adutra commented on code in PR #1397:
URL: https://github.com/apache/polaris/pull/1397#discussion_r2051740383
##########
polaris-core/src/main/java/org/apache/polaris/core/auth/AuthenticatedPolarisPrincipal.java:
##########
@@ -56,10 +72,20 @@ public List<PrincipalRoleEntity>
getActivatedPrincipalRoles() {
return activatedPrincipalRoles;
}
+ /** FIXME this method makes this class mutable, which seems risky */
public void setActivatedPrincipalRoles(List<PrincipalRoleEntity>
activatedPrincipalRoles) {
this.activatedPrincipalRoles = activatedPrincipalRoles;
}
+ /**
+ * Whether all roles should be activated. This is true when the principal is
requesting all
+ * available principal roles. When this is true, {@link
#getActivatedPrincipalRoleNames()} returns
+ * an empty set.
+ */
+ public boolean allRoles() {
Review Comment:
But a better solution imho would be to remove roles from this class
completely, and let `SecurityIdentity.getRoles()` expose the roles.
I checked the call sites for `getActivatedPrincipalRoles()` and it's in fact
never used. So it seems that `setActivatedPrincipalRoles()` could be removed as
well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
