dimas-b commented on code in PR #3757:
URL: https://github.com/apache/polaris/pull/3757#discussion_r2806732973
##########
polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java:
##########
@@ -24,7 +24,15 @@
import jakarta.annotation.Nullable;
import java.util.List;
-/** List of privileges */
+/**
+ * Enumerates the privileges used by the built-in RBAC authorizer ({@link
+ * org.apache.polaris.core.auth.PolarisAuthorizerImpl}). These privileges are
granted to roles and
+ * checked against securables during authorization.
+ *
+ * <p>Alternative authorizer implementations such as the OPA-based authorizer
may not use these
Review Comment:
nit: While this statement is valid, is it relevant to this class? Why should
the reader be concerned with OPA in the context of `PolarisPrivilege`? The
paragraph above already scopes it down to the Internal Authorizer 🤔
##########
polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisPrivilege.java:
##########
@@ -24,7 +24,15 @@
import jakarta.annotation.Nullable;
import java.util.List;
-/** List of privileges */
+/**
+ * Enumerates the privileges used by the built-in RBAC authorizer ({@link
+ * org.apache.polaris.core.auth.PolarisAuthorizerImpl}). These privileges are
granted to roles and
+ * checked against securables during authorization.
Review Comment:
nit: "securable" is not a common term (not in my experience)... It might be
good to define it or link to where it is defined, or rephrase using more common
terms.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
