adutra commented on code in PR #3757:
URL: https://github.com/apache/polaris/pull/3757#discussion_r2803709516
##########
polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java:
##########
@@ -24,7 +24,15 @@
import jakarta.annotation.Nullable;
import java.util.List;
-/** List of privileges */
+/**
+ * Enumerates the privileges used by the built-in RBAC authorizer ({@link
+ * org.apache.polaris.core.auth.PolarisAuthorizerImpl}). These privileges are
granted to roles and
+ * checked against securables during authorization.
+ *
+ * <p>Alternative authorizer implementations such as the OPA-based authorizer
may not use these
+ * privileges. They operate at the {@link
org.apache.polaris.core.auth.PolarisAuthorizableOperation}
+ * level and delegates all privilege/permission logic to external PDPs.
Review Comment:
```suggestion
* level and delegate all privilege/permission logic to external PDPs.
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
