Re: [PR] Refactor PinotSchemaRestletResource for repetitive code pattern [pinot]

Tue, 23 Jul 2024 08:06:43 -0700 


shounakmk219 commented on code in PR #13680:
URL: https://github.com/apache/pinot/pull/13680#discussion_r1688229164


##########
pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotSchemaRestletResource.java:
##########
@@ -539,4 +528,27 @@ private void deleteSchemaInternal(String schemaName) {
           Response.Status.INTERNAL_SERVER_ERROR);
     }
   }
+
+  /**
+   * Validates the permission and access for a given schema based on the 
request and HTTP headers.
+   * This method checks if the current user has the necessary permissions to 
perform an action on the specified schema.
+   * It utilizes the {@link AccessControl} mechanism to determine access rights
+   * and throws a {@link ControllerApplicationException} with a {@link 
Response.Status#FORBIDDEN} status
+   * if the access is denied.
+   *
+   * @param schemaName The name of the schema for which the permission and 
access are being checked.
+   * @param request The {@link Request} object containing information about 
the current request,
+   *                used to extract the endpoint URL.
+   * @param httpHeaders The {@link HttpHeaders} associated with the request,
+   *                    used for authorization and other header-based access 
control checks.
+   * @throws ControllerApplicationException if the user does not have the 
required permissions or access.
+   */
+  private void checkPermissionAndAccess(String schemaName, Request request, 
HttpHeaders httpHeaders) {
+    String endpointUrl = request.getRequestURL().toString();
+    AccessControl accessControl = _accessControlFactory.create();
+    AccessControlUtils.validatePermission(schemaName, AccessType.CREATE, 
httpHeaders, endpointUrl, accessControl);

Review Comment:
   You may need to accept the access type as well as different endpoints have 
different access type to validate



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org

Reply via email to