantToCatalogRole( - catalogName, catalogRoleName, grantRequest, realmContext, securityContext); - PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper entityWrapper = resp.readEntity(PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper.class); + polarisEventListener.onBeforeAddGrantToCatalogRole( + new CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent( + catalogName, catalogRoleName, grantRequest)); + Response resp = + delegate.addGrantToCatalogRole( + catalogName, catalogRoleName, grantRequest, realmContext, securityContext); + PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper entityWrapper = + resp.readEntity(PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper.class); if (resp.getStatus() != Response.Status.BAD_REQUEST.getStatusCode()) { - polarisEventListener.onAfterAddGrantToCatalogRole(new CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent(catalogName, catalogRoleName, entityWrapper.polarisPrivilege(), entityWrapper.grantResource())); + polarisEventListener.onAfterAddGrantToCatalogRole( + new CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent( + catalogName, + catalogRoleName, + entityWrapper.polarisPrivilege(), + entityWrapper.grantResource())); } return resp; } @@ -177,11 +212,21 @@ public Response revokeGrantFromCatalogRole( RevokeGrantRequest grantRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeRevokeGrantFromCatalogRole(new CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent(catalogName, catalogRoleName, grantRequest, cascade)); - Response resp = delegate.revokeGrantFromCatalogRole( - catalogName, catalogRoleName, cascade, grantRequest, realmContext, securityContext); - PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper entityWrapper = resp.readEntity(PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper.class); - polarisEventListener.onAfterRevokeGrantFromCatalogRole(new CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent(catalogName, catalogRoleName, entityWrapper.polarisPrivilege(), entityWrapper.grantResource(), entityWrapper.cascade())); + polarisEventListener.onBeforeRevokeGrantFromCatalogRole( + new CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent( + catalogName, catalogRoleName, grantRequest, cascade)); + Response resp = + delegate.revokeGrantFromCatalogRole( + catalogName, catalogRoleName, cascade, grantRequest, realmContext, securityContext); + PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper entityWrapper = + resp.readEntity(PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper.class); + polarisEventListener.onAfterRevokeGrantFromCatalogRole( + new CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent( + catalogName, + catalogRoleName, + entityWrapper.polarisPrivilege(), + entityWrapper.grantResource(), + entityWrapper.cascade())); return resp; } @@ -191,10 +236,15 @@ public Response listAssigneePrincipalRolesForCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeListAssigneePrincipalRolesForCatalogRole(new CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent(catalogName, catalogRoleName)); - Response resp = delegate.listAssigneePrincipalRolesForCatalogRole( - catalogName, catalogRoleName, realmContext, securityContext); - polarisEventListener.onAfterListAssigneePrincipalRolesForCatalogRole(new CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent(catalogName, catalogRoleName)); + polarisEventListener.onBeforeListAssigneePrincipalRolesForCatalogRole( + new CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent( + catalogName, catalogRoleName)); + Response resp = + delegate.listAssigneePrincipalRolesForCatalogRole( + catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterListAssigneePrincipalRolesForCatalogRole( + new CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent( + catalogName, catalogRoleName)); return resp; } @@ -204,10 +254,14 @@ public Response listGrantsForCatalogRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeListGrantsForCatalogRole(new CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent( catalogName, catalogRoleName)); - Response resp = delegate.listGrantsForCatalogRole( - catalogName, catalogRoleName, realmContext, securityContext); - polarisEventListener.onAfterListGrantsForCatalogRole(new CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent( catalogName, catalogRoleName)); + polarisEventListener.onBeforeListGrantsForCatalogRole( + new CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent( + catalogName, catalogRoleName)); + Response resp = + delegate.listGrantsForCatalogRole( + catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterListGrantsForCatalogRole( + new CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent(catalogName, catalogRoleName)); return resp; } } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java index ed57b0985b..ec696e0c77 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java @@ -46,30 +46,37 @@ public Response createPrincipalRole( CreatePrincipalRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalRoleCreate(new PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent(request)); + polarisEventListener.onBeforePrincipalRoleCreate( + new PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent(request)); Response resp = delegate.createPrincipalRole(request, realmContext, securityContext); PrincipalRole principalRole = resp.readEntity(PrincipalRole.class); - polarisEventListener.onAfterPrincipalRoleCreate(new PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent(principalRole)); - // If we are okay to start returning the PrincipalRole in the response, then we can simply return `resp`. + polarisEventListener.onAfterPrincipalRoleCreate( + new PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent(principalRole)); + // If we are okay to start returning the PrincipalRole in the response, then we can simply + // return `resp`. return Response.status(Response.Status.CREATED).build(); } @Override public Response deletePrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalRoleDelete(new PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent(principalRoleName)); + polarisEventListener.onBeforePrincipalRoleDelete( + new PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent(principalRoleName)); Response resp = delegate.deletePrincipalRole(principalRoleName, realmContext, securityContext); - polarisEventListener.onAfterPrincipalRoleDelete(new PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent(principalRoleName)); + polarisEventListener.onAfterPrincipalRoleDelete( + new PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent(principalRoleName)); return resp; } @Override public Response getPrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalRoleGet(new PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent(principalRoleName)); + polarisEventListener.onBeforePrincipalRoleGet( + new PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent(principalRoleName)); Response resp = delegate.getPrincipalRole(principalRoleName, realmContext, securityContext); PrincipalRole principalRole = resp.readEntity(PrincipalRole.class); - polarisEventListener.onAfterPrincipalRoleGet(new PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent(principalRole)); + polarisEventListener.onAfterPrincipalRoleGet( + new PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent(principalRole)); return resp; } @@ -79,17 +86,25 @@ public Response updatePrincipalRole( UpdatePrincipalRoleRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalRoleUpdate(new PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent(principalRoleName, updateRequest)); - Response resp = delegate.updatePrincipalRole(principalRoleName, updateRequest, realmContext, securityContext); - polarisEventListener.onAfterPrincipalRoleUpdate(new PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent(resp.readEntity(PrincipalRole.class))); + polarisEventListener.onBeforePrincipalRoleUpdate( + new PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent( + principalRoleName, updateRequest)); + Response resp = + delegate.updatePrincipalRole( + principalRoleName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterPrincipalRoleUpdate( + new PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent( + resp.readEntity(PrincipalRole.class))); return resp; } @Override public Response listPrincipalRoles(RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalRolesList(new PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent()); + polarisEventListener.onBeforePrincipalRolesList( + new PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent()); Response resp = delegate.listPrincipalRoles(realmContext, securityContext); - polarisEventListener.onAfterPrincipalRolesList(new PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent()); + polarisEventListener.onAfterPrincipalRolesList( + new PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent()); return resp; } @@ -100,10 +115,15 @@ public Response assignCatalogRoleToPrincipalRole( GrantCatalogRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogRoleAssignToPrincipalRole(new PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent(principalRoleName, catalogName, request.getCatalogRole().getName())); - Response resp = delegate.assignCatalogRoleToPrincipalRole( - principalRoleName, catalogName, request, realmContext, securityContext); - polarisEventListener.onAfterCatalogRoleAssignToPrincipalRole(new PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent(principalRoleName, catalogName, request.getCatalogRole().getName())); + polarisEventListener.onBeforeCatalogRoleAssignToPrincipalRole( + new PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent( + principalRoleName, catalogName, request.getCatalogRole().getName())); + Response resp = + delegate.assignCatalogRoleToPrincipalRole( + principalRoleName, catalogName, request, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleAssignToPrincipalRole( + new PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent( + principalRoleName, catalogName, request.getCatalogRole().getName())); return resp; } @@ -114,20 +134,30 @@ public Response revokeCatalogRoleFromPrincipalRole( String catalogRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCatalogRoleRevokeFromPrincipalRole(new PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent(principalRoleName, catalogName, catalogRoleName)); - Response resp = delegate.revokeCatalogRoleFromPrincipalRole( - principalRoleName, catalogName, catalogRoleName, realmContext, securityContext); - polarisEventListener.onAfterCatalogRoleRevokeFromPrincipalRole(new PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent(principalRoleName, catalogName, catalogRoleName)); + polarisEventListener.onBeforeCatalogRoleRevokeFromPrincipalRole( + new PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent( + principalRoleName, catalogName, catalogRoleName)); + Response resp = + delegate.revokeCatalogRoleFromPrincipalRole( + principalRoleName, catalogName, catalogRoleName, realmContext, securityContext); + polarisEventListener.onAfterCatalogRoleRevokeFromPrincipalRole( + new PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent( + principalRoleName, catalogName, catalogRoleName)); return resp; } @Override public Response listAssigneePrincipalsForPrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeListAssigneePrincipalsForPrincipalRole(new PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent(principalRoleName)); - Response resp = delegate.listAssigneePrincipalsForPrincipalRole( - principalRoleName, realmContext, securityContext); - polarisEventListener.onAfterListAssigneePrincipalsForPrincipalRole(new PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent(principalRoleName)); + polarisEventListener.onBeforeListAssigneePrincipalsForPrincipalRole( + new PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent( + principalRoleName)); + Response resp = + delegate.listAssigneePrincipalsForPrincipalRole( + principalRoleName, realmContext, securityContext); + polarisEventListener.onAfterListAssigneePrincipalsForPrincipalRole( + new PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent( + principalRoleName)); return resp; } @@ -137,10 +167,15 @@ public Response listCatalogRolesForPrincipalRole( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeListCatalogRolesForPrincipalRole(new PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent(principalRoleName, catalogName)); - Response resp = delegate.listCatalogRolesForPrincipalRole( - principalRoleName, catalogName, realmContext, securityContext); - polarisEventListener.onAfterListCatalogRolesForPrincipalRole(new PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent(principalRoleName, catalogName)); + polarisEventListener.onBeforeListCatalogRolesForPrincipalRole( + new PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent( + principalRoleName, catalogName)); + Response resp = + delegate.listCatalogRolesForPrincipalRole( + principalRoleName, catalogName, realmContext, securityContext); + polarisEventListener.onAfterListCatalogRolesForPrincipalRole( + new PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent( + principalRoleName, catalogName)); return resp; } } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java index fe80ee4497..aa7f92e944 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java @@ -45,27 +45,33 @@ public class PolarisPrincipalsEventServiceDelegator implements PolarisPrincipals @Override public Response createPrincipal( CreatePrincipalRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalCreate(new PrincipalsServiceEvents.BeforePrincipalCreateEvent(request.getPrincipal().getName())); + polarisEventListener.onBeforePrincipalCreate( + new PrincipalsServiceEvents.BeforePrincipalCreateEvent(request.getPrincipal().getName())); Response resp = delegate.createPrincipal(request, realmContext, securityContext); - polarisEventListener.onAfterPrincipalCreate(new PrincipalsServiceEvents.AfterPrincipalCreateEvent(resp.readEntity(Principal.class))); + polarisEventListener.onAfterPrincipalCreate( + new PrincipalsServiceEvents.AfterPrincipalCreateEvent(resp.readEntity(Principal.class))); return resp; } @Override public Response deletePrincipal( String principalName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalDelete(new PrincipalsServiceEvents.BeforePrincipalDeleteEvent(principalName)); + polarisEventListener.onBeforePrincipalDelete( + new PrincipalsServiceEvents.BeforePrincipalDeleteEvent(principalName)); Response resp = delegate.deletePrincipal(principalName, realmContext, securityContext); - polarisEventListener.onAfterPrincipalDelete(new PrincipalsServiceEvents.AfterPrincipalDeleteEvent(principalName)); + polarisEventListener.onAfterPrincipalDelete( + new PrincipalsServiceEvents.AfterPrincipalDeleteEvent(principalName)); return resp; } @Override public Response getPrincipal( String principalName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalGet(new PrincipalsServiceEvents.BeforePrincipalGetEvent(principalName)); + polarisEventListener.onBeforePrincipalGet( + new PrincipalsServiceEvents.BeforePrincipalGetEvent(principalName)); Response resp = delegate.getPrincipal(principalName, realmContext, securityContext); - polarisEventListener.onAfterPrincipalGet(new PrincipalsServiceEvents.AfterPrincipalGetEvent(resp.readEntity(Principal.class))); + polarisEventListener.onAfterPrincipalGet( + new PrincipalsServiceEvents.AfterPrincipalGetEvent(resp.readEntity(Principal.class))); return resp; } @@ -75,27 +81,36 @@ public Response updatePrincipal( UpdatePrincipalRequest updateRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalUpdate(new PrincipalsServiceEvents.BeforePrincipalUpdateEvent(principalName, updateRequest)); - Response resp = delegate.updatePrincipal(principalName, updateRequest, realmContext, securityContext); - polarisEventListener.onAfterPrincipalUpdate(new PrincipalsServiceEvents.AfterPrincipalUpdateEvent(resp.readEntity(Principal.class))); + polarisEventListener.onBeforePrincipalUpdate( + new PrincipalsServiceEvents.BeforePrincipalUpdateEvent(principalName, updateRequest)); + Response resp = + delegate.updatePrincipal(principalName, updateRequest, realmContext, securityContext); + polarisEventListener.onAfterPrincipalUpdate( + new PrincipalsServiceEvents.AfterPrincipalUpdateEvent(resp.readEntity(Principal.class))); return resp; } @Override public Response rotateCredentials( String principalName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCredentialsRotate(new PrincipalsServiceEvents.BeforeCredentialsRotateEvent(principalName)); + polarisEventListener.onBeforeCredentialsRotate( + new PrincipalsServiceEvents.BeforeCredentialsRotateEvent(principalName)); Response resp = delegate.rotateCredentials(principalName, realmContext, securityContext); - PrincipalWithCredentials principalWithCredentials = resp.readEntity(PrincipalWithCredentials.class); - polarisEventListener.onAfterCredentialsRotate(new PrincipalsServiceEvents.AfterCredentialsRotateEvent(principalWithCredentials.getPrincipal())); + PrincipalWithCredentials principalWithCredentials = + resp.readEntity(PrincipalWithCredentials.class); + polarisEventListener.onAfterCredentialsRotate( + new PrincipalsServiceEvents.AfterCredentialsRotateEvent( + principalWithCredentials.getPrincipal())); return resp; } @Override public Response listPrincipals(RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalsList(new PrincipalsServiceEvents.BeforePrincipalsListEvent()); + polarisEventListener.onBeforePrincipalsList( + new PrincipalsServiceEvents.BeforePrincipalsListEvent()); Response resp = delegate.listPrincipals(realmContext, securityContext); - polarisEventListener.onAfterPrincipalsList(new PrincipalsServiceEvents.AfterPrincipalsListEvent()); + polarisEventListener.onAfterPrincipalsList( + new PrincipalsServiceEvents.AfterPrincipalsListEvent()); return resp; } @@ -105,9 +120,14 @@ public Response assignPrincipalRole( GrantPrincipalRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeAssignPrincipalRole(new PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent(principalName, request.getPrincipalRole())); - Response resp = delegate.assignPrincipalRole(principalName, request, realmContext, securityContext); - polarisEventListener.onAfterAssignPrincipalRole(new PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent(principalName, request.getPrincipalRole())); + polarisEventListener.onBeforeAssignPrincipalRole( + new PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent( + principalName, request.getPrincipalRole())); + Response resp = + delegate.assignPrincipalRole(principalName, request, realmContext, securityContext); + polarisEventListener.onAfterAssignPrincipalRole( + new PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent( + principalName, request.getPrincipalRole())); return resp; } @@ -117,18 +137,27 @@ public Response revokePrincipalRole( String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeRevokePrincipalRole(new PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent(principalName, principalRoleName)); - Response resp = delegate.revokePrincipalRole(principalName, principalRoleName, realmContext, securityContext); - polarisEventListener.onAfterRevokePrincipalRole(new PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent(principalName, principalRoleName)); + polarisEventListener.onBeforeRevokePrincipalRole( + new PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent( + principalName, principalRoleName)); + Response resp = + delegate.revokePrincipalRole( + principalName, principalRoleName, realmContext, securityContext); + polarisEventListener.onAfterRevokePrincipalRole( + new PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent( + principalName, principalRoleName)); return resp; } @Override public Response listPrincipalRolesAssigned( String principalName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforePrincipalRolesAssignedList(new PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent(principalName)); - Response resp = delegate.listPrincipalRolesAssigned(principalName, realmContext, securityContext); - polarisEventListener.onAfterPrincipalRolesAssignedList(new PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent(principalName)); + polarisEventListener.onBeforePrincipalRolesAssignedList( + new PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent(principalName)); + Response resp = + delegate.listPrincipalRolesAssigned(principalName, realmContext, securityContext); + polarisEventListener.onAfterPrincipalRolesAssignedList( + new PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent(principalName)); return resp; } } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java index 9cf6a10705..c9fbb687c5 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java @@ -141,7 +141,8 @@ private PolarisAdminService newAdminService( reservedProperties); } - private static Response toResponse(BaseResult result, Response.Status successStatus, Object entity) { + private static Response toResponse( + BaseResult result, Response.Status successStatus, Object entity) { if (!result.isSuccess()) { ErrorResponse icebergErrorResponse = ErrorResponse.builder() @@ -594,8 +595,11 @@ public Response listCatalogRolesForPrincipalRole( return Response.ok(catalogRoles).build(); } - record AddGrantToCatalogRoleEntityWrapper(PolarisPrivilege polarisPrivilege, GrantResource grantResource) {} - record RevokeGrantFromCatalogRoleEntityWrapper(PolarisPrivilege polarisPrivilege, GrantResource grantResource, boolean cascade) {} + record AddGrantToCatalogRoleEntityWrapper( + PolarisPrivilege polarisPrivilege, GrantResource grantResource) {} + + record RevokeGrantFromCatalogRoleEntityWrapper( + PolarisPrivilege polarisPrivilege, GrantResource grantResource, boolean cascade) {} /** From PolarisCatalogsApiService */ @Override @@ -679,7 +683,10 @@ public Response addGrantToCatalogRole( .log("Don't know how to handle privilege grant: {}", grantRequest); return Response.status(Response.Status.BAD_REQUEST).build(); } - return toResponse(result, Response.Status.CREATED, new AddGrantToCatalogRoleEntityWrapper(privilege, grantRequest.getGrant())); + return toResponse( + result, + Response.Status.CREATED, + new AddGrantToCatalogRoleEntityWrapper(privilege, grantRequest.getGrant())); } /** From PolarisCatalogsApiService */ @@ -771,7 +778,10 @@ public Response revokeGrantFromCatalogRole( .log("Don't know how to handle privilege revocation: {}", grantRequest); return Response.status(Response.Status.BAD_REQUEST).build(); } - return toResponse(result, Response.Status.CREATED, new RevokeGrantFromCatalogRoleEntityWrapper(privilege, grantRequest.getGrant(), cascade)); + return toResponse( + result, + Response.Status.CREATED, + new RevokeGrantFromCatalogRoleEntityWrapper(privilege, grantRequest.getGrant(), cascade)); } /** From PolarisCatalogsApiService */ diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java b/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java index 8bc5f7b913..f4b9cd4181 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/CatalogsServiceEvents.java @@ -29,98 +29,120 @@ import org.apache.polaris.core.entity.PolarisPrivilege; public class CatalogsServiceEvents { - public record BeforeCatalogCreatedEvent(String catalogName) implements PolarisEvent {} - public record AfterCatalogCreatedEvent(Catalog catalog) implements PolarisEvent {} - - public record BeforeCatalogDeletedEvent(String catalogName) implements PolarisEvent {} - public record AfterCatalogDeletedEvent(String catalogName) implements PolarisEvent {} - - public record BeforeCatalogGetEvent(String catalogName) implements PolarisEvent {} - public record AfterCatalogGetEvent(Catalog catalog) implements PolarisEvent {} - - public record BeforeCatalogUpdatedEvent(String catalogName, UpdateCatalogRequest updateRequest) implements PolarisEvent {} - public record AfterCatalogUpdatedEvent(Catalog catalog) implements PolarisEvent {} - - public record BeforeCatalogListEvent() implements PolarisEvent {} - public record AfterCatalogListEvent() implements PolarisEvent {} - - public record BeforeCatalogRoleCreateEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} - public record AfterCatalogRoleCreateEvent(String catalogName, CatalogRole catalogRole) implements PolarisEvent {} - - public record BeforeCatalogRoleDeleteEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} - public record AfterCatalogRoleDeleteEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} - - public record BeforeCatalogRoleGetEvent(String catalogName, String catalogRoleName) implements PolarisEvent {} - public record AfterCatalogRoleGetEvent(String catalogName, CatalogRole catalogRole) implements PolarisEvent {} - - public record BeforeCatalogRoleUpdateEvent( - String catalogName, String catalogRoleName, UpdateCatalogRoleRequest updateRequest) - implements PolarisEvent {} - public record AfterCatalogRoleUpdateEvent(String catalogName, CatalogRole updatedCatalogRole) implements PolarisEvent {} - - public record BeforeCatalogRolesListEvent(String catalogName) implements PolarisEvent {} - public record AfterCatalogRolesListEvent(String catalogName) implements PolarisEvent {} - - /** - * Event fired before a grant is added to a catalog role in Polaris. - * - * @param catalogName the name of the catalog - * @param catalogRoleName the name of the catalog role - * @param grantRequest the grant request - */ - public record BeforeAddGrantToCatalogRoleEvent( - String catalogName, String catalogRoleName, AddGrantRequest grantRequest) - implements PolarisEvent {} - /** - * Event fired after a grant is added to a catalog role in Polaris. - * - * @param catalogName the name of the catalog - * @param catalogRoleName the name of the catalog role - * @param privilege the privilege granted - * @param grantResource the grant resource - */ - public record AfterAddGrantToCatalogRoleEvent( - String catalogName, - String catalogRoleName, - PolarisPrivilege privilege, - GrantResource grantResource) - implements PolarisEvent {} - - /** - * Event fired before a grant is revoked from a catalog role in Polaris. - * - * @param catalogName the name of the catalog - * @param catalogRoleName the name of the catalog role - * @param grantRequest the revoke grant request - * @param cascade whether the revoke is cascading - */ - public record BeforeRevokeGrantFromCatalogRoleEvent( - String catalogName, String catalogRoleName, RevokeGrantRequest grantRequest, Boolean cascade) - implements PolarisEvent {} - /** - * Event fired after a grant is revoked from a catalog role in Polaris. - * - * @param catalogName the name of the catalog - * @param catalogRoleName the name of the catalog role - * @param privilege the privilege revoked - * @param grantResource the revoke grant resource - * @param cascade whether to cascade the revocation - */ - public record AfterRevokeGrantFromCatalogRoleEvent( - String catalogName, - String catalogRoleName, - PolarisPrivilege privilege, - GrantResource grantResource, - Boolean cascade) - implements PolarisEvent {} - - public record BeforeListAssigneePrincipalRolesForCatalogRoleEvent( - String catalogName, String catalogRoleName) implements PolarisEvent {} - public record AfterListAssigneePrincipalRolesForCatalogRoleEvent( - String catalogName, String catalogRoleName) implements PolarisEvent {} - - public record BeforeListGrantsForCatalogRoleEvent(String catalogName, String catalogRoleName) - implements PolarisEvent {} - public record AfterListGrantsForCatalogRoleEvent(String catalogName, String catalogRoleName) - implements PolarisEvent {} + public record BeforeCatalogCreatedEvent(String catalogName) implements PolarisEvent {} + + public record AfterCatalogCreatedEvent(Catalog catalog) implements PolarisEvent {} + + public record BeforeCatalogDeletedEvent(String catalogName) implements PolarisEvent {} + + public record AfterCatalogDeletedEvent(String catalogName) implements PolarisEvent {} + + public record BeforeCatalogGetEvent(String catalogName) implements PolarisEvent {} + + public record AfterCatalogGetEvent(Catalog catalog) implements PolarisEvent {} + + public record BeforeCatalogUpdatedEvent(String catalogName, UpdateCatalogRequest updateRequest) + implements PolarisEvent {} + + public record AfterCatalogUpdatedEvent(Catalog catalog) implements PolarisEvent {} + + public record BeforeCatalogListEvent() implements PolarisEvent {} + + public record AfterCatalogListEvent() implements PolarisEvent {} + + public record BeforeCatalogRoleCreateEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterCatalogRoleCreateEvent(String catalogName, CatalogRole catalogRole) + implements PolarisEvent {} + + public record BeforeCatalogRoleDeleteEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterCatalogRoleDeleteEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record BeforeCatalogRoleGetEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterCatalogRoleGetEvent(String catalogName, CatalogRole catalogRole) + implements PolarisEvent {} + + public record BeforeCatalogRoleUpdateEvent( + String catalogName, String catalogRoleName, UpdateCatalogRoleRequest updateRequest) + implements PolarisEvent {} + + public record AfterCatalogRoleUpdateEvent(String catalogName, CatalogRole updatedCatalogRole) + implements PolarisEvent {} + + public record BeforeCatalogRolesListEvent(String catalogName) implements PolarisEvent {} + + public record AfterCatalogRolesListEvent(String catalogName) implements PolarisEvent {} + + /** + * Event fired before a grant is added to a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param grantRequest the grant request + */ + public record BeforeAddGrantToCatalogRoleEvent( + String catalogName, String catalogRoleName, AddGrantRequest grantRequest) + implements PolarisEvent {} + + /** + * Event fired after a grant is added to a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param privilege the privilege granted + * @param grantResource the grant resource + */ + public record AfterAddGrantToCatalogRoleEvent( + String catalogName, + String catalogRoleName, + PolarisPrivilege privilege, + GrantResource grantResource) + implements PolarisEvent {} + + /** + * Event fired before a grant is revoked from a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param grantRequest the revoke grant request + * @param cascade whether the revoke is cascading + */ + public record BeforeRevokeGrantFromCatalogRoleEvent( + String catalogName, String catalogRoleName, RevokeGrantRequest grantRequest, Boolean cascade) + implements PolarisEvent {} + + /** + * Event fired after a grant is revoked from a catalog role in Polaris. + * + * @param catalogName the name of the catalog + * @param catalogRoleName the name of the catalog role + * @param privilege the privilege revoked + * @param grantResource the revoke grant resource + * @param cascade whether to cascade the revocation + */ + public record AfterRevokeGrantFromCatalogRoleEvent( + String catalogName, + String catalogRoleName, + PolarisPrivilege privilege, + GrantResource grantResource, + Boolean cascade) + implements PolarisEvent {} + + public record BeforeListAssigneePrincipalRolesForCatalogRoleEvent( + String catalogName, String catalogRoleName) implements PolarisEvent {} + + public record AfterListAssigneePrincipalRolesForCatalogRoleEvent( + String catalogName, String catalogRoleName) implements PolarisEvent {} + + public record BeforeListGrantsForCatalogRoleEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterListGrantsForCatalogRoleEvent(String catalogName, String catalogRoleName) + implements PolarisEvent {} } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java index 308158645d..fcd6427ed9 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java @@ -111,7 +111,8 @@ public void onBeforePrincipalUpdate(PrincipalsServiceEvents.BeforePrincipalUpdat public void onAfterPrincipalUpdate(PrincipalsServiceEvents.AfterPrincipalUpdateEvent event) {} /** {@link PrincipalsServiceEvents.BeforeCredentialsRotateEvent} */ - public void onBeforeCredentialsRotate(PrincipalsServiceEvents.BeforeCredentialsRotateEvent event) {} + public void onBeforeCredentialsRotate( + PrincipalsServiceEvents.BeforeCredentialsRotateEvent event) {} /** {@link PrincipalsServiceEvents.AfterCredentialsRotateEvent} */ public void onAfterCredentialsRotate(PrincipalsServiceEvents.AfterCredentialsRotateEvent event) {} @@ -123,34 +124,44 @@ public void onBeforePrincipalsList(PrincipalsServiceEvents.BeforePrincipalsListE public void onAfterPrincipalsList(PrincipalsServiceEvents.AfterPrincipalsListEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent} */ - public void onBeforePrincipalRoleCreate(PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent event) {} + public void onBeforePrincipalRoleCreate( + PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent} */ - public void onAfterPrincipalRoleCreate(PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent event) {} + public void onAfterPrincipalRoleCreate( + PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent} */ - public void onBeforePrincipalRoleDelete(PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent event) {} + public void onBeforePrincipalRoleDelete( + PrincipalRolesServiceEvents.BeforePrincipalRoleDeleteEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent} */ - public void onAfterPrincipalRoleDelete(PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent event) {} + public void onAfterPrincipalRoleDelete( + PrincipalRolesServiceEvents.AfterPrincipalRoleDeleteEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent} */ - public void onBeforePrincipalRoleGet(PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent event) {} + public void onBeforePrincipalRoleGet( + PrincipalRolesServiceEvents.BeforePrincipalRoleGetEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent} */ - public void onAfterPrincipalRoleGet(PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent event) {} + public void onAfterPrincipalRoleGet( + PrincipalRolesServiceEvents.AfterPrincipalRoleGetEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent} */ - public void onBeforePrincipalRoleUpdate(PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent event) {} + public void onBeforePrincipalRoleUpdate( + PrincipalRolesServiceEvents.BeforePrincipalRoleUpdateEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent} */ - public void onAfterPrincipalRoleUpdate(PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent event) {} + public void onAfterPrincipalRoleUpdate( + PrincipalRolesServiceEvents.AfterPrincipalRoleUpdateEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent} */ - public void onBeforePrincipalRolesList(PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent event) {} + public void onBeforePrincipalRolesList( + PrincipalRolesServiceEvents.BeforePrincipalRolesListEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent} */ - public void onAfterPrincipalRolesList(PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent event) {} + public void onAfterPrincipalRolesList( + PrincipalRolesServiceEvents.AfterPrincipalRolesListEvent event) {} /** {@link CatalogsServiceEvents.BeforeCatalogRoleCreateEvent} */ public void onBeforeCatalogRoleCreate(CatalogsServiceEvents.BeforeCatalogRoleCreateEvent event) {} @@ -183,78 +194,90 @@ public void onBeforeCatalogRolesList(CatalogsServiceEvents.BeforeCatalogRolesLis public void onAfterCatalogRolesList(CatalogsServiceEvents.AfterCatalogRolesListEvent event) {} /** {@link PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent} */ - public void onBeforeAssignPrincipalRole(PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent event) {} + public void onBeforeAssignPrincipalRole( + PrincipalsServiceEvents.BeforeAssignPrincipalRoleEvent event) {} /** {@link PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent} */ - public void onAfterAssignPrincipalRole(PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent event) {} + public void onAfterAssignPrincipalRole( + PrincipalsServiceEvents.AfterAssignPrincipalRoleEvent event) {} /** {@link PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent} */ - public void onBeforeRevokePrincipalRole(PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent event) {} + public void onBeforeRevokePrincipalRole( + PrincipalsServiceEvents.BeforeRevokePrincipalRoleEvent event) {} /** {@link PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent} */ - public void onAfterRevokePrincipalRole(PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent event) {} + public void onAfterRevokePrincipalRole( + PrincipalsServiceEvents.AfterRevokePrincipalRoleEvent event) {} /** {@link PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent} */ - public void onBeforePrincipalRolesAssignedList(PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent event) {} + public void onBeforePrincipalRolesAssignedList( + PrincipalsServiceEvents.BeforePrincipalRolesAssignedListEvent event) {} /** {@link PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent} */ - public void onAfterPrincipalRolesAssignedList(PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent event) {} + public void onAfterPrincipalRolesAssignedList( + PrincipalsServiceEvents.AfterPrincipalRolesAssignedListEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent} */ public void onBeforeCatalogRoleAssignToPrincipalRole( - PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.BeforeCatalogRoleAssignToPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent} */ public void onAfterCatalogRoleAssignToPrincipalRole( - PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.AfterCatalogRoleAssignToPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent} */ public void onBeforeCatalogRoleRevokeFromPrincipalRole( - PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.BeforeCatalogRoleRevokeFromPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent} */ public void onAfterCatalogRoleRevokeFromPrincipalRole( - PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.AfterCatalogRoleRevokeFromPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent} */ public void onBeforeListAssigneePrincipalsForPrincipalRole( - PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.BeforeListAssigneePrincipalsForPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent} */ public void onAfterListAssigneePrincipalsForPrincipalRole( - PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.AfterListAssigneePrincipalsForPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent} */ public void onBeforeListCatalogRolesForPrincipalRole( - PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.BeforeListCatalogRolesForPrincipalRoleEvent event) {} /** {@link PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent} */ public void onAfterListCatalogRolesForPrincipalRole( - PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent event) {} + PrincipalRolesServiceEvents.AfterListCatalogRolesForPrincipalRoleEvent event) {} /** {@link CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent} */ - public void onBeforeAddGrantToCatalogRole(CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent event) {} + public void onBeforeAddGrantToCatalogRole( + CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent} */ - public void onAfterAddGrantToCatalogRole(CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent event) {} + public void onAfterAddGrantToCatalogRole( + CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent} */ - public void onBeforeRevokeGrantFromCatalogRole(CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent event) {} + public void onBeforeRevokeGrantFromCatalogRole( + CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent} */ - public void onAfterRevokeGrantFromCatalogRole(CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent event) {} + public void onAfterRevokeGrantFromCatalogRole( + CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent} */ public void onBeforeListAssigneePrincipalRolesForCatalogRole( - CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent event) {} + CatalogsServiceEvents.BeforeListAssigneePrincipalRolesForCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent} */ public void onAfterListAssigneePrincipalRolesForCatalogRole( - CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent event) {} + CatalogsServiceEvents.AfterListAssigneePrincipalRolesForCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent} */ - public void onBeforeListGrantsForCatalogRole(CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent event) {} + public void onBeforeListGrantsForCatalogRole( + CatalogsServiceEvents.BeforeListGrantsForCatalogRoleEvent event) {} /** {@link CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent} */ - public void onAfterListGrantsForCatalogRole(CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent event) {} + public void onAfterListGrantsForCatalogRole( + CatalogsServiceEvents.AfterListGrantsForCatalogRoleEvent event) {} } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java index 1bfc9eb3b4..cc27db08de 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalRolesServiceEvents.java @@ -24,40 +24,55 @@ import org.apache.polaris.core.admin.model.UpdatePrincipalRoleRequest; public class PrincipalRolesServiceEvents { - public record AfterPrincipalRoleCreateEvent(PrincipalRole principalRole) implements PolarisEvent {} - public record BeforePrincipalRoleCreateEvent(CreatePrincipalRoleRequest createPrincipalRoleRequest) - implements PolarisEvent {} - - public record AfterPrincipalRoleDeleteEvent(String principalRoleName) implements PolarisEvent {} - public record BeforePrincipalRoleDeleteEvent(String principalRoleName) implements PolarisEvent {} - - public record AfterPrincipalRoleGetEvent(PrincipalRole principalRole) implements PolarisEvent {} - public record BeforePrincipalRoleGetEvent(String principalRoleName) implements PolarisEvent {} - - public record AfterPrincipalRoleUpdateEvent(PrincipalRole updatedPrincipalRole) - implements PolarisEvent {} - public record BeforePrincipalRoleUpdateEvent( - String principalRoleName, UpdatePrincipalRoleRequest updateRequest) implements PolarisEvent {} - - public record AfterPrincipalRolesListEvent() implements PolarisEvent {} - public record BeforePrincipalRolesListEvent() implements PolarisEvent {} - - public record AfterCatalogRoleAssignToPrincipalRoleEvent( - String principalRoleName, String catalogName, String catalogRoleName) implements PolarisEvent {} - public record BeforeCatalogRoleAssignToPrincipalRoleEvent( - String principalRoleName, String catalogName, String catalogRoleName) - implements PolarisEvent {} - - public record AfterCatalogRoleRevokeFromPrincipalRoleEvent( - String principalRoleName, String catalogName, String catalogRoleName) implements PolarisEvent {} - public record BeforeCatalogRoleRevokeFromPrincipalRoleEvent( - String principalRoleName, String catalogName, String catalogRoleName) implements PolarisEvent {} - - public record AfterListAssigneePrincipalsForPrincipalRoleEvent(String principalRoleName) implements PolarisEvent {} - public record BeforeListAssigneePrincipalsForPrincipalRoleEvent(String principalRoleName) implements PolarisEvent {} - - public record AfterListCatalogRolesForPrincipalRoleEvent( - String principalRoleName, String catalogName) implements PolarisEvent {} - public record BeforeListCatalogRolesForPrincipalRoleEvent( - String principalRoleName, String catalogName) implements PolarisEvent {} + public record AfterPrincipalRoleCreateEvent(PrincipalRole principalRole) + implements PolarisEvent {} + + public record BeforePrincipalRoleCreateEvent( + CreatePrincipalRoleRequest createPrincipalRoleRequest) implements PolarisEvent {} + + public record AfterPrincipalRoleDeleteEvent(String principalRoleName) implements PolarisEvent {} + + public record BeforePrincipalRoleDeleteEvent(String principalRoleName) implements PolarisEvent {} + + public record AfterPrincipalRoleGetEvent(PrincipalRole principalRole) implements PolarisEvent {} + + public record BeforePrincipalRoleGetEvent(String principalRoleName) implements PolarisEvent {} + + public record AfterPrincipalRoleUpdateEvent(PrincipalRole updatedPrincipalRole) + implements PolarisEvent {} + + public record BeforePrincipalRoleUpdateEvent( + String principalRoleName, UpdatePrincipalRoleRequest updateRequest) implements PolarisEvent {} + + public record AfterPrincipalRolesListEvent() implements PolarisEvent {} + + public record BeforePrincipalRolesListEvent() implements PolarisEvent {} + + public record AfterCatalogRoleAssignToPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record BeforeCatalogRoleAssignToPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterCatalogRoleRevokeFromPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record BeforeCatalogRoleRevokeFromPrincipalRoleEvent( + String principalRoleName, String catalogName, String catalogRoleName) + implements PolarisEvent {} + + public record AfterListAssigneePrincipalsForPrincipalRoleEvent(String principalRoleName) + implements PolarisEvent {} + + public record BeforeListAssigneePrincipalsForPrincipalRoleEvent(String principalRoleName) + implements PolarisEvent {} + + public record AfterListCatalogRolesForPrincipalRoleEvent( + String principalRoleName, String catalogName) implements PolarisEvent {} + + public record BeforeListCatalogRolesForPrincipalRoleEvent( + String principalRoleName, String catalogName) implements PolarisEvent {} } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java index a0323df0df..b580494d3c 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PrincipalsServiceEvents.java @@ -24,31 +24,47 @@ import org.apache.polaris.core.admin.model.UpdatePrincipalRequest; public class PrincipalsServiceEvents { - public record AfterPrincipalCreateEvent(Principal principal) implements PolarisEvent {} - public record BeforePrincipalCreateEvent(String principalName) implements PolarisEvent {} + public record AfterPrincipalCreateEvent(Principal principal) implements PolarisEvent {} - public record AfterPrincipalDeleteEvent(String principalName) implements PolarisEvent {} - public record BeforePrincipalDeleteEvent(String principalName) implements PolarisEvent {} + public record BeforePrincipalCreateEvent(String principalName) implements PolarisEvent {} + public record AfterPrincipalDeleteEvent(String principalName) implements PolarisEvent {} - public record AfterPrincipalGetEvent(Principal principal) implements PolarisEvent {} - public record BeforePrincipalGetEvent(String principalName) implements PolarisEvent {} + public record BeforePrincipalDeleteEvent(String principalName) implements PolarisEvent {} - public record AfterPrincipalUpdateEvent(Principal principal) implements PolarisEvent {} - public record BeforePrincipalUpdateEvent(String principalName, UpdatePrincipalRequest updatePrincipalRequest) implements PolarisEvent {} + public record AfterPrincipalGetEvent(Principal principal) implements PolarisEvent {} - public record AfterCredentialsRotateEvent(Principal rotatedPrincipal) implements PolarisEvent {} - public record BeforeCredentialsRotateEvent(String principalName) implements PolarisEvent {} + public record BeforePrincipalGetEvent(String principalName) implements PolarisEvent {} - public record AfterPrincipalsListEvent() implements PolarisEvent {} - public record BeforePrincipalsListEvent() implements PolarisEvent {} + public record AfterPrincipalUpdateEvent(Principal principal) implements PolarisEvent {} - public record AfterAssignPrincipalRoleEvent(String principalName, PrincipalRole principalRole) implements PolarisEvent {} - public record BeforeAssignPrincipalRoleEvent(String principalName, PrincipalRole principalRole) implements PolarisEvent {} + public record BeforePrincipalUpdateEvent( + String principalName, UpdatePrincipalRequest updatePrincipalRequest) + implements PolarisEvent {} - public record AfterRevokePrincipalRoleEvent(String principalName, String principalRoleName) implements PolarisEvent {} - public record BeforeRevokePrincipalRoleEvent(String principalName, String principalRoleName) implements PolarisEvent {} + public record AfterCredentialsRotateEvent(Principal rotatedPrincipal) implements PolarisEvent {} - public record AfterPrincipalRolesAssignedListEvent(String principalName) implements PolarisEvent {} - public record BeforePrincipalRolesAssignedListEvent(String principalName) implements PolarisEvent {} + public record BeforeCredentialsRotateEvent(String principalName) implements PolarisEvent {} + + public record AfterPrincipalsListEvent() implements PolarisEvent {} + + public record BeforePrincipalsListEvent() implements PolarisEvent {} + + public record AfterAssignPrincipalRoleEvent(String principalName, PrincipalRole principalRole) + implements PolarisEvent {} + + public record BeforeAssignPrincipalRoleEvent(String principalName, PrincipalRole principalRole) + implements PolarisEvent {} + + public record AfterRevokePrincipalRoleEvent(String principalName, String principalRoleName) + implements PolarisEvent {} + + public record BeforeRevokePrincipalRoleEvent(String principalName, String principalRoleName) + implements PolarisEvent {} + + public record AfterPrincipalRolesAssignedListEvent(String principalName) + implements PolarisEvent {} + + public record BeforePrincipalRolesAssignedListEvent(String principalName) + implements PolarisEvent {} } From a3c80e032b1421c7ef418330a254abc04b7dd2a9 Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Sun, 31 Aug 2025 00:03:57 -0700 Subject: [PATCH 3/8] fix bug --- .../service/admin/PolarisPrincipalsEventServiceDelegator.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java index aa7f92e944..4acf4ad9fe 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java @@ -49,7 +49,8 @@ public Response createPrincipal( new PrincipalsServiceEvents.BeforePrincipalCreateEvent(request.getPrincipal().getName())); Response resp = delegate.createPrincipal(request, realmContext, securityContext); polarisEventListener.onAfterPrincipalCreate( - new PrincipalsServiceEvents.AfterPrincipalCreateEvent(resp.readEntity(Principal.class))); + new PrincipalsServiceEvents.AfterPrincipalCreateEvent( + resp.readEntity(PrincipalWithCredentials.class).getPrincipal())); return resp; } From 668dd84da8a1d0be745abe92493d7baf5fbb280f Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Sun, 31 Aug 2025 00:44:58 -0700 Subject: [PATCH 4/8] fix bug --- .../service/admin/PolarisCatalogsEventServiceDelegator.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java index 5e91dde107..45a2ad82ed 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java @@ -200,6 +200,8 @@ public Response addGrantToCatalogRole( catalogRoleName, entityWrapper.polarisPrivilege(), entityWrapper.grantResource())); + // Don't return back the custom entity + return Response.status(Response.Status.CREATED).build(); } return resp; } From ba7e0275543816060eb6dfe55753b084baffa02c Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Tue, 2 Sep 2025 23:10:53 -0700 Subject: [PATCH 5/8] spotlessapply --- .../PolarisPrincipalRolesEventServiceDelegator.java | 3 ++- .../PolarisPrincipalsEventServiceDelegator.java | 12 ++++++++---- .../polaris/service/events/PolarisEventListener.java | 1 - 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java index 492e87419c..197d80013e 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java @@ -50,7 +50,8 @@ public Response createPrincipalRole( new PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent(request)); Response resp = delegate.createPrincipalRole(request, realmContext, securityContext); polarisEventListener.onAfterPrincipalRoleCreate( - new PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent((PrincipalRole) resp.getEntity())); + new PrincipalRolesServiceEvents.AfterPrincipalRoleCreateEvent( + (PrincipalRole) resp.getEntity())); // If we are okay to start returning the PrincipalRole in the response, then we can simply // return `resp`. return Response.status(Response.Status.CREATED).build(); diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java index 1dee6c73cc..f7a621382b 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java @@ -61,10 +61,14 @@ public Response resetCredentials( ResetPrincipalRequest resetPrincipalRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCredentialsReset(new PrincipalsServiceEvents.BeforeCredentialsResetEvent(principalName)); - Response resp = delegate.resetCredentials( - principalName, resetPrincipalRequest, realmContext, securityContext); - polarisEventListener.onAfterCredentialsReset(new PrincipalsServiceEvents.AfterCredentialsResetEvent(((PrincipalWithCredentials) resp.getEntity()).getPrincipal())); + polarisEventListener.onBeforeCredentialsReset( + new PrincipalsServiceEvents.BeforeCredentialsResetEvent(principalName)); + Response resp = + delegate.resetCredentials( + principalName, resetPrincipalRequest, realmContext, securityContext); + polarisEventListener.onAfterCredentialsReset( + new PrincipalsServiceEvents.AfterCredentialsResetEvent( + ((PrincipalWithCredentials) resp.getEntity()).getPrincipal())); return resp; } diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java b/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java index 94afb83c87..a20ff540d8 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/PolarisEventListener.java @@ -129,7 +129,6 @@ public void onBeforeCredentialsReset(PrincipalsServiceEvents.BeforeCredentialsRe /** {@link PrincipalsServiceEvents.AfterCredentialsResetEvent} */ public void onAfterCredentialsReset(PrincipalsServiceEvents.AfterCredentialsResetEvent event) {} - /** {@link PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent} */ public void onBeforePrincipalRoleCreate( PrincipalRolesServiceEvents.BeforePrincipalRoleCreateEvent event) {} From 99a8bf17717bd9ff8a42cd1278cec11628f5c1bf Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Fri, 5 Sep 2025 13:50:23 -0700 Subject: [PATCH 6/8] changes based on comments from @adutra --- .../PolarisCatalogsEventServiceDelegator.java | 67 ++++--------------- ...isPrincipalRolesEventServiceDelegator.java | 13 +--- ...olarisPrincipalsEventServiceDelegator.java | 2 +- .../service/admin/PolarisServiceImpl.java | 37 +++------- 4 files changed, 28 insertions(+), 91 deletions(-) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java index e294a88208..f84cafa043 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisCatalogsEventServiceDelegator.java @@ -48,14 +48,8 @@ public class PolarisCatalogsEventServiceDelegator implements PolarisCatalogsApiS @Override public Response createCatalog( CreateCatalogRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCreateCatalog( - new CatalogsServiceEvents.BeforeCreateCatalogEvent(request.getCatalog().getName())); - Response resp = delegate.createCatalog(request, realmContext, securityContext); - polarisEventListener.onAfterCreateCatalog( - new CatalogsServiceEvents.AfterCreateCatalogEvent((Catalog) resp.getEntity())); - // If we are okay to start returning the catalog in the response, then we can simply return - // `resp`. - return Response.status(Response.Status.CREATED).build(); + // TODO: After changing the API response, we should change this to emit the corresponding event. + return delegate.createCatalog(request, realmContext, securityContext); } @Override @@ -109,14 +103,8 @@ public Response createCatalogRole( CreateCatalogRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCreateCatalogRole( - new CatalogsServiceEvents.BeforeCreateCatalogRoleEvent( - catalogName, request.getCatalogRole().getName())); - Response resp = delegate.createCatalogRole(catalogName, request, realmContext, securityContext); - polarisEventListener.onAfterCreateCatalogRole( - new CatalogsServiceEvents.AfterCreateCatalogRoleEvent( - catalogName, (CatalogRole) resp.getEntity())); - return resp; + // TODO: After changing the API response, we should change this to emit the corresponding event. + return delegate.createCatalogRole(catalogName, request, realmContext, securityContext); } @Override @@ -172,9 +160,11 @@ public Response updateCatalogRole( @Override public Response listCatalogRoles( String catalogName, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onAfterListCatalogRoles(new CatalogsServiceEvents.AfterListCatalogRolesEvent(catalogName)); + polarisEventListener.onAfterListCatalogRoles( + new CatalogsServiceEvents.AfterListCatalogRolesEvent(catalogName)); Response resp = delegate.listCatalogRoles(catalogName, realmContext, securityContext); - polarisEventListener.onBeforeListCatalogRoles(new CatalogsServiceEvents.BeforeListCatalogRolesEvent(catalogName)); + polarisEventListener.onBeforeListCatalogRoles( + new CatalogsServiceEvents.BeforeListCatalogRolesEvent(catalogName)); return resp; } @@ -185,25 +175,9 @@ public Response addGrantToCatalogRole( AddGrantRequest grantRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeAddGrantToCatalogRole( - new CatalogsServiceEvents.BeforeAddGrantToCatalogRoleEvent( - catalogName, catalogRoleName, grantRequest)); - Response resp = - delegate.addGrantToCatalogRole( - catalogName, catalogRoleName, grantRequest, realmContext, securityContext); - PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper entityWrapper = - (PolarisServiceImpl.AddGrantToCatalogRoleEntityWrapper) resp.getEntity(); - if (resp.getStatus() != Response.Status.BAD_REQUEST.getStatusCode()) { - polarisEventListener.onAfterAddGrantToCatalogRole( - new CatalogsServiceEvents.AfterAddGrantToCatalogRoleEvent( - catalogName, - catalogRoleName, - entityWrapper.polarisPrivilege(), - entityWrapper.grantResource())); - // Don't return back the custom entity - return Response.status(Response.Status.CREATED).build(); - } - return resp; + // TODO: After changing the API response, we should change this to emit the corresponding event. + return delegate.addGrantToCatalogRole( + catalogName, catalogRoleName, grantRequest, realmContext, securityContext); } @Override @@ -214,22 +188,9 @@ public Response revokeGrantFromCatalogRole( RevokeGrantRequest grantRequest, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeRevokeGrantFromCatalogRole( - new CatalogsServiceEvents.BeforeRevokeGrantFromCatalogRoleEvent( - catalogName, catalogRoleName, grantRequest, cascade)); - Response resp = - delegate.revokeGrantFromCatalogRole( - catalogName, catalogRoleName, cascade, grantRequest, realmContext, securityContext); - PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper entityWrapper = - (PolarisServiceImpl.RevokeGrantFromCatalogRoleEntityWrapper) resp.getEntity(); - polarisEventListener.onAfterRevokeGrantFromCatalogRole( - new CatalogsServiceEvents.AfterRevokeGrantFromCatalogRoleEvent( - catalogName, - catalogRoleName, - entityWrapper.polarisPrivilege(), - entityWrapper.grantResource(), - entityWrapper.cascade())); - return resp; + // TODO: After changing the API response, we should change this to emit the corresponding event. + return delegate.revokeGrantFromCatalogRole( + catalogName, catalogRoleName, cascade, grantRequest, realmContext, securityContext); } @Override diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java index 25efd237fc..5691a489c0 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalRolesEventServiceDelegator.java @@ -31,8 +31,8 @@ import org.apache.polaris.core.admin.model.UpdatePrincipalRoleRequest; import org.apache.polaris.core.context.RealmContext; import org.apache.polaris.service.admin.api.PolarisPrincipalRolesApiService; -import org.apache.polaris.service.events.listeners.PolarisEventListener; import org.apache.polaris.service.events.PrincipalRolesServiceEvents; +import org.apache.polaris.service.events.listeners.PolarisEventListener; @Decorator @Priority(1000) @@ -46,15 +46,8 @@ public Response createPrincipalRole( CreatePrincipalRoleRequest request, RealmContext realmContext, SecurityContext securityContext) { - polarisEventListener.onBeforeCreatePrincipalRole( - new PrincipalRolesServiceEvents.BeforeCreatePrincipalRoleEvent(request)); - Response resp = delegate.createPrincipalRole(request, realmContext, securityContext); - polarisEventListener.onAfterCreatePrincipalRole( - new PrincipalRolesServiceEvents.AfterCreatePrincipalRoleEvent( - (PrincipalRole) resp.getEntity())); - // If we are okay to start returning the PrincipalRole in the response, then we can simply - // return `resp`. - return Response.status(Response.Status.CREATED).build(); + // TODO: After changing the API response, we should change this to emit the corresponding event. + return delegate.createPrincipalRole(request, realmContext, securityContext); } @Override diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java index 6ae0c7956d..fbef82a453 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisPrincipalsEventServiceDelegator.java @@ -33,8 +33,8 @@ import org.apache.polaris.core.admin.model.UpdatePrincipalRequest; import org.apache.polaris.core.context.RealmContext; import org.apache.polaris.service.admin.api.PolarisPrincipalsApiService; -import org.apache.polaris.service.events.listeners.PolarisEventListener; import org.apache.polaris.service.events.PrincipalsServiceEvents; +import org.apache.polaris.service.events.listeners.PolarisEventListener; @Decorator @Priority(1000) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java index 5cc95b1fdf..7f4ab0e84d 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java @@ -86,7 +86,6 @@ import org.apache.polaris.service.admin.api.PolarisPrincipalRolesApiService; import org.apache.polaris.service.admin.api.PolarisPrincipalsApiService; import org.apache.polaris.service.config.ReservedProperties; -import org.apache.polaris.service.events.listeners.PolarisEventListener; import org.apache.polaris.service.types.PolicyIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -148,8 +147,7 @@ private PolarisAdminService newAdminService( reservedProperties); } - private static Response toResponse( - BaseResult result, Response.Status successStatus, Object entity) { + private static Response toResponse(BaseResult result, Response.Status successStatus) { if (!result.isSuccess()) { ErrorResponse icebergErrorResponse = ErrorResponse.builder() @@ -163,9 +161,6 @@ private static Response toResponse( .build(); } Response.ResponseBuilder responseBuilder = Response.status(successStatus); - if (entity != null) { - responseBuilder.entity(entity); - } return responseBuilder.build(); } @@ -179,7 +174,7 @@ public Response createCatalog( validateExternalCatalog(catalog); Catalog newCatalog = CatalogEntity.of(adminService.createCatalog(request)).asCatalog(); LOGGER.info("Created new catalog {}", newCatalog); - return Response.status(Response.Status.CREATED).entity(newCatalog).build(); + return Response.status(Response.Status.CREATED).build(); } private void validateClientId(String clientId) { @@ -403,7 +398,7 @@ public Response createPrincipalRole( PrincipalRole newPrincipalRole = new PrincipalRoleEntity(adminService.createPrincipalRole(entity)).asPrincipalRole(); LOGGER.info("Created new principalRole {}", newPrincipalRole); - return Response.status(Response.Status.CREATED).entity(newPrincipalRole).build(); + return Response.status(Response.Status.CREATED).build(); } /** From PolarisPrincipalRolesApiService */ @@ -464,7 +459,7 @@ public Response createCatalogRole( CatalogRole newCatalogRole = new CatalogRoleEntity(adminService.createCatalogRole(catalogName, entity)).asCatalogRole(); LOGGER.info("Created new catalogRole {}", newCatalogRole); - return Response.status(Response.Status.CREATED).entity(newCatalogRole).build(); + return Response.status(Response.Status.CREATED).build(); } /** From PolarisCatalogsApiService */ @@ -532,7 +527,7 @@ public Response assignPrincipalRole( PolarisAdminService adminService = newAdminService(realmContext, securityContext); PrivilegeResult result = adminService.assignPrincipalRole(principalName, request.getPrincipalRole().getName()); - return toResponse(result, Response.Status.CREATED, null); + return toResponse(result, Response.Status.CREATED); } /** From PolarisPrincipalsApiService */ @@ -545,7 +540,7 @@ public Response revokePrincipalRole( LOGGER.info("Revoking principalRole {} from principal {}", principalRoleName, principalName); PolarisAdminService adminService = newAdminService(realmContext, securityContext); PrivilegeResult result = adminService.revokePrincipalRole(principalName, principalRoleName); - return toResponse(result, Response.Status.NO_CONTENT, null); + return toResponse(result, Response.Status.NO_CONTENT); } /** From PolarisPrincipalsApiService */ @@ -580,7 +575,7 @@ public Response assignCatalogRoleToPrincipalRole( PrivilegeResult result = adminService.assignCatalogRoleToPrincipalRole( principalRoleName, catalogName, request.getCatalogRole().getName()); - return toResponse(result, Response.Status.CREATED, null); + return toResponse(result, Response.Status.CREATED); } /** From PolarisPrincipalRolesApiService */ @@ -600,7 +595,7 @@ public Response revokeCatalogRoleFromPrincipalRole( PrivilegeResult result = adminService.revokeCatalogRoleFromPrincipalRole( principalRoleName, catalogName, catalogRoleName); - return toResponse(result, Response.Status.NO_CONTENT, null); + return toResponse(result, Response.Status.NO_CONTENT); } /** From PolarisPrincipalRolesApiService */ @@ -636,12 +631,6 @@ public Response listCatalogRolesForPrincipalRole( return Response.ok(catalogRoles).build(); } - record AddGrantToCatalogRoleEntityWrapper( - PolarisPrivilege polarisPrivilege, GrantResource grantResource) {} - - record RevokeGrantFromCatalogRoleEntityWrapper( - PolarisPrivilege polarisPrivilege, GrantResource grantResource, boolean cascade) {} - /** From PolarisCatalogsApiService */ @Override public Response addGrantToCatalogRole( @@ -724,10 +713,7 @@ public Response addGrantToCatalogRole( .log("Don't know how to handle privilege grant: {}", grantRequest); return Response.status(Response.Status.BAD_REQUEST).build(); } - return toResponse( - result, - Response.Status.CREATED, - new AddGrantToCatalogRoleEntityWrapper(privilege, grantRequest.getGrant())); + return toResponse(result, Response.Status.CREATED); } /** From PolarisCatalogsApiService */ @@ -819,10 +805,7 @@ public Response revokeGrantFromCatalogRole( .log("Don't know how to handle privilege revocation: {}", grantRequest); return Response.status(Response.Status.BAD_REQUEST).build(); } - return toResponse( - result, - Response.Status.CREATED, - new RevokeGrantFromCatalogRoleEntityWrapper(privilege, grantRequest.getGrant(), cascade)); + return toResponse(result, Response.Status.CREATED); } /** From PolarisCatalogsApiService */ From 1539ef8b1f47e92dee136a39e518faee26966eac Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Wed, 17 Sep 2025 15:32:59 -0700 Subject: [PATCH 7/8] spotlessapply --- .../service/events/listeners/PolarisEventListener.java | 8 ++++---- .../events/listeners/PolarisPersistenceEventListener.java | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisEventListener.java b/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisEventListener.java index 9a3e1d7d7b..4ad7e642fd 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisEventListener.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisEventListener.java @@ -18,15 +18,15 @@ */ package org.apache.polaris.service.events.listeners; +import org.apache.polaris.service.events.AfterAttemptTaskEvent; +import org.apache.polaris.service.events.BeforeAttemptTaskEvent; +import org.apache.polaris.service.events.BeforeLimitRequestRateEvent; import org.apache.polaris.service.events.CatalogGenericTableServiceEvents; import org.apache.polaris.service.events.CatalogPolicyServiceEvents; import org.apache.polaris.service.events.CatalogsServiceEvents; +import org.apache.polaris.service.events.IcebergRestCatalogEvents; import org.apache.polaris.service.events.PrincipalRolesServiceEvents; import org.apache.polaris.service.events.PrincipalsServiceEvents; -import org.apache.polaris.service.events.AfterAttemptTaskEvent; -import org.apache.polaris.service.events.BeforeAttemptTaskEvent; -import org.apache.polaris.service.events.BeforeLimitRequestRateEvent; -import org.apache.polaris.service.events.IcebergRestCatalogEvents; /** * Represents an event listener that can respond to notable moments during Polaris's execution. diff --git a/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisPersistenceEventListener.java b/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisPersistenceEventListener.java index 154ad8fb02..52d090ef1e 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisPersistenceEventListener.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/events/listeners/PolarisPersistenceEventListener.java @@ -25,10 +25,10 @@ import org.apache.iceberg.TableMetadataParser; import org.apache.iceberg.catalog.TableIdentifier; import org.apache.polaris.core.entity.PolarisEvent; -import org.apache.polaris.service.events.CatalogsServiceEvents; import org.apache.polaris.service.events.AfterAttemptTaskEvent; import org.apache.polaris.service.events.BeforeAttemptTaskEvent; import org.apache.polaris.service.events.BeforeLimitRequestRateEvent; +import org.apache.polaris.service.events.CatalogsServiceEvents; import org.apache.polaris.service.events.IcebergRestCatalogEvents; public abstract class PolarisPersistenceEventListener extends PolarisEventListener { From 2df5607b2a519bfcae350b59ac53fdf0af147559 Mon Sep 17 00:00:00 2001 From: adnanhemani Date: Thu, 18 Sep 2025 19:06:19 -0700 Subject: [PATCH 8/8] revert code change --- .../org/apache/polaris/service/admin/PolarisServiceImpl.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java index bc9db65b32..81df76ada4 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java @@ -114,8 +114,7 @@ private static Response toResponse(BaseResult result, Response.Status successSta .entity(icebergErrorResponse) .build(); } - Response.ResponseBuilder responseBuilder = Response.status(successStatus); - return responseBuilder.build(); + return Response.status(successStatus).build(); } /** From PolarisCatalogsApiService */