laserninja commented on PR #10675: URL: https://github.com/apache/gravitino/pull/10675#issuecomment-4277620153
Thanks @FANNG1 @bharos for the thorough feedback, both points are valid. **Atomicity**: I agree that best-effort semantics through `TableOperations.commit()` isn't sufficient for `commitTransaction`. True atomicity requires batching the pointer-swap CAS updates in the backing store's own transaction, which is catalog-backend-specific and warrants a proper design. **Security**: Yes, the current implementation is missing per-table authorization checks within the transaction. Each `TableChange` should be validated against the same table-level permissions as `updateTable`. I can put together a design doc covering the atomicity approach (backend-specific batched CAS), per-table authorization, and error/rollback semantics. Happy to close this PR in the meantime and reopen once the design is agreed upon. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
