singhpk234 commented on code in PR #3724:
URL: https://github.com/apache/polaris/pull/3724#discussion_r2800540750
##########
polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizableOperation.java:
##########
@@ -144,7 +145,7 @@ public enum PolarisAuthorizableOperation {
DROP_VIEW(VIEW_DROP),
VIEW_EXISTS(VIEW_LIST),
RENAME_VIEW(VIEW_DROP, EnumSet.of(VIEW_LIST, VIEW_CREATE)),
- REPORT_METRICS(EnumSet.noneOf(PolarisPrivilege.class)),
+ REPORT_METRICS(TABLE_REPORT_METRICS),
Review Comment:
I may be a bit late and it seems like we have a concencus already i don't
wanna disturb that !
+1 to not breaking existing flows !
but i am not sure if i understand the rationale completely, for example it
seems like we are treating report as same resource as that of table ? does it
have to be this way ?
for example when i am dash boarding and i wanna show reports to all the
tables do we need to grant it table per table ? or just one grant and we are
able to see it, same for collecting metrics for example R/W.
I understand report creation is table scoped api, but do we wanna make it
table scoped for reads the metrics too. for example in events proposal
`/v1/{prefix}/events:` as the endpoint proposed imho
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
