adutra commented on code in PR #1397:
URL: https://github.com/apache/polaris/pull/1397#discussion_r2051594977
##########
polaris-core/src/main/java/org/apache/polaris/core/auth/AuthenticatedPolarisPrincipal.java:
##########
@@ -56,10 +72,20 @@ public List<PrincipalRoleEntity>
getActivatedPrincipalRoles() {
return activatedPrincipalRoles;
}
+ /** FIXME this method makes this class mutable, which seems risky */
public void setActivatedPrincipalRoles(List<PrincipalRoleEntity>
activatedPrincipalRoles) {
this.activatedPrincipalRoles = activatedPrincipalRoles;
}
+ /**
+ * Whether all roles should be activated. This is true when the principal is
requesting all
+ * available principal roles. When this is true, {@link
#getActivatedPrincipalRoleNames()} returns
+ * an empty set.
+ */
+ public boolean allRoles() {
Review Comment:
I think we need this method to distinguish the case when the principal is
requesting all roles from the case where no roles were found in the token –
since both cases translate into an empty set of role names.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
