rdblue commented on code in PR #13879:
URL: https://github.com/apache/iceberg/pull/13879#discussion_r2294423286
##########
open-api/rest-catalog-open-api.yaml:
##########
@@ -3260,25 +3260,25 @@ components:
additionalProperties:
type: string
- FineGrainedDataProtectionRules:
+ ReadRestrictions:
type: object
description: >
- Fine-grained data protection rules for a table as result of fine
grained policy evaluation at the catalog end based on the clients access rights.
-
- The client SHOULD use these rules to enforce fine-grained data
protection like column and row level access when reading data from the table.
+ Read Restrictions for a table including projection and row filter
expressions.
+ The client MUST enforce these rules to read data from the table.
Review Comment:
I don't understand the value of this change, and I think there are cases
where it may be confusing.
For the value part, isn't it obvious that a table without read restrictions
doesn't require additional projections and filters? That's at least from the
perspective of the catalog. It is also possible for people to use a system like
Apache Ranger to layer on access control restrictions. This sentence seems to
disallow doing that because it says clients MUST treat it as a table without
restrictions. I don't think that's the intent so I would remove this.
Another issue is that I think we need to make it clear in this description
that these restrictions are specific to the authenticated
principal/user/account that is using the client. This is not global policy for
everything. It should not be applied more broadly than the entity identified by
the Authentication header (or other auth convention).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
