diff --git a/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/EclipseLinkPolarisMetaStoreManagerFactory.java b/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/EclipseLinkPolarisMetaStoreManagerFactory.java index ade392be07..8be5ab56e3 100644 --- a/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/EclipseLinkPolarisMetaStoreManagerFactory.java +++ b/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/EclipseLinkPolarisMetaStoreManagerFactory.java @@ -26,7 +26,7 @@ import java.time.Clock; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.LocalPolarisMetaStoreManagerFactory; import org.apache.polaris.core.persistence.PolarisMetaStoreManager; import org.apache.polaris.core.persistence.PolarisMetaStoreSession; @@ -69,15 +69,15 @@ protected PolarisEclipseLinkStore createBackingStore(@Nonnull PolarisDiagnostics @Override protected PolarisMetaStoreSession createMetaStoreSession( @Nonnull PolarisEclipseLinkStore store, - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics) { return new PolarisEclipseLinkMetaStoreSessionImpl( store, storageIntegrationProvider, - realmContext, + realmId, configurationFile(), persistenceUnitName(), - secretsGenerator(realmContext), + secretsGenerator(realmId), diagnostics); } diff --git a/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreSessionImpl.java b/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreSessionImpl.java index 6a56701377..20ad646922 100644 --- a/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreSessionImpl.java +++ b/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreSessionImpl.java @@ -38,7 +38,7 @@ import java.util.function.Supplier; import java.util.stream.Collectors; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisChangeTrackingVersions; import org.apache.polaris.core.entity.PolarisEntitiesActiveKey; @@ -88,22 +88,21 @@ public class PolarisEclipseLinkMetaStoreSessionImpl implements PolarisMetaStoreS * * @param store Backing store of EclipseLink implementation * @param storageIntegrationProvider Storage integration provider - * @param realmContext Realm context used to communicate with different database. + * @param realmId Realm context used to communicate with different database. * @param confFile Optional EclipseLink configuration file. Default to 'META-INF/persistence.xml'. * @param persistenceUnitName Optional persistence-unit name in confFile. Default to 'polaris'. */ public PolarisEclipseLinkMetaStoreSessionImpl( @Nonnull PolarisEclipseLinkStore store, @Nonnull PolarisStorageIntegrationProvider storageIntegrationProvider, - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nullable String confFile, @Nullable String persistenceUnitName, @Nonnull PrincipalSecretsGenerator secretsGenerator, @Nonnull PolarisDiagnostics diagnostics) { this.diagnostics = diagnostics; - LOGGER.debug( - "Creating EclipseLink Meta Store Session for realm {}", realmContext.getRealmIdentifier()); - emf = createEntityManagerFactory(realmContext, confFile, persistenceUnitName); + LOGGER.debug("Creating EclipseLink Meta Store Session for realm {}", realmId.id()); + emf = createEntityManagerFactory(realmId, confFile, persistenceUnitName); // init store this.store = store; @@ -121,10 +120,8 @@ public PolarisEclipseLinkMetaStoreSessionImpl( * realm. */ private EntityManagerFactory createEntityManagerFactory( - @Nonnull RealmContext realmContext, - @Nullable String confFile, - @Nullable String persistenceUnitName) { - String realm = realmContext.getRealmIdentifier(); + @Nonnull RealmId realmId, @Nullable String confFile, @Nullable String persistenceUnitName) { + String realm = realmId.id(); return realmFactories.computeIfAbsent( realm, key -> { @@ -132,7 +129,7 @@ private EntityManagerFactory createEntityManagerFactory( PolarisEclipseLinkPersistenceUnit persistenceUnit = PolarisEclipseLinkPersistenceUnit.locatePersistenceUnit( confFile, persistenceUnitName); - return persistenceUnit.createEntityManagerFactory(realmContext); + return persistenceUnit.createEntityManagerFactory(realmId); } catch (IOException e) { throw new UncheckedIOException(e); } diff --git a/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkPersistenceUnit.java b/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkPersistenceUnit.java index 7ea8749fd4..20ac6795f3 100644 --- a/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkPersistenceUnit.java +++ b/extension/persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkPersistenceUnit.java @@ -43,7 +43,7 @@ import javax.xml.xpath.XPathConstants; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.extension.persistence.impl.eclipselink.PolarisEclipseLinkPersistenceUnit.ClasspathResourcePolarisEclipseLinkPersistenceUnit; import org.apache.polaris.extension.persistence.impl.eclipselink.PolarisEclipseLinkPersistenceUnit.FileSystemPolarisEclipseLinkPersistenceUnit; import org.apache.polaris.extension.persistence.impl.eclipselink.PolarisEclipseLinkPersistenceUnit.JarFilePolarisEclipseLinkPersistenceUnit; @@ -57,16 +57,15 @@ sealed interface PolarisEclipseLinkPersistenceUnit FileSystemPolarisEclipseLinkPersistenceUnit, JarFilePolarisEclipseLinkPersistenceUnit { - EntityManagerFactory createEntityManagerFactory(RealmContext realmContext) throws IOException; + EntityManagerFactory createEntityManagerFactory(RealmId realmId) throws IOException; record ClasspathResourcePolarisEclipseLinkPersistenceUnit( URL resource, String resourceName, String persistenceUnitName) implements PolarisEclipseLinkPersistenceUnit { @Override - public EntityManagerFactory createEntityManagerFactory(RealmContext realmContext) - throws IOException { - Map properties = loadProperties(resource, persistenceUnitName, realmContext); + public EntityManagerFactory createEntityManagerFactory(RealmId realmId) throws IOException { + Map properties = loadProperties(resource, persistenceUnitName, realmId); properties.put(ECLIPSELINK_PERSISTENCE_XML, resourceName); return Persistence.createEntityManagerFactory(persistenceUnitName, properties); } @@ -76,10 +75,9 @@ record FileSystemPolarisEclipseLinkPersistenceUnit(Path path, String persistence implements PolarisEclipseLinkPersistenceUnit { @Override - public EntityManagerFactory createEntityManagerFactory(RealmContext realmContext) - throws IOException { + public EntityManagerFactory createEntityManagerFactory(RealmId realmId) throws IOException { Map properties = - loadProperties(path.toUri().toURL(), persistenceUnitName, realmContext); + loadProperties(path.toUri().toURL(), persistenceUnitName, realmId); Path archiveDirectory = path.getParent(); String descriptorPath = archiveDirectory.getParent().relativize(path).toString(); properties.put(ECLIPSELINK_PERSISTENCE_XML, descriptorPath); @@ -101,9 +99,8 @@ record JarFilePolarisEclipseLinkPersistenceUnit( implements PolarisEclipseLinkPersistenceUnit { @Override - public EntityManagerFactory createEntityManagerFactory(RealmContext realmContext) - throws IOException { - Map properties = loadProperties(confUrl, persistenceUnitName, realmContext); + public EntityManagerFactory createEntityManagerFactory(RealmId realmId) throws IOException { + Map properties = loadProperties(confUrl, persistenceUnitName, realmId); properties.put(ECLIPSELINK_PERSISTENCE_XML, descriptorPath); ClassLoader prevClassLoader = Thread.currentThread().getContextClassLoader(); try (URLClassLoader currentClassLoader = @@ -183,9 +180,7 @@ private static URL classpathResource(String resourceName) throws IOException { /** Load the persistence unit properties from a given configuration file */ private static Map loadProperties( - @Nonnull URL confFile, - @Nonnull String persistenceUnitName, - @Nonnull RealmContext realmContext) + @Nonnull URL confFile, @Nonnull String persistenceUnitName, @Nonnull RealmId realmId) throws IOException { try (InputStream input = confFile.openStream()) { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); @@ -205,9 +200,7 @@ private static Map loadProperties( } // Replace database name in JDBC URL with realm if (properties.containsKey(JDBC_URL)) { - properties.put( - JDBC_URL, - properties.get(JDBC_URL).replace("{realm}", realmContext.getRealmIdentifier())); + properties.put(JDBC_URL, properties.get(JDBC_URL).replace("{realm}", realmId.id())); } return properties; } catch (XPathExpressionException diff --git a/extension/persistence/eclipselink/src/test/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreManagerTest.java b/extension/persistence/eclipselink/src/test/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreManagerTest.java index 147f76e22f..3458bdf7a7 100644 --- a/extension/persistence/eclipselink/src/test/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreManagerTest.java +++ b/extension/persistence/eclipselink/src/test/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreManagerTest.java @@ -38,7 +38,7 @@ import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDefaultDiagServiceImpl; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisPrincipalSecrets; import org.apache.polaris.core.persistence.BasePolarisMetaStoreManagerTest; import org.apache.polaris.core.persistence.PolarisMetaStoreManagerImpl; @@ -101,13 +101,13 @@ static void deleteConfFiles() throws IOException { protected PolarisTestMetaStoreManager createPolarisTestMetaStoreManager() { PolarisDiagnostics diagServices = new PolarisDefaultDiagServiceImpl(); PolarisEclipseLinkStore store = new PolarisEclipseLinkStore(diagServices); - RealmContext realmContext = () -> "realm"; + RealmId realmId = RealmId.newRealmId("realm"); PolarisMetaStoreSession session = new PolarisEclipseLinkMetaStoreSessionImpl( - store, Mockito.mock(), realmContext, null, "polaris", RANDOM_SECRETS, diagServices); + store, Mockito.mock(), realmId, null, "polaris", RANDOM_SECRETS, diagServices); return new PolarisTestMetaStoreManager( new PolarisMetaStoreManagerImpl( - realmContext, + realmId, diagServices, new PolarisConfigurationStore() {}, timeSource.withZone(ZoneId.systemDefault())), @@ -128,7 +128,7 @@ void testCreateStoreSession(String confFile, boolean success) { new PolarisEclipseLinkMetaStoreSessionImpl( store, Mockito.mock(), - () -> "realm", + RealmId.newRealmId("realm"), confFile, "polaris", RANDOM_SECRETS, diff --git a/helm/polaris/README.md b/helm/polaris/README.md index 3230cc1720..3489b9fb36 100644 --- a/helm/polaris/README.md +++ b/helm/polaris/README.md @@ -99,7 +99,7 @@ $ helm uninstall --namespace polaris polaris | podAnnotations | object | `{}` | Annotations to apply to polaris pods. | | podLabels | object | `{}` | Additional Labels to apply to polaris pods. | | podSecurityContext | object | `{}` | Security context for the polaris pod. See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/. | -| polarisServerConfig | object | `{"authenticator":{"class":"org.apache.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"io":{"factoryType":"default"},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"}],"level":"INFO","loggers":{"org.apache.iceberg.rest":"DEBUG","org.apache.polaris":"DEBUG"}},"maxRequestBodyBytes":-1,"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"rateLimiter":{"type":"no-op"},"realmContextResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"}]}}}` | Configures for polaris-server.yml | +| polarisServerConfig | object | `{"authenticator":{"class":"org.apache.polaris.service.auth.TestInlineBearerTokenPolarisAuthenticator"},"callContextResolver":{"type":"default"},"cors":{"allowed-credentials":true,"allowed-headers":["*"],"allowed-methods":["PATCH","POST","DELETE","GET","PUT"],"allowed-origins":["http://localhost:8080"],"allowed-timing-origins":["http://localhost:8080"],"exposed-headers":["*"],"preflight-max-age":600},"defaultRealms":["default-realm"],"featureConfiguration":{"ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING":false,"SUPPORTED_CATALOG_STORAGE_TYPES":["S3","GCS","AZURE","FILE"]},"io":{"factoryType":"default"},"logging":{"appenders":[{"logFormat":"%-5p [%d{ISO8601} - %-6r] [%t] [%X{aid}%X{sid}%X{tid}%X{wid}%X{oid}%X{srv}%X{job}%X{rid}] %c{30}: %m %kvp%n%ex","threshold":"ALL","type":"console"}],"level":"INFO","loggers":{"org.apache.iceberg.rest":"DEBUG","org.apache.polaris":"DEBUG"}},"maxRequestBodyBytes":-1,"metaStoreManager":{"type":"in-memory"},"oauth2":{"type":"test"},"rateLimiter":{"type":"no-op"},"realmIdResolver":{"type":"default"},"server":{"adminConnectors":[{"port":8182,"type":"http"}],"applicationConnectors":[{"port":8181,"type":"http"}],"maxThreads":200,"minThreads":10,"requestLog":{"appenders":[{"type":"console"}]}}}` | Configures for polaris-server.yml | | readinessProbe | object | `{"failureThreshold":3,"initialDelaySeconds":5,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":10}` | Configures the readiness probe for polaris pods. | | readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Minimum value is 1. | | readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before readiness probes are initiated. Minimum value is 0. | diff --git a/polaris-core/build.gradle.kts b/polaris-core/build.gradle.kts index 00ae088dc4..9b731c25a2 100644 --- a/polaris-core/build.gradle.kts +++ b/polaris-core/build.gradle.kts @@ -44,6 +44,9 @@ dependencies { compileOnly(libs.jetbrains.annotations) compileOnly(libs.spotbugs.annotations) + compileOnly(project(":polaris-immutables")) + annotationProcessor(project(":polaris-immutables", configuration = "processor")) + constraints { implementation("org.xerial.snappy:snappy-java:1.1.10.7") { because("Vulnerability detected in 1.1.8.2") diff --git a/polaris-core/src/main/java/org/apache/polaris/core/PolarisConfigurationStore.java b/polaris-core/src/main/java/org/apache/polaris/core/PolarisConfigurationStore.java index 369821c08b..9e7f43c2ef 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/PolarisConfigurationStore.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/PolarisConfigurationStore.java @@ -23,7 +23,7 @@ import jakarta.annotation.Nullable; import java.util.ArrayList; import java.util.List; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; /** @@ -35,11 +35,11 @@ public interface PolarisConfigurationStore { * Retrieve the current value for a configuration key. May be null if not set. * * @param the type of the configuration value - * @param realmContext the realm context to check for overrides; may be null. + * @param realmId the realm context to check for overrides; may be null. * @param configName the name of the configuration key to check * @return the current value set for the configuration key or null if not set */ - default @Nullable T getConfiguration(@Nullable RealmContext realmContext, String configName) { + default @Nullable T getConfiguration(@Nullable RealmId realmId, String configName) { return null; } @@ -48,15 +48,15 @@ public interface PolarisConfigurationStore { * value. * * @param the type of the configuration value - * @param realmContext the realm context to check for overrides; may be null. + * @param realmId the realm context to check for overrides; may be null. * @param configName the name of the configuration key to check * @param defaultValue the default value if the configuration key has no value * @return the current value or the supplied default value */ default @Nonnull T getConfiguration( - @Nullable RealmContext realmContext, String configName, @Nonnull T defaultValue) { + @Nullable RealmId realmId, String configName, @Nonnull T defaultValue) { Preconditions.checkNotNull(defaultValue, "Cannot pass null as a default value"); - T configValue = getConfiguration(realmContext, configName); + T configValue = getConfiguration(realmId, configName); return configValue != null ? configValue : defaultValue; } @@ -88,13 +88,13 @@ public interface PolarisConfigurationStore { * Retrieve the current value for a configuration. * * @param the type of the configuration value - * @param realmContext the realm context to check for overrides; may be null. + * @param realmId the realm context to check for overrides; may be null. * @param config the configuration to load * @return the current value set for the configuration key or null if not set */ default @Nonnull T getConfiguration( - @Nullable RealmContext realmContext, PolarisConfiguration config) { - T result = getConfiguration(realmContext, config.key, config.defaultValue); + @Nullable RealmId realmId, PolarisConfiguration config) { + T result = getConfiguration(realmId, config.key, config.defaultValue); return tryCast(config, result); } @@ -103,20 +103,20 @@ public interface PolarisConfigurationStore { * present. * * @param the type of the configuration value - * @param realmContext the realm context to check for overrides; may be null. + * @param realmId the realm context to check for overrides; may be null. * @param catalogEntity the catalog to check for an override * @param config the configuration to load * @return the current value set for the configuration key or null if not set */ default @Nonnull T getConfiguration( - @Nullable RealmContext realmContext, + @Nullable RealmId realmId, @Nonnull CatalogEntity catalogEntity, PolarisConfiguration config) { if (config.hasCatalogConfig() && catalogEntity.getPropertiesAsMap().containsKey(config.catalogConfig())) { return tryCast(config, catalogEntity.getPropertiesAsMap().get(config.catalogConfig())); } else { - return getConfiguration(realmContext, config); + return getConfiguration(realmId, config); } } } diff --git a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizer.java b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizer.java index adb5cf7b84..245f07b620 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizer.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizer.java @@ -22,7 +22,7 @@ import jakarta.annotation.Nullable; import java.util.List; import java.util.Set; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.persistence.PolarisResolvedPathWrapper; @@ -30,7 +30,7 @@ public interface PolarisAuthorizer { void authorizeOrThrow( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull AuthenticatedPolarisPrincipal authenticatedPrincipal, @Nonnull Set activatedEntities, @Nonnull PolarisAuthorizableOperation authzOp, @@ -38,7 +38,7 @@ void authorizeOrThrow( @Nullable PolarisResolvedPathWrapper secondary); void authorizeOrThrow( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull AuthenticatedPolarisPrincipal authenticatedPrincipal, @Nonnull Set activatedEntities, @Nonnull PolarisAuthorizableOperation authzOp, diff --git a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizerImpl.java b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizerImpl.java index a8410584f6..199b73d605 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizerImpl.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/auth/PolarisAuthorizerImpl.java @@ -100,7 +100,7 @@ import org.apache.iceberg.exceptions.ForbiddenException; import org.apache.polaris.core.PolarisConfiguration; import org.apache.polaris.core.PolarisConfigurationStore; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntityConstants; import org.apache.polaris.core.entity.PolarisEntityCore; @@ -487,14 +487,14 @@ public boolean matchesOrIsSubsumedBy( @Override public void authorizeOrThrow( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull AuthenticatedPolarisPrincipal authenticatedPrincipal, @Nonnull Set activatedEntities, @Nonnull PolarisAuthorizableOperation authzOp, @Nullable PolarisResolvedPathWrapper target, @Nullable PolarisResolvedPathWrapper secondary) { authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, activatedEntities, authzOp, @@ -504,7 +504,7 @@ public void authorizeOrThrow( @Override public void authorizeOrThrow( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull AuthenticatedPolarisPrincipal authenticatedPrincipal, @Nonnull Set activatedEntities, @Nonnull PolarisAuthorizableOperation authzOp, @@ -512,8 +512,7 @@ public void authorizeOrThrow( @Nullable List secondaries) { boolean enforceCredentialRotationRequiredState = featureConfig.getConfiguration( - realmContext, - PolarisConfiguration.ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING); + realmId, PolarisConfiguration.ENFORCE_PRINCIPAL_CREDENTIAL_ROTATION_REQUIRED_CHECKING); if (enforceCredentialRotationRequiredState && authenticatedPrincipal .getPrincipalEntity() diff --git a/polaris-core/src/main/java/org/apache/polaris/core/context/RealmContext.java b/polaris-core/src/main/java/org/apache/polaris/core/context/RealmId.java similarity index 56% rename from polaris-core/src/main/java/org/apache/polaris/core/context/RealmContext.java rename to polaris-core/src/main/java/org/apache/polaris/core/context/RealmId.java index cce27972d4..98e58bb5e8 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/context/RealmContext.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/context/RealmId.java @@ -18,17 +18,26 @@ */ package org.apache.polaris.core.context; +import com.fasterxml.jackson.annotation.JsonValue; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import org.apache.polaris.immutables.PolarisImmutable; +import org.immutables.value.Value; + /** - * Represents the elements of a REST request associated with routing to independent and isolated - * "universes". This may include properties such as region, deployment environment (e.g. dev, qa, - * prod), and/or account. + * Represents the ID of the realm used in a REST request associated with routing to independent and + * isolated "universes". */ -public interface RealmContext { +@PolarisImmutable +@JsonSerialize(as = ImmutableRealmId.class) +@JsonDeserialize(as = ImmutableRealmId.class) +public interface RealmId { - static RealmContext copyOf(RealmContext original) { - String realmIdentifier = original.getRealmIdentifier(); - return () -> realmIdentifier; + static RealmId newRealmId(String id) { + return ImmutableRealmId.of(id); } - String getRealmIdentifier(); + @Value.Parameter + @JsonValue + String id(); } diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java index bdea45ed7b..5fa2da5518 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java @@ -27,7 +27,7 @@ import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PolarisEntityConstants; import org.apache.polaris.core.entity.PolarisEntitySubType; @@ -70,27 +70,24 @@ protected LocalPolarisMetaStoreManagerFactory( protected abstract StoreType createBackingStore(@Nonnull PolarisDiagnostics diagnostics); protected abstract PolarisMetaStoreSession createMetaStoreSession( - @Nonnull StoreType store, - @Nonnull RealmContext realmContext, - @Nonnull PolarisDiagnostics diagnostics); + @Nonnull StoreType store, @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics); - protected PrincipalSecretsGenerator secretsGenerator(RealmContext realmContext) { + protected PrincipalSecretsGenerator secretsGenerator(RealmId realmId) { if (bootstrap) { - return PrincipalSecretsGenerator.bootstrap(realmContext.getRealmIdentifier()); + return PrincipalSecretsGenerator.bootstrap(realmId.id()); } else { return PrincipalSecretsGenerator.RANDOM_SECRETS; } } - private void initializeForRealm(RealmContext realmContext) { + private void initializeForRealm(RealmId realmId) { final StoreType backingStore = createBackingStore(diagnostics); sessionSupplierMap.put( - realmContext.getRealmIdentifier(), - () -> createMetaStoreSession(backingStore, realmContext, diagnostics)); + realmId.id(), () -> createMetaStoreSession(backingStore, realmId, diagnostics)); PolarisMetaStoreManager metaStoreManager = - new PolarisMetaStoreManagerImpl(realmContext, diagnostics, configurationStore, clock); - metaStoreManagerMap.put(realmContext.getRealmIdentifier(), metaStoreManager); + new PolarisMetaStoreManagerImpl(realmId, diagnostics, configurationStore, clock); + metaStoreManagerMap.put(realmId.id(), metaStoreManager); } @Override @@ -100,13 +97,13 @@ public synchronized Map bootstrapRealms(List realm; - if (!metaStoreManagerMap.containsKey(realmContext.getRealmIdentifier())) { - initializeForRealm(realmContext); + RealmId realmId = RealmId.newRealmId(realm); + if (!metaStoreManagerMap.containsKey(realmId.id())) { + initializeForRealm(realmId); PrincipalSecretsResult secretsResult = bootstrapServiceAndCreatePolarisPrincipalForRealm( - realmContext, metaStoreManagerMap.get(realmContext.getRealmIdentifier())); - results.put(realmContext.getRealmIdentifier(), secretsResult); + realmId, metaStoreManagerMap.get(realmId.id())); + results.put(realmId.id(), secretsResult); } } } finally { @@ -119,8 +116,9 @@ public synchronized Map bootstrapRealms(List realms) { for (String realm : realms) { - PolarisMetaStoreManager metaStoreManager = getOrCreateMetaStoreManager(() -> realm); - PolarisMetaStoreSession session = getOrCreateSessionSupplier(() -> realm).get(); + PolarisMetaStoreManager metaStoreManager = + getOrCreateMetaStoreManager(RealmId.newRealmId(realm)); + PolarisMetaStoreSession session = getOrCreateSessionSupplier(RealmId.newRealmId(realm)).get(); metaStoreManager.purge(session); @@ -131,51 +129,44 @@ public void purgeRealms(List realms) { } @Override - public synchronized PolarisMetaStoreManager getOrCreateMetaStoreManager( - RealmContext realmContext) { - if (!metaStoreManagerMap.containsKey(realmContext.getRealmIdentifier())) { - initializeForRealm(realmContext); - checkPolarisServiceBootstrappedForRealm( - realmContext, metaStoreManagerMap.get(realmContext.getRealmIdentifier())); + public synchronized PolarisMetaStoreManager getOrCreateMetaStoreManager(RealmId realmId) { + if (!metaStoreManagerMap.containsKey(realmId.id())) { + initializeForRealm(realmId); + checkPolarisServiceBootstrappedForRealm(realmId, metaStoreManagerMap.get(realmId.id())); } - return metaStoreManagerMap.get(realmContext.getRealmIdentifier()); + return metaStoreManagerMap.get(realmId.id()); } @Override public synchronized Supplier getOrCreateSessionSupplier( - RealmContext realmContext) { - if (!sessionSupplierMap.containsKey(realmContext.getRealmIdentifier())) { - initializeForRealm(realmContext); - checkPolarisServiceBootstrappedForRealm( - realmContext, metaStoreManagerMap.get(realmContext.getRealmIdentifier())); + RealmId realmId) { + if (!sessionSupplierMap.containsKey(realmId.id())) { + initializeForRealm(realmId); + checkPolarisServiceBootstrappedForRealm(realmId, metaStoreManagerMap.get(realmId.id())); } else { - checkPolarisServiceBootstrappedForRealm( - realmContext, metaStoreManagerMap.get(realmContext.getRealmIdentifier())); + checkPolarisServiceBootstrappedForRealm(realmId, metaStoreManagerMap.get(realmId.id())); } - return sessionSupplierMap.get(realmContext.getRealmIdentifier()); + return sessionSupplierMap.get(realmId.id()); } @Override - public synchronized StorageCredentialCache getOrCreateStorageCredentialCache( - RealmContext realmContext) { - if (!storageCredentialCacheMap.containsKey(realmContext.getRealmIdentifier())) { + public synchronized StorageCredentialCache getOrCreateStorageCredentialCache(RealmId realmId) { + if (!storageCredentialCacheMap.containsKey(realmId.id())) { storageCredentialCacheMap.put( - realmContext.getRealmIdentifier(), - new StorageCredentialCache(diagnostics, configurationStore)); + realmId.id(), new StorageCredentialCache(diagnostics, configurationStore)); } - return storageCredentialCacheMap.get(realmContext.getRealmIdentifier()); + return storageCredentialCacheMap.get(realmId.id()); } @Override - public synchronized EntityCache getOrCreateEntityCache(RealmContext realmContext) { - if (!entityCacheMap.containsKey(realmContext.getRealmIdentifier())) { - PolarisMetaStoreManager metaStoreManager = getOrCreateMetaStoreManager(realmContext); - entityCacheMap.put( - realmContext.getRealmIdentifier(), new EntityCache(metaStoreManager, diagnostics)); + public synchronized EntityCache getOrCreateEntityCache(RealmId realmId) { + if (!entityCacheMap.containsKey(realmId.id())) { + PolarisMetaStoreManager metaStoreManager = getOrCreateMetaStoreManager(realmId); + entityCacheMap.put(realmId.id(), new EntityCache(metaStoreManager, diagnostics)); } - return entityCacheMap.get(realmContext.getRealmIdentifier()); + return entityCacheMap.get(realmId.id()); } /** @@ -184,9 +175,8 @@ public synchronized EntityCache getOrCreateEntityCache(RealmContext realmContext * credentials and print them to stdout */ private PrincipalSecretsResult bootstrapServiceAndCreatePolarisPrincipalForRealm( - RealmContext realmContext, PolarisMetaStoreManager metaStoreManager) { - PolarisMetaStoreSession metaStoreSession = - sessionSupplierMap.get(realmContext.getRealmIdentifier()).get(); + RealmId realmId, PolarisMetaStoreManager metaStoreManager) { + PolarisMetaStoreSession metaStoreSession = sessionSupplierMap.get(realmId.id()).get(); PolarisMetaStoreManager.EntityResult preliminaryRootPrincipalLookup = metaStoreManager.readEntityByName( @@ -238,10 +228,9 @@ private PrincipalSecretsResult bootstrapServiceAndCreatePolarisPrincipalForRealm * entities */ private void checkPolarisServiceBootstrappedForRealm( - RealmContext realmContext, PolarisMetaStoreManager metaStoreManager) { + RealmId realmId, PolarisMetaStoreManager metaStoreManager) { - PolarisMetaStoreSession metaStoreSession = - sessionSupplierMap.get(realmContext.getRealmIdentifier()).get(); + PolarisMetaStoreSession metaStoreSession = sessionSupplierMap.get(realmId.id()).get(); PolarisMetaStoreManager.EntityResult rootPrincipalLookup = metaStoreManager.readEntityByName( @@ -254,7 +243,7 @@ private void checkPolarisServiceBootstrappedForRealm( if (!rootPrincipalLookup.isSuccess()) { LOGGER.error( "\n\n Realm {} is not bootstrapped, could not load root principal. Please run Bootstrap command. \n\n", - realmContext.getRealmIdentifier()); + realmId.id()); throw new IllegalStateException( "Realm is not bootstrapped, please run server in bootstrap mode."); } diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java index 5d4691a554..e9e5abe45d 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/MetaStoreManagerFactory.java @@ -22,20 +22,20 @@ import java.util.Map; import java.util.function.Supplier; import org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.cache.EntityCache; import org.apache.polaris.core.storage.cache.StorageCredentialCache; /** Configuration interface for configuring the {@link PolarisMetaStoreManager}. */ public interface MetaStoreManagerFactory { - PolarisMetaStoreManager getOrCreateMetaStoreManager(RealmContext realmContext); + PolarisMetaStoreManager getOrCreateMetaStoreManager(RealmId realmId); - Supplier getOrCreateSessionSupplier(RealmContext realmContext); + Supplier getOrCreateSessionSupplier(RealmId realmId); - StorageCredentialCache getOrCreateStorageCredentialCache(RealmContext realmContext); + StorageCredentialCache getOrCreateStorageCredentialCache(RealmId realmId); - EntityCache getOrCreateEntityCache(RealmContext realmContext); + EntityCache getOrCreateEntityCache(RealmId realmId); Map bootstrapRealms(List realms); diff --git a/polaris-core/src/main/java/org/apache/polaris/core/persistence/PolarisMetaStoreManagerImpl.java b/polaris-core/src/main/java/org/apache/polaris/core/persistence/PolarisMetaStoreManagerImpl.java index 3566fc5db1..83979d4ae3 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/persistence/PolarisMetaStoreManagerImpl.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/persistence/PolarisMetaStoreManagerImpl.java @@ -38,7 +38,7 @@ import java.util.stream.Collectors; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.AsyncTaskType; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisChangeTrackingVersions; @@ -76,17 +76,17 @@ public class PolarisMetaStoreManagerImpl implements PolarisMetaStoreManager { /** use synchronous drop for entities */ private static final boolean USE_SYNCHRONOUS_DROP = true; - private final RealmContext realmContext; + private final RealmId realmId; private final PolarisDiagnostics diagnostics; private final PolarisConfigurationStore configurationStore; private final Clock clock; public PolarisMetaStoreManagerImpl( - RealmContext realmContext, + RealmId realmId, PolarisDiagnostics diagnostics, PolarisConfigurationStore configurationStore, Clock clock) { - this.realmContext = realmContext; + this.realmId = realmId; this.diagnostics = diagnostics; this.configurationStore = configurationStore; this.clock = clock; @@ -1815,7 +1815,7 @@ private PolarisEntityResolver resolveSecurableToRoleGrant( PolarisObjectMapperUtil.parseTaskState(entity); long taskAgeTimeout = configurationStore.getConfiguration( - realmContext, + realmId, PolarisTaskConstants.TASK_TIMEOUT_MILLIS_CONFIG, PolarisTaskConstants.TASK_TIMEOUT_MILLIS); return taskState == null @@ -1888,7 +1888,7 @@ private PolarisEntityResolver resolveSecurableToRoleGrant( try { EnumMap creds = storageIntegration.getSubscopedCreds( - realmContext, + realmId, diagnostics, storageConfigurationInfo, allowListOperation, @@ -1935,7 +1935,7 @@ private PolarisEntityResolver resolveSecurableToRoleGrant( readStorageConfiguration(diagnostics, reloadedEntity.getEntity()); Map validateLocationAccess = storageIntegration - .validateAccessToLocations(realmContext, storageConfigurationInfo, actions, locations) + .validateAccessToLocations(realmId, storageConfigurationInfo, actions, locations) .entrySet() .stream() .collect( diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/InMemoryStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/InMemoryStorageIntegration.java index 307650279f..5570d85a8b 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/InMemoryStorageIntegration.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/InMemoryStorageIntegration.java @@ -26,11 +26,11 @@ import java.util.function.Function; import java.util.stream.Collectors; import org.apache.polaris.core.PolarisConfigurationStore; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; /** * Base class for in-memory implementations of {@link PolarisStorageIntegration}. A basic - * implementation of {@link PolarisStorageIntegration#validateAccessToLocations(RealmContext, + * implementation of {@link PolarisStorageIntegration#validateAccessToLocations(RealmId, * PolarisStorageConfigurationInfo, Set, Set)} is provided that checks to see that the list of * locations being accessed is among the list of {@link * PolarisStorageConfigurationInfo#getAllowedLocations()}. Locations being accessed must be equal to @@ -53,7 +53,7 @@ public InMemoryStorageIntegration( * Check that the locations being accessed are all equal to or subdirectories of at least one of * the {@link PolarisStorageConfigurationInfo#getAllowedLocations}. * - * @param realmContext + * @param realmId * @param configurationStore * @param actions a set of operation actions to validate, like LIST/READ/DELETE/WRITE/ALL * @param locations a set of locations to get access to @@ -63,7 +63,7 @@ public InMemoryStorageIntegration( */ public static Map> validateSubpathsOfAllowedLocations( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisConfigurationStore configurationStore, @Nonnull PolarisStorageConfigurationInfo storageConfig, @Nonnull Set actions, @@ -86,7 +86,7 @@ public InMemoryStorageIntegration( allowedLocationStrings.stream().map(StorageLocation::of).collect(Collectors.toList()); boolean allowWildcardLocation = - configurationStore.getConfiguration(realmContext, "ALLOW_WILDCARD_LOCATION", false); + configurationStore.getConfiguration(realmId, "ALLOW_WILDCARD_LOCATION", false); if (allowWildcardLocation && allowedLocationStrings.contains("*")) { return locations.stream() @@ -129,11 +129,11 @@ public InMemoryStorageIntegration( @Override @Nonnull public Map> validateAccessToLocations( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull T storageConfig, @Nonnull Set actions, @Nonnull Set locations) { return validateSubpathsOfAllowedLocations( - realmContext, configurationStore, storageConfig, actions, locations); + realmId, configurationStore, storageConfig, actions, locations); } } diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageConfigurationInfo.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageConfigurationInfo.java index a65e1e8eb5..f56677dfd2 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageConfigurationInfo.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageConfigurationInfo.java @@ -40,7 +40,7 @@ import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.admin.model.Catalog; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PolarisEntityConstants; @@ -137,7 +137,7 @@ public static PolarisStorageConfigurationInfo deserialize( } public static Optional forEntityPath( - RealmContext realmContext, + RealmId realmId, PolarisConfigurationStore configurationStore, PolarisDiagnostics diagnostics, List entityPath) { @@ -167,9 +167,7 @@ public static Optional forEntityPath( CatalogEntity catalog = CatalogEntity.of(entityPath.get(0)); boolean allowEscape = configurationStore.getConfiguration( - realmContext, - catalog, - PolarisConfiguration.ALLOW_UNSTRUCTURED_TABLE_LOCATION); + realmId, catalog, PolarisConfiguration.ALLOW_UNSTRUCTURED_TABLE_LOCATION); if (!allowEscape && catalog.getCatalogType() != Catalog.TypeEnum.EXTERNAL && baseLocation != null) { diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java index 9c50c63054..0ea08d78e7 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/PolarisStorageIntegration.java @@ -24,7 +24,7 @@ import java.util.Objects; import java.util.Set; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; /** * Abstract of Polaris Storage Integration. It holds the reference to an object that having the @@ -47,7 +47,7 @@ public String getStorageIdentifierOrId() { /** * Subscope the creds against the allowed read and write locations. * - * @param realmContext the realm context + * @param realmId the realm context * @param diagnostics the diagnostics service * @param storageConfig storage configuration * @param allowListOperation whether to allow LIST on all the provided allowed read/write @@ -57,7 +57,7 @@ public String getStorageIdentifierOrId() { * @return An enum map including the scoped credentials */ public abstract EnumMap getSubscopedCreds( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics, @Nonnull T storageConfig, boolean allowListOperation, @@ -67,7 +67,7 @@ public abstract EnumMap getSubscopedCreds( /** * Validate access for the provided operation actions and locations. * - * @param realmContext + * @param realmId * @param actions a set of operation actions to validate, like LIST/READ/DELETE/WRITE/ALL * @param locations a set of locations to get access to * @return A Map of string, representing the result of validation, the key value is {@code @@ -99,13 +99,13 @@ public abstract EnumMap getSubscopedCreds( @Nonnull public abstract Map> validateAccessToLocations( - RealmContext realmContext, + RealmId realmId, @Nonnull T storageConfig, @Nonnull Set actions, @Nonnull Set locations); /** - * Result of calling {@link PolarisStorageIntegration#validateAccessToLocations(RealmContext, + * Result of calling {@link PolarisStorageIntegration#validateAccessToLocations(RealmId, * PolarisStorageConfigurationInfo, Set, Set)} */ public static final class ValidationResult { diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java index 00c1358aa4..0757d6f9bc 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java @@ -30,7 +30,7 @@ import java.util.stream.Stream; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.InMemoryStorageIntegration; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.apache.polaris.core.storage.StorageUtil; @@ -60,7 +60,7 @@ public AwsCredentialsStorageIntegration( /** {@inheritDoc} */ @Override public EnumMap getSubscopedCreds( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics, @Nonnull AwsStorageConfigurationInfo storageConfig, boolean allowListOperation, @@ -81,7 +81,7 @@ public EnumMap getSubscopedCreds( .toJson()) .durationSeconds( configurationStore.getConfiguration( - realmContext, STORAGE_CREDENTIAL_DURATION_SECONDS)) + realmId, STORAGE_CREDENTIAL_DURATION_SECONDS)) .build()); EnumMap credentialMap = new EnumMap<>(PolarisCredentialProperty.class); diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java index 5da34596d0..4e82a792e3 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/azure/AzureCredentialsStorageIntegration.java @@ -48,7 +48,7 @@ import org.apache.polaris.core.PolarisConfiguration; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.InMemoryStorageIntegration; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.slf4j.Logger; @@ -75,7 +75,7 @@ public AzureCredentialsStorageIntegration(PolarisConfigurationStore configuratio @Override public EnumMap getSubscopedCreds( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics, @Nonnull AzureStorageConfigurationInfo storageConfig, boolean allowListOperation, @@ -132,7 +132,7 @@ public EnumMap getSubscopedCreds( OffsetDateTime startTime = start.truncatedTo(ChronoUnit.SECONDS).atOffset(ZoneOffset.UTC); int intendedDurationSeconds = configurationStore.getConfiguration( - realmContext, PolarisConfiguration.STORAGE_CREDENTIAL_DURATION_SECONDS); + realmId, PolarisConfiguration.STORAGE_CREDENTIAL_DURATION_SECONDS); OffsetDateTime intendedEndTime = start.plusSeconds(intendedDurationSeconds).atOffset(ZoneOffset.UTC); OffsetDateTime maxAllowedEndTime = diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java index fb88e4bec3..224b850d26 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/gcp/GcpCredentialsStorageIntegration.java @@ -40,7 +40,7 @@ import java.util.stream.Stream; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.InMemoryStorageIntegration; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.apache.polaris.core.storage.PolarisStorageIntegration; @@ -74,7 +74,7 @@ public GcpCredentialsStorageIntegration( @Override public EnumMap getSubscopedCreds( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics, @Nonnull GcpStorageConfigurationInfo storageConfig, boolean allowListOperation, diff --git a/polaris-core/src/test/java/org/apache/polaris/core/persistence/EntityCacheTest.java b/polaris-core/src/test/java/org/apache/polaris/core/persistence/EntityCacheTest.java index 4e918a42d3..c87eb5e7fa 100644 --- a/polaris-core/src/test/java/org/apache/polaris/core/persistence/EntityCacheTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/core/persistence/EntityCacheTest.java @@ -26,6 +26,7 @@ import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDefaultDiagServiceImpl; import org.apache.polaris.core.PolarisDiagnostics; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntitySubType; import org.apache.polaris.core.entity.PolarisEntityType; @@ -84,7 +85,10 @@ public EntityCacheTest() { new PolarisTreeMapMetaStoreSessionImpl(store, Mockito.mock(), RANDOM_SECRETS, diagServices); metaStoreManager = new PolarisMetaStoreManagerImpl( - () -> "test", diagServices, new PolarisConfigurationStore() {}, Clock.systemUTC()); + RealmId.newRealmId("test"), + diagServices, + new PolarisConfigurationStore() {}, + Clock.systemUTC()); // bootstrap the mata store with our test schema tm = new PolarisTestMetaStoreManager(metaStoreManager, metaStore, diagServices); diff --git a/polaris-core/src/test/java/org/apache/polaris/core/persistence/PolarisTreeMapMetaStoreManagerTest.java b/polaris-core/src/test/java/org/apache/polaris/core/persistence/PolarisTreeMapMetaStoreManagerTest.java index 2a0a96aea8..ac84bb3f48 100644 --- a/polaris-core/src/test/java/org/apache/polaris/core/persistence/PolarisTreeMapMetaStoreManagerTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/core/persistence/PolarisTreeMapMetaStoreManagerTest.java @@ -24,6 +24,7 @@ import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDefaultDiagServiceImpl; import org.apache.polaris.core.PolarisDiagnostics; +import org.apache.polaris.core.context.RealmId; import org.mockito.Mockito; public class PolarisTreeMapMetaStoreManagerTest extends BasePolarisMetaStoreManagerTest { @@ -35,7 +36,7 @@ public PolarisTestMetaStoreManager createPolarisTestMetaStoreManager() { new PolarisTreeMapMetaStoreSessionImpl(store, Mockito.mock(), RANDOM_SECRETS, diagServices); return new PolarisTestMetaStoreManager( new PolarisMetaStoreManagerImpl( - () -> "test", + RealmId.newRealmId("test"), diagServices, new PolarisConfigurationStore() {}, timeSource.withZone(ZoneId.systemDefault())), diff --git a/polaris-core/src/test/java/org/apache/polaris/core/persistence/ResolverTest.java b/polaris-core/src/test/java/org/apache/polaris/core/persistence/ResolverTest.java index d305597191..6eef9dc9ab 100644 --- a/polaris-core/src/test/java/org/apache/polaris/core/persistence/ResolverTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/core/persistence/ResolverTest.java @@ -37,6 +37,7 @@ import org.apache.polaris.core.PolarisDefaultDiagServiceImpl; import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntityCore; import org.apache.polaris.core.entity.PolarisEntitySubType; @@ -105,7 +106,10 @@ public ResolverTest() { new PolarisTreeMapMetaStoreSessionImpl(store, Mockito.mock(), RANDOM_SECRETS, diagServices); metaStoreManager = new PolarisMetaStoreManagerImpl( - () -> "test", diagServices, new PolarisConfigurationStore() {}, Clock.systemUTC()); + RealmId.newRealmId("test"), + diagServices, + new PolarisConfigurationStore() {}, + Clock.systemUTC()); // bootstrap the mata store with our test schema tm = new PolarisTestMetaStoreManager(metaStoreManager, metaStore, diagServices); diff --git a/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java index 413cad5ee9..1ede2b00df 100644 --- a/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/core/storage/InMemoryStorageIntegrationTest.java @@ -26,14 +26,14 @@ import java.util.Set; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo; import org.assertj.core.api.Assertions; import org.junit.jupiter.api.Test; class InMemoryStorageIntegrationTest { - private RealmContext realmContext = () -> "test"; + private final RealmId realmId = RealmId.newRealmId("test"); @Test public void testValidateAccessToLocations() { @@ -41,7 +41,7 @@ public void testValidateAccessToLocations() { new MockInMemoryStorageIntegration(new PolarisConfigurationStore() {}); Map> result = storage.validateAccessToLocations( - realmContext, + realmId, new AwsStorageConfigurationInfo( PolarisStorageConfigurationInfo.StorageType.S3, List.of( @@ -96,14 +96,14 @@ public void testValidateAccessToLocationsWithWildcard() { new PolarisConfigurationStore() { @SuppressWarnings("unchecked") @Override - public @Nullable T getConfiguration(RealmContext realmContext, String configName) { + public @Nullable T getConfiguration(RealmId realmContext, String configName) { return (T) config.get(configName); } }; MockInMemoryStorageIntegration storage = new MockInMemoryStorageIntegration(configurationStore); Map> result = storage.validateAccessToLocations( - realmContext, + realmId, new FileStorageConfigurationInfo(List.of("file://", "*")), Set.of(PolarisStorageActions.READ), Set.of( @@ -144,7 +144,7 @@ public void testValidateAccessToLocationsNoAllowedLocations() { new MockInMemoryStorageIntegration(new PolarisConfigurationStore() {}); Map> result = storage.validateAccessToLocations( - realmContext, + realmId, new AwsStorageConfigurationInfo( PolarisStorageConfigurationInfo.StorageType.S3, List.of(), @@ -180,7 +180,7 @@ public void testValidateAccessToLocationsWithPrefixOfAllowedLocation() { new MockInMemoryStorageIntegration(new PolarisConfigurationStore() {}); Map> result = storage.validateAccessToLocations( - realmContext, + realmId, new AwsStorageConfigurationInfo( PolarisStorageConfigurationInfo.StorageType.S3, List.of("s3://bucket/path/to/warehouse"), @@ -206,7 +206,7 @@ public MockInMemoryStorageIntegration(PolarisConfigurationStore configurationSto @Override public EnumMap getSubscopedCreds( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics, @Nonnull PolarisStorageConfigurationInfo storageConfig, boolean allowListOperation, diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/PolarisConfigurationStoreTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/PolarisConfigurationStoreTest.java index 6e93797756..32c18ae6a6 100644 --- a/polaris-core/src/test/java/org/apache/polaris/service/storage/PolarisConfigurationStoreTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/PolarisConfigurationStoreTest.java @@ -22,14 +22,14 @@ import java.util.List; import org.apache.polaris.core.PolarisConfiguration; import org.apache.polaris.core.PolarisConfigurationStore; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; /** Unit test for the default behaviors of the PolarisConfigurationStore interface. */ public class PolarisConfigurationStoreTest { - private RealmContext realmContext = () -> "test"; + private final RealmId realmId = RealmId.newRealmId("test"); @Test public void testConfigsCanBeCastedFromString() { @@ -48,7 +48,7 @@ public void testConfigsCanBeCastedFromString() { */ @SuppressWarnings("unchecked") @Override - public @Nullable T getConfiguration(RealmContext realmContext, String configName) { + public @Nullable T getConfiguration(RealmId realmContext, String configName) { for (PolarisConfiguration c : configs) { if (c.key.equals(configName)) { return (T) String.valueOf(c.defaultValue); @@ -65,7 +65,7 @@ public void testConfigsCanBeCastedFromString() { // Ensure that we can fetch all the configs and that the value is what we expect, which // is the config's default value based on how we've implemented PolarisConfigurationStore above. for (PolarisConfiguration c : configs) { - Assertions.assertEquals(c.defaultValue, store.getConfiguration(realmContext, c)); + Assertions.assertEquals(c.defaultValue, store.getConfiguration(realmId, c)); } } @@ -79,14 +79,14 @@ public void testInvalidCastThrowsException() { new PolarisConfigurationStore() { @SuppressWarnings("unchecked") @Override - public T getConfiguration(RealmContext realmContext, String configName) { + public T getConfiguration(RealmId realmContext, String configName) { return (T) "abc123"; } }; for (PolarisConfiguration c : configs) { Assertions.assertThrows( - NumberFormatException.class, () -> store.getConfiguration(realmContext, c)); + NumberFormatException.class, () -> store.getConfiguration(realmId, c)); } } diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java index bf563da452..27e6602b0b 100644 --- a/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/aws/AwsCredentialsStorageIntegrationTest.java @@ -26,7 +26,7 @@ import java.util.Set; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo; import org.apache.polaris.core.storage.aws.AwsCredentialsStorageIntegration; @@ -61,7 +61,7 @@ class AwsCredentialsStorageIntegrationTest { .build(); public static final String AWS_PARTITION = "aws"; - private static final RealmContext REALM_CONTEXT = () -> "realm"; + private static final RealmId REALM_CONTEXT = RealmId.newRealmId("realm"); @Test public void testGetSubscopedCreds() { diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java index 8c366ee6ae..f0b296e4b9 100644 --- a/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/azure/AzureCredentialStorageIntegrationTest.java @@ -49,7 +49,7 @@ import java.util.stream.Stream; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDefaultDiagServiceImpl; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.apache.polaris.core.storage.azure.AzureCredentialsStorageIntegration; import org.apache.polaris.core.storage.azure.AzureStorageConfigurationInfo; @@ -68,7 +68,7 @@ public class AzureCredentialStorageIntegrationTest { private final String clientId = System.getenv("AZURE_CLIENT_ID"); private final String clientSecret = System.getenv("AZURE_CLIENT_SECRET"); private final String tenantId = System.getenv("AZURE_TENANT_ID"); - private final RealmContext realmContext = () -> "realm"; + private final RealmId realmId = RealmId.newRealmId("realm"); private void assumeEnvVariablesNotNull() { Assumptions.assumeThat( @@ -88,10 +88,7 @@ public void testNegativeCases() { Assertions.assertThatThrownBy( () -> subscopedCredsForOperations( - realmContext, - differentEndpointList, - /* allowedWriteLoc= */ new ArrayList<>(), - true)) + realmId, differentEndpointList, /* allowedWriteLoc= */ new ArrayList<>(), true)) .isInstanceOf(RuntimeException.class); List differentStorageAccts = @@ -101,10 +98,7 @@ public void testNegativeCases() { Assertions.assertThatThrownBy( () -> subscopedCredsForOperations( - realmContext, - differentStorageAccts, - /* allowedWriteLoc= */ new ArrayList<>(), - true)) + realmId, differentStorageAccts, /* allowedWriteLoc= */ new ArrayList<>(), true)) .isInstanceOf(RuntimeException.class); List differentContainers = Arrays.asList( @@ -114,10 +108,7 @@ public void testNegativeCases() { Assertions.assertThatThrownBy( () -> subscopedCredsForOperations( - realmContext, - differentContainers, - /* allowedWriteLoc= */ new ArrayList<>(), - true)) + realmId, differentContainers, /* allowedWriteLoc= */ new ArrayList<>(), true)) .isInstanceOf(RuntimeException.class); } @@ -134,7 +125,7 @@ public void testGetSubscopedTokenList(boolean allowListAction, String service) { service)); Map credsMap = subscopedCredsForOperations( - /* allowedReadLoc= */ realmContext, + /* allowedReadLoc= */ realmId, allowedLoc, /* allowedWriteLoc= */ new ArrayList<>(), allowListAction); @@ -206,7 +197,7 @@ public void testGetSubscopedTokenRead( service, allowedPrefix)); Map credsMap = subscopedCredsForOperations( - /* allowedReadLoc= */ realmContext, + /* allowedReadLoc= */ realmId, allowedLoc, /* allowedWriteLoc= */ new ArrayList<>(), /* allowListAction= */ false); @@ -277,7 +268,7 @@ public void testGetSubscopedTokenWrite( service, allowedPrefix)); Map credsMap = subscopedCredsForOperations( - /* allowedReadLoc= */ realmContext, + /* allowedReadLoc= */ realmId, new ArrayList<>(), /* allowedWriteLoc= */ allowedLoc, /* allowListAction= */ false); @@ -354,7 +345,7 @@ public void testGetSubscopedTokenWrite( } private Map subscopedCredsForOperations( - RealmContext realmContext, + RealmId realmId, List allowedReadLoc, List allowedWriteLoc, boolean allowListAction) { @@ -367,7 +358,7 @@ private Map subscopedCredsForOperations( new AzureCredentialsStorageIntegration(new PolarisConfigurationStore() {}); EnumMap credsMap = azureCredsIntegration.getSubscopedCreds( - realmContext, + realmId, new PolarisDefaultDiagServiceImpl(), azureConfig, allowListAction, diff --git a/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java b/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java index 17bf389f1e..44f3165319 100644 --- a/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java +++ b/polaris-core/src/test/java/org/apache/polaris/service/storage/gcp/GcpCredentialsStorageIntegrationTest.java @@ -50,7 +50,7 @@ import java.util.Set; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDefaultDiagServiceImpl; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.apache.polaris.core.storage.gcp.GcpCredentialsStorageIntegration; import org.apache.polaris.core.storage.gcp.GcpStorageConfigurationInfo; @@ -73,7 +73,7 @@ public void testSubscope(boolean allowedListAction) throws Exception { .describedAs("Environment variable GOOGLE_APPLICATION_CREDENTIALS not exits") .isNotNull() .isNotEmpty(); - RealmContext realmContext = () -> "realm"; + RealmId realmId = RealmId.newRealmId("realm"); List allowedRead = Arrays.asList( "gs://sfc-dev1-regtest/polaris-test/subscoped-test/read1/", @@ -83,7 +83,7 @@ public void testSubscope(boolean allowedListAction) throws Exception { "gs://sfc-dev1-regtest/polaris-test/subscoped-test/write1/", "gs://sfc-dev1-regtest/polaris-test/subscoped-test/write2/"); Storage storageClient = - setupStorageClient(realmContext, allowedRead, allowedWrite, allowedListAction); + setupStorageClient(realmId, allowedRead, allowedWrite, allowedListAction); BlobInfo blobInfoGoodWrite = createStorageBlob("sfc-dev1-regtest", "polaris-test/subscoped-test/write1/", "file.txt"); BlobInfo blobInfoBad = @@ -126,7 +126,7 @@ public void testSubscope(boolean allowedListAction) throws Exception { "gs://sfc-dev1-regtest/polaris-test/subscoped-test/write2/", "gs://sfc-dev1-regtest/polaris-test/subscoped-test/write3/"); Storage clientForDelete = - setupStorageClient(realmContext, List.of(), allowedWrite2, allowedListAction); + setupStorageClient(realmId, List.of(), allowedWrite2, allowedListAction); // can not delete because it is not in allowed write path for this client Assertions.assertThatThrownBy(() -> clientForDelete.delete(blobInfoGoodWrite.getBlobId())) @@ -138,13 +138,13 @@ public void testSubscope(boolean allowedListAction) throws Exception { } private Storage setupStorageClient( - RealmContext realmContext, + RealmId realmId, List allowedReadLoc, List allowedWriteLoc, boolean allowListAction) throws IOException { Map credsMap = - subscopedCredsForOperations(realmContext, allowedReadLoc, allowedWriteLoc, allowListAction); + subscopedCredsForOperations(realmId, allowedReadLoc, allowedWriteLoc, allowListAction); return createStorageClient(credsMap); } @@ -167,7 +167,7 @@ private Storage createStorageClient(Map creds } private Map subscopedCredsForOperations( - RealmContext realmContext, + RealmId realmId, List allowedReadLoc, List allowedWriteLoc, boolean allowListAction) @@ -183,7 +183,7 @@ private Map subscopedCredsForOperations( ServiceOptions.getFromServiceLoader(HttpTransportFactory.class, NetHttpTransport::new)); EnumMap credsMap = gcpCredsIntegration.getSubscopedCreds( - realmContext, + realmId, new PolarisDefaultDiagServiceImpl(), gcpConfig, allowListAction, diff --git a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/config/QuarkusProducers.java b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/config/QuarkusProducers.java index 389d3281ac..66ce096996 100644 --- a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/config/QuarkusProducers.java +++ b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/config/QuarkusProducers.java @@ -39,7 +39,7 @@ import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizer; import org.apache.polaris.core.auth.PolarisAuthorizerImpl; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; import org.apache.polaris.core.persistence.PolarisEntityManager; import org.apache.polaris.core.persistence.PolarisMetaStoreManager; @@ -53,7 +53,7 @@ import org.apache.polaris.service.catalog.io.FileIOFactory; import org.apache.polaris.service.config.RealmEntityManagerFactory; import org.apache.polaris.service.context.RealmContextConfiguration; -import org.apache.polaris.service.context.RealmContextResolver; +import org.apache.polaris.service.context.RealmIdResolver; import org.apache.polaris.service.persistence.InMemoryPolarisMetaStoreManagerFactory; import org.apache.polaris.service.quarkus.auth.QuarkusAuthenticationConfiguration; import org.apache.polaris.service.quarkus.catalog.io.QuarkusFileIOConfiguration; @@ -99,9 +99,8 @@ public PolarisDiagnostics polarisDiagnostics() { @Produces @RequestScoped - public RealmContext realmContext( - @Context HttpServerRequest request, RealmContextResolver realmContextResolver) { - return realmContextResolver.resolveRealmContext( + public RealmId realmId(@Context HttpServerRequest request, RealmIdResolver realmIdResolver) { + return realmIdResolver.resolveRealmContext( request.absoluteURI(), request.method().name(), request.path(), @@ -112,51 +111,50 @@ public RealmContext realmContext( @Produces @RequestScoped public PolarisMetaStoreSession metaStoreSession( - MetaStoreManagerFactory metaStoreManagerFactory, RealmContext realmContext) { - return metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + MetaStoreManagerFactory metaStoreManagerFactory, RealmId realmId) { + return metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); } @Produces @RequestScoped // TODO break into separate beans public PolarisMetaStoreManager polarisMetaStoreManager( - MetaStoreManagerFactory metaStoreManagerFactory, RealmContext realmContext) { - return metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext); + MetaStoreManagerFactory metaStoreManagerFactory, RealmId realmId) { + return metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId); } @Produces @RequestScoped public StorageCredentialCache storageCredentialCache( - MetaStoreManagerFactory metaStoreManagerFactory, RealmContext realmContext) { - return metaStoreManagerFactory.getOrCreateStorageCredentialCache(realmContext); + MetaStoreManagerFactory metaStoreManagerFactory, RealmId realmId) { + return metaStoreManagerFactory.getOrCreateStorageCredentialCache(realmId); } @Produces @RequestScoped - public EntityCache entityCache( - MetaStoreManagerFactory metaStoreManagerFactory, RealmContext realmContext) { - return metaStoreManagerFactory.getOrCreateEntityCache(realmContext); + public EntityCache entityCache(MetaStoreManagerFactory metaStoreManagerFactory, RealmId realmId) { + return metaStoreManagerFactory.getOrCreateEntityCache(realmId); } @Produces @RequestScoped public PolarisEntityManager polarisEntityManager( - RealmEntityManagerFactory realmEntityManagerFactory, RealmContext realmContext) { - return realmEntityManagerFactory.getOrCreateEntityManager(realmContext); + RealmEntityManagerFactory realmEntityManagerFactory, RealmId realmId) { + return realmEntityManagerFactory.getOrCreateEntityManager(realmId); } @Produces @RequestScoped - public TokenBroker tokenBroker(TokenBrokerFactory tokenBrokerFactory, RealmContext realmContext) { - return tokenBrokerFactory.apply(realmContext); + public TokenBroker tokenBroker(TokenBrokerFactory tokenBrokerFactory, RealmId realmId) { + return tokenBrokerFactory.apply(realmId); } // Polaris service beans - selected from @Identifier-annotated beans @Produces - public RealmContextResolver realmContextResolver( + public RealmIdResolver realmContextResolver( QuarkusRealmContextConfiguration config, - @Any Instance realmContextResolvers) { + @Any Instance realmContextResolvers) { return realmContextResolvers.select(Identifier.Literal.of(config.type())).get(); } diff --git a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/context/QuarkusRealmContextConfiguration.java b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/context/QuarkusRealmContextConfiguration.java index dce9894041..a05cf57a8f 100644 --- a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/context/QuarkusRealmContextConfiguration.java +++ b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/context/QuarkusRealmContextConfiguration.java @@ -21,14 +21,15 @@ import io.quarkus.runtime.annotations.StaticInitSafe; import io.smallrye.config.ConfigMapping; import org.apache.polaris.service.context.RealmContextConfiguration; +import org.apache.polaris.service.context.RealmIdResolver; @StaticInitSafe @ConfigMapping(prefix = "polaris.realm-context") public interface QuarkusRealmContextConfiguration extends RealmContextConfiguration { /** - * The type of the realm context resolver. Must be a registered {@link - * org.apache.polaris.service.context.RealmContextResolver} identifier. + * The type of the realm context resolver. Must be a registered {@link RealmIdResolver} + * identifier. */ String type(); } diff --git a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/logging/QuarkusLoggingMDCFilter.java b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/logging/QuarkusLoggingMDCFilter.java index 98fb2888dd..79664c7053 100644 --- a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/logging/QuarkusLoggingMDCFilter.java +++ b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/logging/QuarkusLoggingMDCFilter.java @@ -22,7 +22,7 @@ import io.vertx.ext.web.RoutingContext; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.slf4j.MDC; @ApplicationScoped @@ -33,7 +33,7 @@ public class QuarkusLoggingMDCFilter { private static final String REQUEST_ID_KEY = "requestId"; private static final String REALM_ID_KEY = "realmId"; - @Inject RealmContext realmContext; + @Inject RealmId realmId; @Inject QuarkusLoggingConfiguration loggingConfiguration; @@ -57,8 +57,8 @@ public void applyMDCContext(RoutingContext rc) { MDC.put(REQUEST_ID_KEY, requestId); rc.put(REQUEST_ID_KEY, requestId); } - MDC.put(REALM_ID_KEY, realmContext.getRealmIdentifier()); - rc.put(REALM_ID_KEY, realmContext.getRealmIdentifier()); + MDC.put(REALM_ID_KEY, realmId.id()); + rc.put(REALM_ID_KEY, realmId.id()); // Do not explicitly remove the MDC values from the request context with an end handler, // as this could remove MDC context still in use in TaskExecutor threads // rc.addEndHandler( diff --git a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/QuarkusValueExpressionResolver.java b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/QuarkusValueExpressionResolver.java index 98783de60f..f3a4059a0a 100644 --- a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/QuarkusValueExpressionResolver.java +++ b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/QuarkusValueExpressionResolver.java @@ -22,7 +22,7 @@ import io.micrometer.common.lang.Nullable; import jakarta.annotation.Nonnull; import jakarta.enterprise.context.ApplicationScoped; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; @ApplicationScoped public class QuarkusValueExpressionResolver implements ValueExpressionResolver { @@ -30,8 +30,8 @@ public class QuarkusValueExpressionResolver implements ValueExpressionResolver { @Override public String resolve(@Nonnull String expression, @Nullable Object parameter) { // TODO maybe replace with CEL of some expression engine and make this more generic - if (parameter instanceof RealmContext realmContext && expression.equals("realmIdentifier")) { - return realmContext.getRealmIdentifier(); + if (parameter instanceof RealmId realmId && expression.equals("realmIdentifier")) { + return realmId.id(); } return null; } diff --git a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/RealmIdTagContributor.java b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/RealmIdTagContributor.java index 147ebd7fd7..df7b1f1372 100644 --- a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/RealmIdTagContributor.java +++ b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/metrics/RealmIdTagContributor.java @@ -24,26 +24,26 @@ import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import java.util.HashMap; -import org.apache.polaris.core.context.RealmContext; -import org.apache.polaris.service.context.RealmContextResolver; +import org.apache.polaris.core.context.RealmId; +import org.apache.polaris.service.context.RealmIdResolver; @ApplicationScoped public class RealmIdTagContributor implements HttpServerMetricsTagsContributor { public static final String TAG_REALM = "realm_id"; - @Inject RealmContextResolver realmContextResolver; + @Inject RealmIdResolver realmIdResolver; @Override public Tags contribute(Context context) { // FIXME request scope does not work here, so we have to resolve the realm context manually HttpServerRequest request = context.request(); - RealmContext realmContext = resolveRealmContext(request); - return Tags.of(TAG_REALM, realmContext.getRealmIdentifier()); + RealmId realmId = resolveRealmContext(request); + return Tags.of(TAG_REALM, realmId.id()); } - private RealmContext resolveRealmContext(HttpServerRequest request) { - return realmContextResolver.resolveRealmContext( + private RealmId resolveRealmContext(HttpServerRequest request) { + return realmIdResolver.resolveRealmContext( request.absoluteURI(), request.method().name(), request.path(), diff --git a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/task/QuarkusTaskExecutorImpl.java b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/task/QuarkusTaskExecutorImpl.java index d14a9c2da6..a9c5c1efd2 100644 --- a/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/task/QuarkusTaskExecutorImpl.java +++ b/quarkus/service/src/main/java/org/apache/polaris/service/quarkus/task/QuarkusTaskExecutorImpl.java @@ -30,7 +30,7 @@ import java.util.concurrent.ExecutorService; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; import org.apache.polaris.service.quarkus.tracing.QuarkusTracingFilter; import org.apache.polaris.service.task.TaskExecutorImpl; @@ -71,18 +71,17 @@ public void init() { } @Override - protected void handleTask(long taskEntityId, RealmContext realmContext, int attempt) { + protected void handleTask(long taskEntityId, RealmId realmId, int attempt) { Span span = tracer .spanBuilder("polaris.task") .setParent(Context.current()) - .setAttribute( - QuarkusTracingFilter.REALM_ID_ATTRIBUTE, realmContext.getRealmIdentifier()) + .setAttribute(QuarkusTracingFilter.REALM_ID_ATTRIBUTE, realmId.id()) .setAttribute("polaris.task.entity.id", taskEntityId) .setAttribute("polaris.task.attempt", attempt) .startSpan(); try (Scope ignored = span.makeCurrent()) { - super.handleTask(taskEntityId, realmContext, attempt); + super.handleTask(taskEntityId, realmId, attempt); } finally { span.end(); } diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TestServices.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TestServices.java index 153dc35a02..81d34dd515 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TestServices.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TestServices.java @@ -30,7 +30,7 @@ import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizer; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PrincipalEntity; import org.apache.polaris.core.persistence.PolarisEntityManager; @@ -53,10 +53,10 @@ public record TestServices( IcebergRestCatalogApi restApi, PolarisCatalogsApi catalogsApi, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - private static final RealmContext testRealm = () -> "test-realm"; + private static final RealmId testRealm = RealmId.newRealmId("test-realm"); public static TestServices inMemory(Map config) { return inMemory(new TestFileIOFactory(), config); diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TimedApplicationEventListenerTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TimedApplicationEventListenerTest.java index acd60ede34..0541d489c4 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TimedApplicationEventListenerTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/TimedApplicationEventListenerTest.java @@ -18,7 +18,7 @@ */ package org.apache.polaris.service.quarkus; -import static org.apache.polaris.service.context.TestRealmContextResolver.REALM_PROPERTY_KEY; +import static org.apache.polaris.service.context.TestRealmIdResolver.REALM_PROPERTY_KEY; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.InstanceOfAssertFactories.type; diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/ManagementServiceTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/ManagementServiceTest.java index a3f9e7c9fb..4af7b2331f 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/ManagementServiceTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/ManagementServiceTest.java @@ -62,7 +62,7 @@ public void testCreateCatalogWithDisallowedStorageConfig() { .catalogsApi() .createCatalog( new CreateCatalogRequest(catalog), - services.realmContext(), + services.realmId(), services.securityContext())) .isInstanceOf(IllegalArgumentException.class) .hasMessage("Unsupported storage type: FILE"); @@ -91,7 +91,7 @@ public void testUpdateCatalogWithDisallowedStorageConfig() { .catalogsApi() .createCatalog( new CreateCatalogRequest(catalog), - services.realmContext(), + services.realmId(), services.securityContext())) { assertThat(response).returns(Response.Status.CREATED.getStatusCode(), Response::getStatus); } @@ -101,7 +101,7 @@ public void testUpdateCatalogWithDisallowedStorageConfig() { try (Response response = services .catalogsApi() - .getCatalog(catalogName, services.realmContext(), services.securityContext())) { + .getCatalog(catalogName, services.realmId(), services.securityContext())) { assertThat(response).returns(Response.Status.OK.getStatusCode(), Response::getStatus); fetchedCatalog = (Catalog) response.getEntity(); @@ -127,10 +127,7 @@ public void testUpdateCatalogWithDisallowedStorageConfig() { services .catalogsApi() .updateCatalog( - catalogName, - updateRequest, - services.realmContext(), - services.securityContext())) + catalogName, updateRequest, services.realmId(), services.securityContext())) .isInstanceOf(IllegalArgumentException.class) .hasMessage("Unsupported storage type: FILE"); } diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAdminServiceAuthzTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAdminServiceAuthzTest.java index 303746d5d6..d92ce3c8e4 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAdminServiceAuthzTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAdminServiceAuthzTest.java @@ -49,7 +49,7 @@ private PolarisAdminService newTestAdminService(Set activatedPrincipalRo final AuthenticatedPolarisPrincipal authenticatedPrincipal = new AuthenticatedPolarisPrincipal(principalEntity, activatedPrincipalRoles); return new PolarisAdminService( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAuthzTestBase.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAuthzTestBase.java index fcb6851b89..30f93dcefc 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAuthzTestBase.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisAuthzTestBase.java @@ -51,7 +51,7 @@ import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizer; import org.apache.polaris.core.auth.PolarisAuthorizerImpl; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.CatalogRoleEntity; import org.apache.polaris.core.entity.PolarisBaseEntity; @@ -162,7 +162,7 @@ public Map getConfigOverrides() { protected PolarisMetaStoreSession metaStoreSession; protected PolarisBaseEntity catalogEntity; protected PrincipalEntity principalEntity; - protected RealmContext realmContext; + protected RealmId realmId; protected AuthenticatedPolarisPrincipal authenticatedRoot; @BeforeAll @@ -177,10 +177,10 @@ public static void setUpMocks() { @BeforeEach public void before(TestInfo testInfo) { - realmContext = testInfo::getDisplayName; - metaStoreManager = managerFactory.getOrCreateMetaStoreManager(realmContext); - metaStoreSession = managerFactory.getOrCreateSessionSupplier(realmContext).get(); - entityManager = realmEntityManagerFactory.getOrCreateEntityManager(realmContext); + realmId = testInfo::getDisplayName; + metaStoreManager = managerFactory.getOrCreateMetaStoreManager(realmId); + metaStoreSession = managerFactory.getOrCreateSessionSupplier(realmId).get(); + entityManager = realmEntityManagerFactory.getOrCreateEntityManager(realmId); PrincipalEntity rootEntity = new PrincipalEntity( @@ -198,7 +198,7 @@ public void before(TestInfo testInfo) { this.adminService = new PolarisAdminService( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -387,7 +387,7 @@ private void initBaseCatalog() { entityManager, metaStoreSession, securityContext, CATALOG_NAME); this.baseCatalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingCatalogTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingCatalogTest.java index 505bc57d92..61a3fdc53f 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingCatalogTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingCatalogTest.java @@ -80,7 +80,7 @@ private Response createCatalog( return services .catalogsApi() .createCatalog( - new CreateCatalogRequest(catalog), services.realmContext(), services.securityContext()); + new CreateCatalogRequest(catalog), services.realmId(), services.securityContext()); } @ParameterizedTest diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingTableTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingTableTest.java index 9abbed9402..2791bfa733 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingTableTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/admin/PolarisOverlappingTableTest.java @@ -63,7 +63,7 @@ private int createTable(TestServices services, String location) { namespace, createTableRequest, null, - services.realmContext(), + services.realmId(), services.securityContext())) { return response.getStatus(); } catch (ForbiddenException e) { @@ -130,7 +130,7 @@ void testTableLocationRestrictions( .catalogsApi() .createCatalog( new CreateCatalogRequest(catalogObject), - services.realmContext(), + services.realmId(), services.securityContext())) { assertThat(response.getStatus()).isEqualTo(Response.Status.CREATED.getStatusCode()); } @@ -141,10 +141,7 @@ void testTableLocationRestrictions( services .restApi() .createNamespace( - catalog, - createNamespaceRequest, - services.realmContext(), - services.securityContext())) { + catalog, createNamespaceRequest, services.realmId(), services.securityContext())) { assertThat(response.getStatus()).isEqualTo(Response.Status.OK.getStatusCode()); } diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/TokenUtils.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/TokenUtils.java index 0943230845..bd860af11a 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/TokenUtils.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/auth/TokenUtils.java @@ -19,7 +19,7 @@ package org.apache.polaris.service.quarkus.auth; import static org.apache.polaris.service.auth.BasePolarisAuthenticator.PRINCIPAL_ROLE_ALL; -import static org.apache.polaris.service.context.TestRealmContextResolver.REALM_PROPERTY_KEY; +import static org.apache.polaris.service.context.TestRealmIdResolver.REALM_PROPERTY_KEY; import static org.assertj.core.api.Assertions.assertThat; import jakarta.ws.rs.client.Client; diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java index 20d0fd0bf8..880c4cf0a6 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogTest.java @@ -72,7 +72,7 @@ import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizerImpl; import org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntity; @@ -139,7 +139,7 @@ public class BasePolarisCatalogTest extends CatalogTests { @Inject Clock clock; private BasePolarisCatalog catalog; - private RealmContext realmContext; + private RealmId realmId; private PolarisMetaStoreManager metaStoreManager; private PolarisMetaStoreSession metaStoreSession; private PolarisAdminService adminService; @@ -163,10 +163,10 @@ public void before(TestInfo testInfo) { "realm_%s_%s" .formatted( testInfo.getTestMethod().map(Method::getName).orElse("test"), System.nanoTime()); - realmContext = () -> realmName; - metaStoreManager = managerFactory.getOrCreateMetaStoreManager(realmContext); - metaStoreSession = managerFactory.getOrCreateSessionSupplier(realmContext).get(); - entityManager = entityManagerFactory.getOrCreateEntityManager(realmContext); + realmId = RealmId.newRealmId(realmName); + metaStoreManager = managerFactory.getOrCreateMetaStoreManager(realmId); + metaStoreSession = managerFactory.getOrCreateSessionSupplier(realmId).get(); + entityManager = entityManagerFactory.getOrCreateEntityManager(realmId); PrincipalEntity rootEntity = new PrincipalEntity( @@ -187,7 +187,7 @@ public void before(TestInfo testInfo) { when(securityContext.isUserInRole(isA(String.class))).thenReturn(true); adminService = new PolarisAdminService( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -224,7 +224,7 @@ public void before(TestInfo testInfo) { TaskExecutor taskExecutor = Mockito.mock(); this.catalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -289,23 +289,22 @@ protected boolean supportsNotifications() { private MetaStoreManagerFactory createMockMetaStoreManagerFactory() { return new MetaStoreManagerFactory() { @Override - public PolarisMetaStoreManager getOrCreateMetaStoreManager(RealmContext realmContext) { + public PolarisMetaStoreManager getOrCreateMetaStoreManager(RealmId realmId) { return metaStoreManager; } @Override - public Supplier getOrCreateSessionSupplier( - RealmContext realmContext) { + public Supplier getOrCreateSessionSupplier(RealmId realmId) { return () -> metaStoreSession; } @Override - public StorageCredentialCache getOrCreateStorageCredentialCache(RealmContext realmContext) { + public StorageCredentialCache getOrCreateStorageCredentialCache(RealmId realmId) { return new StorageCredentialCache(diagServices, configurationStore); } @Override - public EntityCache getOrCreateEntityCache(RealmContext realmContext) { + public EntityCache getOrCreateEntityCache(RealmId realmId) { return new EntityCache(metaStoreManager, diagServices); } @@ -493,7 +492,7 @@ public void testValidateNotificationFailToCreateFileIO() throws IOException { FileIOFactory fileIoFactory = spy(new DefaultFileIOFactory()); BasePolarisCatalog catalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -821,7 +820,7 @@ public void testUpdateNotificationCreateTableWithLocalFilePrefix() { TaskExecutor taskExecutor = Mockito.mock(); BasePolarisCatalog catalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -855,7 +854,7 @@ public void testUpdateNotificationCreateTableWithLocalFilePrefix() { TableMetadataParser.toJson(createSampleTableMetadata(metadataLocation)).getBytes(UTF_8)); if (!configurationStore - .getConfiguration(realmContext, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES) + .getConfiguration(realmId, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES) .contains("FILE")) { Assertions.assertThatThrownBy(() -> catalog.sendNotification(table, request)) .isInstanceOf(ForbiddenException.class) @@ -886,7 +885,7 @@ public void testUpdateNotificationCreateTableWithHttpPrefix() { TaskExecutor taskExecutor = Mockito.mock(); BasePolarisCatalog catalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -922,7 +921,7 @@ public void testUpdateNotificationCreateTableWithHttpPrefix() { TableMetadataParser.toJson(createSampleTableMetadata(metadataLocation)).getBytes(UTF_8)); if (!configurationStore - .getConfiguration(realmContext, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES) + .getConfiguration(realmId, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES) .contains("FILE")) { Assertions.assertThatThrownBy(() -> catalog.sendNotification(table, request)) .isInstanceOf(ForbiddenException.class) @@ -942,7 +941,7 @@ public void testUpdateNotificationCreateTableWithHttpPrefix() { TableMetadataParser.toJson(createSampleTableMetadata(metadataLocation)).getBytes(UTF_8)); if (!configurationStore - .getConfiguration(realmContext, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES) + .getConfiguration(realmId, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES) .contains("FILE")) { Assertions.assertThatThrownBy(() -> catalog.sendNotification(table, newRequest)) .isInstanceOf(ForbiddenException.class) @@ -1390,7 +1389,7 @@ public void testDropTableWithPurge() { FileIO fileIO = new TaskFileIOSupplier( createMockMetaStoreManagerFactory(), new DefaultFileIOFactory(), configurationStore) - .apply(taskEntity, realmContext); + .apply(taskEntity, realmId); Assertions.assertThat(fileIO).isNotNull().isInstanceOf(InMemoryFileIO.class); } @@ -1422,7 +1421,7 @@ public void testDropTableWithPurgeDisabled() { entityManager, metaStoreSession, securityContext, noPurgeCatalogName); BasePolarisCatalog noPurgeCatalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -1506,7 +1505,7 @@ public void testFileIOWrapper() { TestFileIOFactory measured = new TestFileIOFactory(); BasePolarisCatalog catalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -1554,7 +1553,7 @@ public void testFileIOWrapper() { .loadTasks(metaStoreSession, "testExecutor", 1) .getEntities() .getFirst()), - realmContext); + realmId); Assertions.assertThat(measured.getNumDeletedFiles()).as("A table was deleted").isGreaterThan(0); } } diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogViewTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogViewTest.java index f896c63a04..f634bfd16f 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogViewTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/BasePolarisCatalogViewTest.java @@ -41,7 +41,7 @@ import org.apache.polaris.core.admin.model.StorageConfigInfo; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizerImpl; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PolarisEntitySubType; @@ -98,10 +98,10 @@ public void before(TestInfo testInfo) { "realm_%s_%s" .formatted( testInfo.getTestMethod().map(Method::getName).orElse("test"), System.nanoTime()); - RealmContext realmContext = () -> realmName; + RealmId realmId = RealmId.newRealmId(realmName); - metaStoreManager = managerFactory.getOrCreateMetaStoreManager(realmContext); - metaStoreSession = managerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManager = managerFactory.getOrCreateMetaStoreManager(realmId); + metaStoreSession = managerFactory.getOrCreateSessionSupplier(realmId).get(); PrincipalEntity rootEntity = new PrincipalEntity( @@ -117,15 +117,14 @@ public void before(TestInfo testInfo) { AuthenticatedPolarisPrincipal authenticatedRoot = new AuthenticatedPolarisPrincipal(rootEntity, Set.of()); - PolarisEntityManager entityManager = - entityManagerFactory.getOrCreateEntityManager(realmContext); + PolarisEntityManager entityManager = entityManagerFactory.getOrCreateEntityManager(realmId); SecurityContext securityContext = Mockito.mock(SecurityContext.class); when(securityContext.getUserPrincipal()).thenReturn(authenticatedRoot); when(securityContext.isUserInRole(Mockito.anyString())).thenReturn(true); PolarisAdminService adminService = new PolarisAdminService( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, @@ -151,7 +150,7 @@ public void before(TestInfo testInfo) { entityManager, metaStoreSession, securityContext, CATALOG_NAME); this.catalog = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, metaStoreSession, diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/PolarisCatalogHandlerWrapperAuthzTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/PolarisCatalogHandlerWrapperAuthzTest.java index 4a78570e1a..0696e931d9 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/PolarisCatalogHandlerWrapperAuthzTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/PolarisCatalogHandlerWrapperAuthzTest.java @@ -103,7 +103,7 @@ private PolarisCatalogHandlerWrapper newWrapper(SecurityContext securityContext) private PolarisCatalogHandlerWrapper newWrapper( SecurityContext securityContext, String catalogName) { return new PolarisCatalogHandlerWrapper( - realmContext, + realmId, metaStoreSession, configurationStore, diagServices, diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/TestUtil.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/TestUtil.java index 5d4ee44669..3ba418eca5 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/TestUtil.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/TestUtil.java @@ -18,7 +18,7 @@ */ package org.apache.polaris.service.quarkus.catalog; -import static org.apache.polaris.service.context.TestRealmContextResolver.REALM_PROPERTY_KEY; +import static org.apache.polaris.service.context.TestRealmIdResolver.REALM_PROPERTY_KEY; import static org.assertj.core.api.Assertions.assertThat; import com.google.common.collect.ImmutableMap; diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/io/FileIOExceptionsTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/io/FileIOExceptionsTest.java index bc1f0f9e62..13349c8259 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/io/FileIOExceptionsTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/catalog/io/FileIOExceptionsTest.java @@ -81,7 +81,7 @@ public static void beforeAll() { .catalogsApi() .createCatalog( new CreateCatalogRequest(catalog), - services.realmContext(), + services.realmId(), services.securityContext())) { assertThat(res.getStatus()).isEqualTo(201); } @@ -92,7 +92,7 @@ public static void beforeAll() { .createNamespace( FileIOExceptionsTest.catalog, CreateNamespaceRequest.builder().withNamespace(Namespace.of("ns1")).build(), - services.realmContext(), + services.realmId(), services.securityContext())) { assertThat(res.getStatus()).isEqualTo(200); } @@ -112,7 +112,7 @@ private static void requestCreateTable() { services .restApi() .createTable( - catalog, "ns1", request, null, services.realmContext(), services.securityContext()); + catalog, "ns1", request, null, services.realmId(), services.securityContext()); res.close(); } diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/config/DefaultConfigurationStoreTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/config/DefaultConfigurationStoreTest.java index 937dd3429f..ac2f72132a 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/config/DefaultConfigurationStoreTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/config/DefaultConfigurationStoreTest.java @@ -21,7 +21,7 @@ import static org.assertj.core.api.Assertions.assertThat; import java.util.Map; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.service.config.DefaultConfigurationStore; import org.junit.jupiter.api.Test; @@ -31,17 +31,16 @@ public class DefaultConfigurationStoreTest { public void testGetConfiguration() { DefaultConfigurationStore defaultConfigurationStore = new DefaultConfigurationStore(Map.of("key1", 1, "key2", "value")); - RealmContext realmContext = () -> "test"; - Object value = - defaultConfigurationStore.getConfiguration(realmContext, "missingKeyWithoutDefault"); + RealmId realmId = RealmId.newRealmId("test"); + Object value = defaultConfigurationStore.getConfiguration(realmId, "missingKeyWithoutDefault"); assertThat(value).isNull(); Object defaultValue = defaultConfigurationStore.getConfiguration( - realmContext, "missingKeyWithDefault", "defaultValue"); + realmId, "missingKeyWithDefault", "defaultValue"); assertThat(defaultValue).isEqualTo("defaultValue"); - Integer keyOne = defaultConfigurationStore.getConfiguration(realmContext, "key1"); + Integer keyOne = defaultConfigurationStore.getConfiguration(realmId, "key1"); assertThat(keyOne).isEqualTo(1); - String keyTwo = defaultConfigurationStore.getConfiguration(realmContext, "key2"); + String keyTwo = defaultConfigurationStore.getConfiguration(realmId, "key2"); assertThat(keyTwo).isEqualTo("value"); } @@ -63,31 +62,30 @@ public void testGetRealmConfiguration() { Map.of("key1", realm2KeyOneValue, "key2", realm2KeyTwoValue))); // check realm1 values - RealmContext realmContext = () -> "realm1"; - Object value = - defaultConfigurationStore.getConfiguration(realmContext, "missingKeyWithoutDefault"); + RealmId realmId = RealmId.newRealmId("realm1"); + Object value = defaultConfigurationStore.getConfiguration(realmId, "missingKeyWithoutDefault"); assertThat(value).isNull(); Object defaultValue = defaultConfigurationStore.getConfiguration( - realmContext, "missingKeyWithDefault", "defaultValue"); + realmId, "missingKeyWithDefault", "defaultValue"); assertThat(defaultValue).isEqualTo("defaultValue"); - Integer keyOneRealm1 = defaultConfigurationStore.getConfiguration(realmContext, "key1"); + Integer keyOneRealm1 = defaultConfigurationStore.getConfiguration(realmId, "key1"); assertThat(keyOneRealm1).isEqualTo(realm1KeyOneValue); - String keyTwoRealm1 = defaultConfigurationStore.getConfiguration(realmContext, "key2"); + String keyTwoRealm1 = defaultConfigurationStore.getConfiguration(realmId, "key2"); assertThat(keyTwoRealm1).isEqualTo(defaultKeyTwoValue); // check realm2 values - realmContext = () -> "realm2"; - Integer keyOneRealm2 = defaultConfigurationStore.getConfiguration(realmContext, "key1"); + realmId = RealmId.newRealmId("realm2"); + Integer keyOneRealm2 = defaultConfigurationStore.getConfiguration(realmId, "key1"); assertThat(keyOneRealm2).isEqualTo(realm2KeyOneValue); - String keyTwoRealm2 = defaultConfigurationStore.getConfiguration(realmContext, "key2"); + String keyTwoRealm2 = defaultConfigurationStore.getConfiguration(realmId, "key2"); assertThat(keyTwoRealm2).isEqualTo(realm2KeyTwoValue); // realm3 has no realm-overrides, so just returns default values - realmContext = () -> "realm3"; - Integer keyOneRealm3 = defaultConfigurationStore.getConfiguration(realmContext, "key1"); + realmId = RealmId.newRealmId("realm3"); + Integer keyOneRealm3 = defaultConfigurationStore.getConfiguration(realmId, "key1"); assertThat(keyOneRealm3).isEqualTo(defaultKeyOneValue); - String keyTwoRealm3 = defaultConfigurationStore.getConfiguration(realmContext, "key2"); + String keyTwoRealm3 = defaultConfigurationStore.getConfiguration(realmId, "key2"); assertThat(keyTwoRealm3).isEqualTo(defaultKeyTwoValue); } } diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/ratelimiter/TestUtil.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/ratelimiter/TestUtil.java index 80c3288043..35c90e6002 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/ratelimiter/TestUtil.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/ratelimiter/TestUtil.java @@ -18,7 +18,7 @@ */ package org.apache.polaris.service.quarkus.ratelimiter; -import static org.apache.polaris.service.context.TestRealmContextResolver.REALM_PROPERTY_KEY; +import static org.apache.polaris.service.context.TestRealmIdResolver.REALM_PROPERTY_KEY; import static org.assertj.core.api.Assertions.assertThat; import jakarta.ws.rs.core.Response; diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/ManifestFileCleanupTaskHandlerTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/ManifestFileCleanupTaskHandlerTest.java index e0932252bf..1c16b88641 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/ManifestFileCleanupTaskHandlerTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/ManifestFileCleanupTaskHandlerTest.java @@ -46,7 +46,7 @@ import org.apache.iceberg.io.OutputFile; import org.apache.iceberg.io.PositionOutputStream; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.AsyncTaskType; import org.apache.polaris.core.entity.TaskEntity; import org.apache.polaris.service.task.ManifestFileCleanupTaskHandler; @@ -58,7 +58,7 @@ class ManifestFileCleanupTaskHandlerTest { @Inject PolarisDiagnostics diagnostics; - private final RealmContext realmContext = () -> "realmName"; + private final RealmId realmId = RealmId.newRealmId("realmName"); @Test public void testCleanupFileNotExists() throws IOException { @@ -81,7 +81,7 @@ public void testCleanupFileNotExists() throws IOException { .setName(UUID.randomUUID().toString()) .build(); assertThat(handler.canHandleTask(task)).isTrue(); - assertThat(handler.handleTask(task, realmContext)).isTrue(); + assertThat(handler.handleTask(task, realmId)).isTrue(); } @Test @@ -104,7 +104,7 @@ public void testCleanupFileManifestExistsDataFilesDontExist() throws IOException .setName(UUID.randomUUID().toString()) .build(); assertThat(handler.canHandleTask(task)).isTrue(); - assertThat(handler.handleTask(task, realmContext)).isTrue(); + assertThat(handler.handleTask(task, realmId)).isTrue(); } @Test @@ -142,7 +142,7 @@ public void close() { .setName(UUID.randomUUID().toString()) .build(); assertThat(handler.canHandleTask(task)).isTrue(); - assertThat(handler.handleTask(task, realmContext)).isTrue(); + assertThat(handler.handleTask(task, realmId)).isTrue(); assertThat(TaskUtils.exists(dataFile1Path, fileIO)).isFalse(); assertThat(TaskUtils.exists(dataFile2Path, fileIO)).isFalse(); } @@ -196,7 +196,7 @@ public void deleteFile(String location) { .setName(UUID.randomUUID().toString()) .build(); assertThat(handler.canHandleTask(task)).isTrue(); - assertThat(handler.handleTask(task, realmContext)).isTrue(); + assertThat(handler.handleTask(task, realmId)).isTrue(); assertThat(TaskUtils.exists(dataFile1Path, fileIO)).isFalse(); assertThat(TaskUtils.exists(dataFile2Path, fileIO)).isFalse(); } @@ -288,7 +288,7 @@ public void close() { .build(); assertThat(handler.canHandleTask(task)).isTrue(); - assertThat(handler.handleTask(task, realmContext)).isTrue(); + assertThat(handler.handleTask(task, realmId)).isTrue(); assertThat(TaskUtils.exists(firstMetadataFile, fileIO)).isFalse(); assertThat(TaskUtils.exists(statisticsFile1.path(), fileIO)).isFalse(); @@ -330,7 +330,7 @@ public void testMetadataFileCleanupIfFileNotExist() throws IOException { .setName(UUID.randomUUID().toString()) .build(); assertThat(handler.canHandleTask(task)).isTrue(); - assertThat(handler.handleTask(task, realmContext)).isTrue(); + assertThat(handler.handleTask(task, realmId)).isTrue(); } @Test @@ -390,7 +390,7 @@ public void deleteFile(String location) { CompletableFuture.runAsync( () -> { assertThat(handler.canHandleTask(task)).isTrue(); - handler.handleTask(task, realmContext); // this will schedule the batch deletion + handler.handleTask(task, realmId); // this will schedule the batch deletion }, executor); // Wait for all async tasks to finish diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/TableCleanupTaskHandlerTest.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/TableCleanupTaskHandlerTest.java index fecb7ca8ee..5b90329182 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/TableCleanupTaskHandlerTest.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/task/TableCleanupTaskHandlerTest.java @@ -38,7 +38,7 @@ import org.apache.iceberg.io.FileIO; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.AsyncTaskType; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntityType; @@ -60,12 +60,12 @@ class TableCleanupTaskHandlerTest { @Inject PolarisConfigurationStore configurationStore; @Inject PolarisDiagnostics diagnostics; - private final RealmContext realmContext = () -> "realmName"; + private final RealmId realmId = RealmId.newRealmId("realmName"); @Test public void testTableCleanup() throws IOException { PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); FileIO fileIO = new InMemoryFileIO(); TableIdentifier tableIdentifier = TableIdentifier.of(Namespace.of("db1", "schema1"), "table1"); TableCleanupTaskHandler handler = @@ -105,11 +105,11 @@ public void testTableCleanup() throws IOException { .build(); Assertions.assertThatPredicate(handler::canHandleTask).accepts(task); - handler.handleTask(task, realmContext); + handler.handleTask(task, realmId); assertThat( metaStoreManagerFactory - .getOrCreateMetaStoreManager(realmContext) + .getOrCreateMetaStoreManager(realmId) .loadTasks(metaStoreSession, "test", 2) .getEntities()) .hasSize(2) @@ -148,7 +148,7 @@ public void testTableCleanup() throws IOException { @Test public void testTableCleanupHandlesAlreadyDeletedMetadata() throws IOException { PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); FileIO fileIO = new InMemoryFileIO() { @Override @@ -191,13 +191,13 @@ public void close() { // handle the same task twice // the first one should successfully delete the metadata List results = - List.of(handler.handleTask(task, realmContext), handler.handleTask(task, realmContext)); + List.of(handler.handleTask(task, realmId), handler.handleTask(task, realmId)); assertThat(results).containsExactly(true, true); // both tasks successfully executed, but only one should queue subtasks assertThat( metaStoreManagerFactory - .getOrCreateMetaStoreManager(realmContext) + .getOrCreateMetaStoreManager(realmId) .loadTasks(metaStoreSession, "test", 5) .getEntities()) .hasSize(1); @@ -206,7 +206,7 @@ public void close() { @Test public void testTableCleanupDuplicatesTasksIfFileStillExists() throws IOException { PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); FileIO fileIO = new InMemoryFileIO() { @Override @@ -257,13 +257,13 @@ public void close() { // handle the same task twice // the first one should successfully delete the metadata List results = - List.of(handler.handleTask(task, realmContext), handler.handleTask(task, realmContext)); + List.of(handler.handleTask(task, realmId), handler.handleTask(task, realmId)); assertThat(results).containsExactly(true, true); // both tasks successfully executed, but only one should queue subtasks assertThat( metaStoreManagerFactory - .getOrCreateMetaStoreManager(realmContext) + .getOrCreateMetaStoreManager(realmId) .loadTasks(metaStoreSession, "test", 5) .getEntities()) .hasSize(2) @@ -303,7 +303,7 @@ public void close() { @Test public void testTableCleanupMultipleSnapshots() throws IOException { PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); FileIO fileIO = new InMemoryFileIO(); TableIdentifier tableIdentifier = TableIdentifier.of(Namespace.of("db1", "schema1"), "table1"); TableCleanupTaskHandler handler = @@ -365,11 +365,11 @@ public void testTableCleanupMultipleSnapshots() throws IOException { .build(); Assertions.assertThatPredicate(handler::canHandleTask).accepts(task); - handler.handleTask(task, realmContext); + handler.handleTask(task, realmId); List entities = metaStoreManagerFactory - .getOrCreateMetaStoreManager(realmContext) + .getOrCreateMetaStoreManager(realmId) .loadTasks(metaStoreSession, "test", 5) .getEntities(); @@ -452,7 +452,7 @@ public void testTableCleanupMultipleSnapshots() throws IOException { @Test public void testTableCleanupMultipleMetadata() throws IOException { PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); FileIO fileIO = new InMemoryFileIO(); TableIdentifier tableIdentifier = TableIdentifier.of(Namespace.of("db1", "schema1"), "table1"); TableCleanupTaskHandler handler = @@ -528,11 +528,11 @@ public void testTableCleanupMultipleMetadata() throws IOException { Assertions.assertThatPredicate(handler::canHandleTask).accepts(task); - handler.handleTask(task, realmContext); + handler.handleTask(task, realmId); List entities = metaStoreManagerFactory - .getOrCreateMetaStoreManager(realmContext) + .getOrCreateMetaStoreManager(realmId) .loadTasks(metaStoreSession, "test", 6) .getEntities(); diff --git a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/test/PolarisIntegrationTestFixture.java b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/test/PolarisIntegrationTestFixture.java index 68f327581a..c1c2fe061e 100644 --- a/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/test/PolarisIntegrationTestFixture.java +++ b/quarkus/service/src/test/java/org/apache/polaris/service/quarkus/test/PolarisIntegrationTestFixture.java @@ -18,7 +18,7 @@ */ package org.apache.polaris.service.quarkus.test; -import static org.apache.polaris.service.context.TestRealmContextResolver.REALM_PROPERTY_KEY; +import static org.apache.polaris.service.context.TestRealmIdResolver.REALM_PROPERTY_KEY; import static org.assertj.core.api.Assertions.assertThat; import com.fasterxml.jackson.core.JsonProcessingException; @@ -35,7 +35,7 @@ import org.apache.polaris.core.admin.model.Principal; import org.apache.polaris.core.admin.model.PrincipalRole; import org.apache.polaris.core.admin.model.PrincipalWithCredentials; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntityConstants; import org.apache.polaris.core.entity.PolarisEntitySubType; import org.apache.polaris.core.entity.PolarisEntityType; @@ -98,12 +98,12 @@ private PolarisPrincipalSecrets fetchAdminSecrets() { helper.metaStoreManagerFactory.bootstrapRealms(List.of(realm)); } - RealmContext realmContext = () -> realm; + RealmId realmId = RealmId.newRealmId(realm); PolarisMetaStoreSession metaStoreSession = - helper.metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + helper.metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); PolarisMetaStoreManager metaStoreManager = - helper.metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext); + helper.metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId); PolarisMetaStoreManager.EntityResult principal = metaStoreManager.readEntityByName( metaStoreSession, diff --git a/server-templates/api.mustache b/server-templates/api.mustache index b817bc495d..cbe3416b0c 100644 --- a/server-templates/api.mustache +++ b/server-templates/api.mustache @@ -55,7 +55,7 @@ import {{javaxPackage}}.ws.rs.core.SecurityContext; import {{javaxPackage}}.inject.Inject; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -108,7 +108,7 @@ public class {{classname}} { @Produces({ {{#produces}}"{{{mediaType}}}"{{^-last}}, {{/-last}}{{/produces}} }){{/hasProduces}}{{#hasAuthMethods}} {{#authMethods}}{{#isOAuth}}@RolesAllowed({ {{#scopes}}"{{scope}}"{{^-last}}, {{/-last}}{{/scopes}} }){{/isOAuth}}{{/authMethods}}{{/hasAuthMethods}} @Timed("{{metricsPrefix}}.{{baseName}}.{{nickname}}") - public Response {{nickname}}({{#isMultipart}}MultipartFormDataInput input,{{/isMultipart}}{{#allParams}}{{>queryParams}}{{>pathParams}}{{>headerParams}}{{>bodyParams}}{{^isMultipart}}{{>formParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}@Context @MeterTag(key="realm_id",expression="realmIdentifier") RealmContext realmContext,@Context SecurityContext securityContext) { + public Response {{nickname}}({{#isMultipart}}MultipartFormDataInput input,{{/isMultipart}}{{#allParams}}{{>queryParams}}{{>pathParams}}{{>headerParams}}{{>bodyParams}}{{^isMultipart}}{{>formParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}@Context @MeterTag(key="realm_id",expression="realmIdentifier") RealmId realmId,@Context SecurityContext securityContext) { {{! Don't log form or header params in case there are secrets, e.g., OAuth tokens }} LOGGER.atDebug().setMessage("Invoking {{baseName}} with params") .addKeyValue("operation", "{{nickname}}"){{#allParams}}{{^isHeaderParam}}{{^isFormParam}} @@ -116,7 +116,7 @@ public class {{classname}} { .log(); Response ret = - service.{{nickname}}({{#isMultipart}}input,{{/isMultipart}}{{#allParams}}{{^isMultipart}}{{paramName}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}}{{paramName}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}realmContext,securityContext); + service.{{nickname}}({{#isMultipart}}input,{{/isMultipart}}{{#allParams}}{{^isMultipart}}{{paramName}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}}{{paramName}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}realmId,securityContext); LOGGER.debug("Completed execution of {{nickname}} API with status code {}", ret.getStatus()); return ret; } diff --git a/server-templates/apiService.mustache b/server-templates/apiService.mustache index 19e9e8d6c9..6489b9536a 100644 --- a/server-templates/apiService.mustache +++ b/server-templates/apiService.mustache @@ -35,7 +35,7 @@ import {{javaxPackage}}.validation.Valid; import {{javaxPackage}}.ws.rs.core.Response; import {{javaxPackage}}.ws.rs.core.SecurityContext; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; {{! Note that this template is copied from https://github.com/OpenAPITools/openapi-generator/blob/783e68c7acbbdcbb2282d167d1644b069f12d486/modules/openapi-generator/src/main/resources/JavaJaxRS/resteasy/apiService.mustache @@ -54,7 +54,7 @@ It is here to remove some unsupported imports and to update the default implemen {{#operations}} public interface {{classname}}Service { {{#operation}} - default Response {{nickname}}({{#isMultipart}}MultipartFormDataInput input,{{/isMultipart}}{{#allParams}}{{>serviceQueryParams}}{{>servicePathParams}}{{>serviceHeaderParams}}{{>serviceBodyParams}}{{^isMultipart}}{{>serviceFormParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}RealmContext realmContext,SecurityContext securityContext) { + default Response {{nickname}}({{#isMultipart}}MultipartFormDataInput input,{{/isMultipart}}{{#allParams}}{{>serviceQueryParams}}{{>servicePathParams}}{{>serviceHeaderParams}}{{>serviceBodyParams}}{{^isMultipart}}{{>serviceFormParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}RealmId realmId,SecurityContext securityContext) { return Response.status(501).build(); // not implemented } {{/operation}} diff --git a/server-templates/apiServiceImpl.mustache b/server-templates/apiServiceImpl.mustache index 4eb50646a8..ce42416e6c 100644 --- a/server-templates/apiServiceImpl.mustache +++ b/server-templates/apiServiceImpl.mustache @@ -36,7 +36,7 @@ import {{javaxPackage}}.validation.Valid; import {{javaxPackage}}.ws.rs.core.Response; import {{javaxPackage}}.ws.rs.core.SecurityContext; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; {{! Note that this template is copied from https://github.com/OpenAPITools/openapi-generator/blob/783e68c7acbbdcbb2282d167d1644b069f12d486/modules/openapi-generator/src/main/resources/JavaJaxRS/resteasy/apiServiceImpl.mustache @@ -55,7 +55,7 @@ It is here to remove some unsupported imports (ApiResponseMessage, openapi.tools {{#operations}} public class {{classname}}ServiceImpl implements {{classname}}Service { {{#operation}} - public Response {{nickname}}({{#isMultipart}}MultipartFormDataInput input,{{/isMultipart}}{{#allParams}}{{>serviceQueryParams}}{{>servicePathParams}}{{>serviceHeaderParams}}{{>serviceBodyParams}}{{^isMultipart}}{{>serviceFormParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}RealmContext realmContext,SecurityContext securityContext) { + public Response {{nickname}}({{#isMultipart}}MultipartFormDataInput input,{{/isMultipart}}{{#allParams}}{{>serviceQueryParams}}{{>servicePathParams}}{{>serviceHeaderParams}}{{>serviceBodyParams}}{{^isMultipart}}{{>serviceFormParams}},{{/isMultipart}}{{#isMultipart}}{{^isFormParam}},{{/isFormParam}}{{/isMultipart}}{{/allParams}}RealmId realmId,SecurityContext securityContext) { return Response.status(501).build(); // not implemented } {{/operation}} diff --git a/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java b/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java index 9d183033b4..4a3f278bd7 100644 --- a/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java +++ b/service/common/src/main/java/org/apache/polaris/service/admin/PolarisAdminService.java @@ -66,7 +66,7 @@ import org.apache.polaris.core.auth.PolarisAuthorizer; import org.apache.polaris.core.auth.PolarisGrantManager.LoadGrantsResult; import org.apache.polaris.core.catalog.PolarisCatalogHelpers; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.CatalogRoleEntity; import org.apache.polaris.core.entity.NamespaceEntity; @@ -107,7 +107,7 @@ public class PolarisAdminService { private static final Logger LOGGER = LoggerFactory.getLogger(PolarisAdminService.class); - private final RealmContext realmContext; + private final RealmId realmId; private final PolarisMetaStoreSession metaStoreSession; private final PolarisConfigurationStore configurationStore; private final PolarisEntityManager entityManager; @@ -120,7 +120,7 @@ public class PolarisAdminService { private PolarisResolutionManifest resolutionManifest = null; public PolarisAdminService( - RealmContext realmContext, + RealmId realmId, PolarisEntityManager entityManager, PolarisMetaStoreManager metaStoreManager, PolarisMetaStoreSession metaStoreSession, @@ -128,7 +128,7 @@ public PolarisAdminService( PolarisDiagnostics diagServices, SecurityContext securityContext, PolarisAuthorizer authorizer) { - this.realmContext = realmContext; + this.realmId = realmId; this.metaStoreSession = metaStoreSession; this.configurationStore = configurationStore; this.entityManager = entityManager; @@ -176,7 +176,7 @@ private void authorizeBasicRootOperationOrThrow(PolarisAuthorizableOperation op) PolarisResolvedPathWrapper rootContainerWrapper = resolutionManifest.getResolvedRootContainerEntityAsPath(); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedPrincipalRoleEntities(), op, @@ -222,7 +222,7 @@ private void authorizeBasicTopLevelEntityOperationOrThrow( return; } authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -243,7 +243,7 @@ private void authorizeBasicCatalogRoleOperationOrThrow( throw new NotFoundException("CatalogRole does not exist: %s", catalogRoleName); } authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -274,7 +274,7 @@ private void authorizeGrantOnRootContainerToPrincipalRoleOperationOrThrow( principalRoleName, PolarisEntityType.PRINCIPAL_ROLE); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -311,7 +311,7 @@ private void authorizeGrantOnTopLevelEntityToPrincipalRoleOperationOrThrow( principalRoleName, PolarisEntityType.PRINCIPAL_ROLE); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -342,7 +342,7 @@ private void authorizeGrantOnPrincipalRoleToPrincipalOperationOrThrow( resolutionManifest.getResolvedTopLevelEntity(principalName, PolarisEntityType.PRINCIPAL); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -381,7 +381,7 @@ private void authorizeGrantOnCatalogRoleToPrincipalRoleOperationOrThrow( resolutionManifest.getResolvedPath(catalogRoleName, true); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -411,7 +411,7 @@ private void authorizeGrantOnCatalogOperationOrThrow( PolarisResolvedPathWrapper catalogRoleWrapper = resolutionManifest.getResolvedPath(catalogRoleName, true); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -451,7 +451,7 @@ private void authorizeGrantOnNamespaceOperationOrThrow( resolutionManifest.getResolvedPath(catalogRoleName, true); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -496,7 +496,7 @@ private void authorizeGrantOnTableLikeOperationOrThrow( resolutionManifest.getResolvedPath(catalogRoleName, true); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -535,7 +535,7 @@ private String terminateWithSlash(String path) { private boolean catalogOverlapsWithExistingCatalog(CatalogEntity catalogEntity) { boolean allowOverlappingCatalogUrls = configurationStore.getConfiguration( - realmContext, PolarisConfiguration.ALLOW_OVERLAPPING_CATALOG_URLS); + realmId, PolarisConfiguration.ALLOW_OVERLAPPING_CATALOG_URLS); if (allowOverlappingCatalogUrls) { return false; @@ -602,8 +602,7 @@ public void deleteCatalog(String name) { .orElseThrow(() -> new NotFoundException("Catalog %s not found", name)); // TODO: Handle return value in case of concurrent modification boolean cleanup = - configurationStore.getConfiguration( - realmContext, PolarisConfiguration.CLEANUP_ON_CATALOG_DROP); + configurationStore.getConfiguration(realmId, PolarisConfiguration.CLEANUP_ON_CATALOG_DROP); PolarisMetaStoreManager.DropEntityResult dropEntityResult = metaStoreManager.dropEntityIfExists(metaStoreSession, null, entity, Map.of(), cleanup); diff --git a/service/common/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java b/service/common/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java index 4f0a8dc7cf..fb195e95d0 100644 --- a/service/common/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java +++ b/service/common/src/main/java/org/apache/polaris/service/admin/PolarisServiceImpl.java @@ -59,7 +59,7 @@ import org.apache.polaris.core.admin.model.ViewGrant; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizer; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.CatalogRoleEntity; import org.apache.polaris.core.entity.PolarisPrivilege; @@ -105,8 +105,7 @@ public PolarisServiceImpl( this.diagnostics = diagnostics; } - private PolarisAdminService newAdminService( - RealmContext realmContext, SecurityContext securityContext) { + private PolarisAdminService newAdminService(RealmId realmId, SecurityContext securityContext) { AuthenticatedPolarisPrincipal authenticatedPrincipal = (AuthenticatedPolarisPrincipal) securityContext.getUserPrincipal(); if (authenticatedPrincipal == null) { @@ -114,7 +113,7 @@ private PolarisAdminService newAdminService( } return new PolarisAdminService( - realmContext, + realmId, entityManager, metaStoreManager, session, @@ -127,10 +126,10 @@ private PolarisAdminService newAdminService( /** From PolarisCatalogsApiService */ @Override public Response createCatalog( - CreateCatalogRequest request, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + CreateCatalogRequest request, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); Catalog catalog = request.getCatalog(); - validateStorageConfig(catalog.getStorageConfigInfo(), realmContext); + validateStorageConfig(catalog.getStorageConfigInfo(), realmId); Catalog newCatalog = new CatalogEntity(adminService.createCatalog(CatalogEntity.fromCatalog(catalog))) .asCatalog(); @@ -138,11 +137,10 @@ public Response createCatalog( return Response.status(Response.Status.CREATED).build(); } - private void validateStorageConfig( - StorageConfigInfo storageConfigInfo, RealmContext realmContext) { + private void validateStorageConfig(StorageConfigInfo storageConfigInfo, RealmId realmId) { List allowedStorageTypes = configurationStore.getConfiguration( - realmContext, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES); + realmId, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES); if (!allowedStorageTypes.contains(storageConfigInfo.getStorageType().name())) { LOGGER .atWarn() @@ -156,17 +154,16 @@ private void validateStorageConfig( /** From PolarisCatalogsApiService */ @Override public Response deleteCatalog( - String catalogName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String catalogName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.deleteCatalog(catalogName); return Response.status(Response.Status.NO_CONTENT).build(); } /** From PolarisCatalogsApiService */ @Override - public Response getCatalog( - String catalogName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + public Response getCatalog(String catalogName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok(adminService.getCatalog(catalogName).asCatalog()).build(); } @@ -175,19 +172,19 @@ public Response getCatalog( public Response updateCatalog( String catalogName, UpdateCatalogRequest updateRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); if (updateRequest.getStorageConfigInfo() != null) { - validateStorageConfig(updateRequest.getStorageConfigInfo(), realmContext); + validateStorageConfig(updateRequest.getStorageConfigInfo(), realmId); } return Response.ok(adminService.updateCatalog(catalogName, updateRequest).asCatalog()).build(); } /** From PolarisCatalogsApiService */ @Override - public Response listCatalogs(RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + public Response listCatalogs(RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); List catalogList = adminService.listCatalogs().stream() .map(CatalogEntity::new) @@ -201,8 +198,8 @@ public Response listCatalogs(RealmContext realmContext, SecurityContext security /** From PolarisPrincipalsApiService */ @Override public Response createPrincipal( - CreatePrincipalRequest request, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + CreatePrincipalRequest request, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); PrincipalEntity principal = PrincipalEntity.fromPrincipal(request.getPrincipal()); if (Boolean.TRUE.equals(request.getCredentialRotationRequired())) { principal = @@ -216,8 +213,8 @@ public Response createPrincipal( /** From PolarisPrincipalsApiService */ @Override public Response deletePrincipal( - String principalName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.deletePrincipal(principalName); return Response.status(Response.Status.NO_CONTENT).build(); } @@ -225,8 +222,8 @@ public Response deletePrincipal( /** From PolarisPrincipalsApiService */ @Override public Response getPrincipal( - String principalName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok(adminService.getPrincipal(principalName).asPrincipal()).build(); } @@ -235,9 +232,9 @@ public Response getPrincipal( public Response updatePrincipal( String principalName, UpdatePrincipalRequest updateRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok(adminService.updatePrincipal(principalName, updateRequest).asPrincipal()) .build(); } @@ -245,15 +242,15 @@ public Response updatePrincipal( /** From PolarisPrincipalsApiService */ @Override public Response rotateCredentials( - String principalName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok(adminService.rotateCredentials(principalName)).build(); } /** From PolarisPrincipalsApiService */ @Override - public Response listPrincipals(RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + public Response listPrincipals(RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); List principalList = adminService.listPrincipals().stream() .map(PrincipalEntity::new) @@ -267,10 +264,8 @@ public Response listPrincipals(RealmContext realmContext, SecurityContext securi /** From PolarisPrincipalRolesApiService */ @Override public Response createPrincipalRole( - CreatePrincipalRoleRequest request, - RealmContext realmContext, - SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + CreatePrincipalRoleRequest request, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); PrincipalRole newPrincipalRole = new PrincipalRoleEntity( adminService.createPrincipalRole( @@ -283,8 +278,8 @@ public Response createPrincipalRole( /** From PolarisPrincipalRolesApiService */ @Override public Response deletePrincipalRole( - String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalRoleName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.deletePrincipalRole(principalRoleName); return Response.status(Response.Status.NO_CONTENT).build(); } @@ -292,8 +287,8 @@ public Response deletePrincipalRole( /** From PolarisPrincipalRolesApiService */ @Override public Response getPrincipalRole( - String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalRoleName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok(adminService.getPrincipalRole(principalRoleName).asPrincipalRole()).build(); } @@ -302,9 +297,9 @@ public Response getPrincipalRole( public Response updatePrincipalRole( String principalRoleName, UpdatePrincipalRoleRequest updateRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok( adminService.updatePrincipalRole(principalRoleName, updateRequest).asPrincipalRole()) .build(); @@ -312,8 +307,8 @@ public Response updatePrincipalRole( /** From PolarisPrincipalRolesApiService */ @Override - public Response listPrincipalRoles(RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + public Response listPrincipalRoles(RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); List principalRoleList = adminService.listPrincipalRoles().stream() .map(PrincipalRoleEntity::new) @@ -329,9 +324,9 @@ public Response listPrincipalRoles(RealmContext realmContext, SecurityContext se public Response createCatalogRole( String catalogName, CreateCatalogRoleRequest request, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); CatalogRole newCatalogRole = new CatalogRoleEntity( adminService.createCatalogRole( @@ -346,9 +341,9 @@ public Response createCatalogRole( public Response deleteCatalogRole( String catalogName, String catalogRoleName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.deleteCatalogRole(catalogName, catalogRoleName); return Response.status(Response.Status.NO_CONTENT).build(); } @@ -358,9 +353,9 @@ public Response deleteCatalogRole( public Response getCatalogRole( String catalogName, String catalogRoleName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok(adminService.getCatalogRole(catalogName, catalogRoleName).asCatalogRole()) .build(); } @@ -371,9 +366,9 @@ public Response updateCatalogRole( String catalogName, String catalogRoleName, UpdateCatalogRoleRequest updateRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); return Response.ok( adminService .updateCatalogRole(catalogName, catalogRoleName, updateRequest) @@ -384,8 +379,8 @@ public Response updateCatalogRole( /** From PolarisCatalogsApiService */ @Override public Response listCatalogRoles( - String catalogName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String catalogName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); List catalogRoleList = adminService.listCatalogRoles(catalogName).stream() .map(CatalogRoleEntity::new) @@ -401,13 +396,13 @@ public Response listCatalogRoles( public Response assignPrincipalRole( String principalName, GrantPrincipalRoleRequest request, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { LOGGER.info( "Assigning principalRole {} to principal {}", request.getPrincipalRole().getName(), principalName); - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.assignPrincipalRole(principalName, request.getPrincipalRole().getName()); return Response.status(Response.Status.CREATED).build(); } @@ -417,10 +412,10 @@ public Response assignPrincipalRole( public Response revokePrincipalRole( String principalName, String principalRoleName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { LOGGER.info("Revoking principalRole {} from principal {}", principalRoleName, principalName); - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.revokePrincipalRole(principalName, principalRoleName); return Response.status(Response.Status.NO_CONTENT).build(); } @@ -428,8 +423,8 @@ public Response revokePrincipalRole( /** From PolarisPrincipalsApiService */ @Override public Response listPrincipalRolesAssigned( - String principalName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); List principalRoleList = adminService.listPrincipalRolesAssigned(principalName).stream() .map(PrincipalRoleEntity::new) @@ -446,14 +441,14 @@ public Response assignCatalogRoleToPrincipalRole( String principalRoleName, String catalogName, GrantCatalogRoleRequest request, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { LOGGER.info( "Assigning catalogRole {} in catalog {} to principalRole {}", request.getCatalogRole().getName(), catalogName, principalRoleName); - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.assignCatalogRoleToPrincipalRole( principalRoleName, catalogName, request.getCatalogRole().getName()); return Response.status(Response.Status.CREATED).build(); @@ -465,14 +460,14 @@ public Response revokeCatalogRoleFromPrincipalRole( String principalRoleName, String catalogName, String catalogRoleName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { LOGGER.info( "Revoking catalogRole {} in catalog {} from principalRole {}", catalogRoleName, catalogName, principalRoleName); - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); adminService.revokeCatalogRoleFromPrincipalRole( principalRoleName, catalogName, catalogRoleName); return Response.status(Response.Status.NO_CONTENT).build(); @@ -481,8 +476,8 @@ public Response revokeCatalogRoleFromPrincipalRole( /** From PolarisPrincipalRolesApiService */ @Override public Response listAssigneePrincipalsForPrincipalRole( - String principalRoleName, RealmContext realmContext, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + String principalRoleName, RealmId realmId, SecurityContext securityContext) { + PolarisAdminService adminService = newAdminService(realmId, securityContext); List principalList = adminService.listAssigneePrincipalsForPrincipalRole(principalRoleName).stream() .map(PrincipalEntity::new) @@ -498,9 +493,9 @@ public Response listAssigneePrincipalsForPrincipalRole( public Response listCatalogRolesForPrincipalRole( String principalRoleName, String catalogName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); List catalogRoleList = adminService.listCatalogRolesForPrincipalRole(principalRoleName, catalogName).stream() .map(CatalogRoleEntity::new) @@ -517,14 +512,14 @@ public Response addGrantToCatalogRole( String catalogName, String catalogRoleName, AddGrantRequest grantRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { LOGGER.info( "Adding grant {} to catalogRole {} in catalog {}", grantRequest, catalogRoleName, catalogName); - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); switch (grantRequest.getGrant()) { // The per-securable-type Privilege enums must be exact String match for a subset of all // PolarisPrivilege values. @@ -588,7 +583,7 @@ public Response revokeGrantFromCatalogRole( String catalogRoleName, Boolean cascade, RevokeGrantRequest grantRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { LOGGER.info( "Revoking grant {} from catalogRole {} in catalog {}", @@ -600,7 +595,7 @@ public Response revokeGrantFromCatalogRole( return Response.status(501).build(); // not implemented } - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); switch (grantRequest.getGrant()) { // The per-securable-type Privilege enums must be exact String match for a subset of all // PolarisPrivilege values. @@ -662,9 +657,9 @@ public Response revokeGrantFromCatalogRole( public Response listAssigneePrincipalRolesForCatalogRole( String catalogName, String catalogRoleName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); List principalRoleList = adminService.listAssigneePrincipalRolesForCatalogRole(catalogName, catalogRoleName).stream() .map(PrincipalRoleEntity::new) @@ -680,9 +675,9 @@ public Response listAssigneePrincipalRolesForCatalogRole( public Response listGrantsForCatalogRole( String catalogName, String catalogRoleName, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - PolarisAdminService adminService = newAdminService(realmContext, securityContext); + PolarisAdminService adminService = newAdminService(realmId, securityContext); List grantList = adminService.listGrantsForCatalogRole(catalogName, catalogRoleName); GrantResources grantResources = new GrantResources(grantList); diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/BasePolarisAuthenticator.java b/service/common/src/main/java/org/apache/polaris/service/auth/BasePolarisAuthenticator.java index 2ad132c349..7d188f2f87 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/BasePolarisAuthenticator.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/BasePolarisAuthenticator.java @@ -26,7 +26,7 @@ import org.apache.iceberg.exceptions.NotAuthorizedException; import org.apache.iceberg.exceptions.ServiceFailureException; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PolarisEntitySubType; import org.apache.polaris.core.entity.PolarisEntityType; @@ -39,9 +39,9 @@ /** * Base implementation of {@link Authenticator} constructs a {@link AuthenticatedPolarisPrincipal} * from the token parsed by subclasses. The {@link AuthenticatedPolarisPrincipal} is read from the - * {@link PolarisMetaStoreManager} for the current {@link RealmContext}. If the token defines a - * non-empty set of scopes, only the principal roles specified in the scopes will be active for the - * current principal. Only the grants assigned to these roles will be active in the current request. + * {@link PolarisMetaStoreManager} for the current {@link RealmId}. If the token defines a non-empty + * set of scopes, only the principal roles specified in the scopes will be active for the current + * principal. Only the grants assigned to these roles will be active in the current request. */ public abstract class BasePolarisAuthenticator implements Authenticator { diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java b/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java index 71f289831c..4c282affef 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/DefaultActiveRolesProvider.java @@ -28,7 +28,7 @@ import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisGrantManager; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PrincipalRoleEntity; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; @@ -47,7 +47,7 @@ public class DefaultActiveRolesProvider implements ActiveRolesProvider { private static final Logger LOGGER = LoggerFactory.getLogger(DefaultActiveRolesProvider.class); - @Inject RealmContext realmContext; + @Inject RealmId realmId; @Inject MetaStoreManagerFactory metaStoreManagerFactory; @Inject PolarisDiagnostics diagnostics; @@ -57,8 +57,8 @@ public Set getActiveRoles(AuthenticatedPolarisPrincipal principal) { loadActivePrincipalRoles( principal.getActivatedPrincipalRoleNames(), principal.getPrincipalEntity(), - metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext), - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get()); + metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId), + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get()); return activeRoles.stream().map(PrincipalRoleEntity::getName).collect(Collectors.toSet()); } diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/DefaultOAuth2ApiService.java b/service/common/src/main/java/org/apache/polaris/service/auth/DefaultOAuth2ApiService.java index f35dd370f8..edfe2fe010 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/DefaultOAuth2ApiService.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/DefaultOAuth2ApiService.java @@ -27,7 +27,7 @@ import jakarta.ws.rs.core.SecurityContext; import org.apache.commons.codec.binary.Base64; import org.apache.iceberg.rest.responses.OAuthTokenResponse; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.service.catalog.api.IcebergRestOAuth2ApiService; import org.apache.polaris.service.types.TokenType; import org.slf4j.Logger; @@ -65,10 +65,10 @@ public Response getToken( TokenType subjectTokenType, String actorToken, TokenType actorTokenType, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { - TokenBroker tokenBroker = tokenBrokerFactory.apply(realmContext); + TokenBroker tokenBroker = tokenBrokerFactory.apply(realmId); if (!tokenBroker.supportsGrantType(grantType)) { return OAuthUtils.getResponseFromError(OAuthTokenErrorResponse.Error.unsupported_grant_type); } diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/JWTRSAKeyPairFactory.java b/service/common/src/main/java/org/apache/polaris/service/auth/JWTRSAKeyPairFactory.java index 89e43caba2..9f959a219b 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/JWTRSAKeyPairFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/JWTRSAKeyPairFactory.java @@ -25,7 +25,7 @@ import java.nio.file.Files; import java.nio.file.Path; import java.security.NoSuchAlgorithmException; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; import org.apache.polaris.service.auth.AuthenticationConfiguration.TokenBrokerConfiguration; import org.apache.polaris.service.auth.AuthenticationConfiguration.TokenBrokerConfiguration.RSAKeyPairConfiguration; @@ -53,10 +53,10 @@ public JWTRSAKeyPairFactory( } @Override - public TokenBroker apply(RealmContext realmContext) { + public TokenBroker apply(RealmId realmId) { return new JWTRSAKeyPair( - metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext), - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(), + metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId), + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(), (int) tokenBrokerConfiguration.maxTokenGeneration().toSeconds(), keyPairConfiguration.publicKeyFile(), keyPairConfiguration.privateKeyFile()); diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/JWTSymmetricKeyFactory.java b/service/common/src/main/java/org/apache/polaris/service/auth/JWTSymmetricKeyFactory.java index 38cdb3663e..21f9911904 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/JWTSymmetricKeyFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/JWTSymmetricKeyFactory.java @@ -28,7 +28,7 @@ import java.nio.file.Path; import java.time.Duration; import java.util.function.Supplier; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; import org.apache.polaris.service.auth.AuthenticationConfiguration.TokenBrokerConfiguration.SymmetricKeyConfiguration; @@ -58,10 +58,10 @@ public JWTSymmetricKeyFactory( } @Override - public TokenBroker apply(RealmContext realmContext) { + public TokenBroker apply(RealmId realmId) { return new JWTSymmetricKeyBroker( - metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext), - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(), + metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId), + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(), (int) maxTokenGeneration.toSeconds(), secretSupplier); } diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/NoneTokenBrokerFactory.java b/service/common/src/main/java/org/apache/polaris/service/auth/NoneTokenBrokerFactory.java index 9f642a2b89..e8f16f32c3 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/NoneTokenBrokerFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/NoneTokenBrokerFactory.java @@ -20,7 +20,7 @@ import io.smallrye.common.annotation.Identifier; import jakarta.enterprise.context.ApplicationScoped; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.service.types.TokenType; /** Default {@link TokenBrokerFactory} that produces token brokers that do not do anything. */ @@ -59,7 +59,7 @@ public DecodedToken verify(String token) { }; @Override - public TokenBroker apply(RealmContext realmContext) { + public TokenBroker apply(RealmId realmId) { return NONE_TOKEN_BROKER; } } diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java b/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java index 2f53c20e5f..d046323116 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/TestOAuth2ApiService.java @@ -28,7 +28,7 @@ import java.util.Objects; import org.apache.iceberg.exceptions.NotAuthorizedException; import org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntitySubType; import org.apache.polaris.core.entity.PolarisEntityType; import org.apache.polaris.core.persistence.PolarisMetaStoreManager; @@ -58,7 +58,7 @@ public Response getToken( TokenType subjectTokenType, String actorToken, TokenType actorTokenType, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Map response = new HashMap<>(); String principalName = getPrincipalName(clientId); @@ -69,7 +69,7 @@ public Response getToken( + ";password:" + clientSecret + ";realm:" - + realmContext.getRealmIdentifier() + + realmId.id() + ";role:" + scope.replaceAll(BasePolarisAuthenticator.PRINCIPAL_ROLE_PREFIX, "")); response.put("token_type", "bearer"); diff --git a/service/common/src/main/java/org/apache/polaris/service/auth/TokenBrokerFactory.java b/service/common/src/main/java/org/apache/polaris/service/auth/TokenBrokerFactory.java index 131f3ed64f..60624e70a8 100644 --- a/service/common/src/main/java/org/apache/polaris/service/auth/TokenBrokerFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/auth/TokenBrokerFactory.java @@ -19,10 +19,10 @@ package org.apache.polaris.service.auth; import java.util.function.Function; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; /** * Factory that creates a {@link TokenBroker} for generating and parsing. The {@link TokenBroker} is * created based on the realm context. */ -public interface TokenBrokerFactory extends Function {} +public interface TokenBrokerFactory extends Function {} diff --git a/service/common/src/main/java/org/apache/polaris/service/catalog/BasePolarisCatalog.java b/service/common/src/main/java/org/apache/polaris/service/catalog/BasePolarisCatalog.java index 26458892be..9eea43a43b 100644 --- a/service/common/src/main/java/org/apache/polaris/service/catalog/BasePolarisCatalog.java +++ b/service/common/src/main/java/org/apache/polaris/service/catalog/BasePolarisCatalog.java @@ -79,7 +79,7 @@ import org.apache.polaris.core.admin.model.StorageConfigInfo; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.catalog.PolarisCatalogHelpers; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.NamespaceEntity; import org.apache.polaris.core.entity.PolarisEntity; @@ -154,7 +154,7 @@ public class BasePolarisCatalog extends BaseMetastoreViewCatalog private final PolarisMetaStoreSession metaStoreSession; private final PolarisConfigurationStore configurationStore; private final PolarisDiagnostics diagnostics; - private final RealmContext realmContext; + private final RealmId realmId; private final PolarisResolutionManifestCatalogView resolvedEntityView; private final CatalogEntity catalogEntity; private final TaskExecutor taskExecutor; @@ -172,7 +172,7 @@ public class BasePolarisCatalog extends BaseMetastoreViewCatalog private Map tableDefaultProperties; /** - * @param realmContext the current RealmContext + * @param realmId the current RealmContext * @param entityManager provides handle to underlying PolarisMetaStoreManager with which to * perform mutations on entities. * @param resolvedEntityView accessor to resolved entity paths that have been pre-vetted to ensure @@ -180,7 +180,7 @@ public class BasePolarisCatalog extends BaseMetastoreViewCatalog * @param taskExecutor Executor we use to register cleanup task handlers */ public BasePolarisCatalog( - RealmContext realmContext, + RealmId realmId, PolarisEntityManager entityManager, PolarisMetaStoreManager metaStoreManager, PolarisMetaStoreSession metaStoreSession, @@ -190,7 +190,7 @@ public BasePolarisCatalog( SecurityContext securityContext, TaskExecutor taskExecutor, FileIOFactory fileIOFactory) { - this.realmContext = realmContext; + this.realmId = realmId; this.entityManager = entityManager; this.metaStoreManager = metaStoreManager; this.metaStoreSession = metaStoreSession; @@ -450,7 +450,7 @@ public boolean dropTable(TableIdentifier tableIdentifier, boolean purge) { "Scheduled cleanup task {} for table {}", dropEntityResult.getCleanupTaskId(), tableIdentifier); - taskExecutor.addTaskHandlerContext(dropEntityResult.getCleanupTaskId(), realmContext); + taskExecutor.addTaskHandlerContext(dropEntityResult.getCleanupTaskId(), realmId); } return true; @@ -514,7 +514,7 @@ private void createNamespaceInternal( .setBaseLocation(baseLocation) .build(); if (!configurationStore.getConfiguration( - realmContext, PolarisConfiguration.ALLOW_NAMESPACE_LOCATION_OVERLAP)) { + realmId, PolarisConfiguration.ALLOW_NAMESPACE_LOCATION_OVERLAP)) { LOGGER.debug("Validating no overlap for {} with sibling tables or namespaces", namespace); validateNoLocationOverlap( entity.getBaseLocation(), resolvedParent.getRawFullPath(), entity.getName()); @@ -639,7 +639,7 @@ public boolean dropNamespace(Namespace namespace) throws NamespaceNotEmptyExcept leafEntity, Map.of(), configurationStore.getConfiguration( - realmContext, PolarisConfiguration.CLEANUP_ON_NAMESPACE_DROP)); + realmId, PolarisConfiguration.CLEANUP_ON_NAMESPACE_DROP)); if (!dropEntityResult.isSuccess() && dropEntityResult.failedBecauseNotEmpty()) { throw new NamespaceNotEmptyException("Namespace %s is not empty", namespace); @@ -665,7 +665,7 @@ public boolean setProperties(Namespace namespace, Map properties new PolarisEntity.Builder(entity).setProperties(newProperties).build(); if (!configurationStore.getConfiguration( - realmContext, PolarisConfiguration.ALLOW_NAMESPACE_LOCATION_OVERLAP)) { + realmId, PolarisConfiguration.ALLOW_NAMESPACE_LOCATION_OVERLAP)) { LOGGER.debug("Validating no overlap with sibling tables or namespaces"); validateNoLocationOverlap( NamespaceEntity.of(updatedEntity).getBaseLocation(), @@ -953,14 +953,14 @@ private void validateLocationsForTableLike( PolarisResolvedPathWrapper resolvedStorageEntity) { Optional optStorageConfiguration = PolarisStorageConfigurationInfo.forEntityPath( - realmContext, configurationStore, diagnostics, resolvedStorageEntity.getRawFullPath()); + realmId, configurationStore, diagnostics, resolvedStorageEntity.getRawFullPath()); optStorageConfiguration.ifPresentOrElse( storageConfigInfo -> { Map> validationResults = InMemoryStorageIntegration.validateSubpathsOfAllowedLocations( - realmContext, + realmId, configurationStore, storageConfigInfo, Set.of(PolarisStorageActions.ALL), @@ -1007,7 +1007,7 @@ private void validateLocationsForTableLike( () -> { List allowedStorageTypes = configurationStore.getConfiguration( - realmContext, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES); + realmId, PolarisConfiguration.SUPPORTED_CATALOG_STORAGE_TYPES); if (!allowedStorageTypes.contains(StorageConfigInfo.StorageTypeEnum.FILE.name())) { List invalidLocations = locations.stream() @@ -1032,7 +1032,7 @@ private void validateNoLocationOverlap( List resolvedNamespace, String location) { if (configurationStore.getConfiguration( - realmContext, catalog, PolarisConfiguration.ALLOW_TABLE_LOCATION_OVERLAP)) { + realmId, catalog, PolarisConfiguration.ALLOW_TABLE_LOCATION_OVERLAP)) { LOGGER.debug("Skipping location overlap validation for identifier '{}'", identifier); } else { // if (entity.getSubType().equals(PolarisEntitySubType.TABLE)) { // TODO - is this necessary for views? overlapping views do not expose subdirectories via the @@ -1399,10 +1399,10 @@ private void validateMetadataFileInTableDir( TableIdentifier identifier, TableMetadata metadata, CatalogEntity catalog) { boolean allowEscape = configurationStore.getConfiguration( - realmContext, PolarisConfiguration.ALLOW_EXTERNAL_TABLE_LOCATION); + realmId, PolarisConfiguration.ALLOW_EXTERNAL_TABLE_LOCATION); if (!allowEscape && !configurationStore.getConfiguration( - realmContext, PolarisConfiguration.ALLOW_EXTERNAL_METADATA_FILE_LOCATION)) { + realmId, PolarisConfiguration.ALLOW_EXTERNAL_METADATA_FILE_LOCATION)) { LOGGER.debug( "Validating base location {} for table {} in metadata file {}", metadata.location(), @@ -1836,7 +1836,7 @@ private void updateTableLike(TableIdentifier identifier, PolarisEntity entity) { if (catalogPath != null && !catalogPath.isEmpty() && purge) { boolean dropWithPurgeEnabled = configurationStore.getConfiguration( - realmContext, catalogEntity, PolarisConfiguration.DROP_WITH_PURGE_ENABLED); + realmId, catalogEntity, PolarisConfiguration.DROP_WITH_PURGE_ENABLED); if (!dropWithPurgeEnabled) { throw new ForbiddenException( String.format( @@ -2055,7 +2055,7 @@ private void blockedUserSpecifiedWriteLocation(Map properties) { /** Helper to retrieve dynamic context-based configuration that has a boolean value. */ private Boolean getBooleanContextConfiguration(String configKey, boolean defaultValue) { - return configurationStore.getConfiguration(realmContext, configKey, defaultValue); + return configurationStore.getConfiguration(realmId, configKey, defaultValue); } /** diff --git a/service/common/src/main/java/org/apache/polaris/service/catalog/IcebergCatalogAdapter.java b/service/common/src/main/java/org/apache/polaris/service/catalog/IcebergCatalogAdapter.java index f03b8b03c9..a123019cd2 100644 --- a/service/common/src/main/java/org/apache/polaris/service/catalog/IcebergCatalogAdapter.java +++ b/service/common/src/main/java/org/apache/polaris/service/catalog/IcebergCatalogAdapter.java @@ -58,7 +58,7 @@ import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.AuthenticatedPolarisPrincipal; import org.apache.polaris.core.auth.PolarisAuthorizer; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.persistence.PolarisEntityManager; import org.apache.polaris.core.persistence.PolarisMetaStoreManager; @@ -79,7 +79,7 @@ /** * {@link IcebergRestCatalogApiService} implementation that delegates operations to {@link * org.apache.iceberg.rest.CatalogHandlers} after finding the appropriate {@link Catalog} for the - * current {@link RealmContext}. + * current {@link RealmId}. */ @RequestScoped public class IcebergCatalogAdapter @@ -119,7 +119,7 @@ public class IcebergCatalogAdapter .add(Endpoint.create("POST", ResourcePaths.V1_TRANSACTIONS_COMMIT)) .build(); - private final RealmContext realmContext; + private final RealmId realmId; private final PolarisMetaStoreManager metaStoreManager; private final PolarisEntityManager entityManager; private final PolarisMetaStoreSession session; @@ -131,7 +131,7 @@ public class IcebergCatalogAdapter @Inject public IcebergCatalogAdapter( - RealmContext realmContext, + RealmId realmId, PolarisEntityManager entityManager, PolarisMetaStoreManager metaStoreManager, PolarisMetaStoreSession session, @@ -140,7 +140,7 @@ public IcebergCatalogAdapter( PolarisAuthorizer polarisAuthorizer, TaskExecutor taskExecutor, FileIOFactory fileIOFactory) { - this.realmContext = realmContext; + this.realmId = realmId; this.entityManager = entityManager; this.metaStoreManager = metaStoreManager; this.session = session; @@ -179,7 +179,7 @@ private PolarisCatalogHandlerWrapper newHandlerWrapper( } return new PolarisCatalogHandlerWrapper( - realmContext, + realmId, session, configurationStore, diagnostics, @@ -196,7 +196,7 @@ private PolarisCatalogHandlerWrapper newHandlerWrapper( public Response createNamespace( String prefix, CreateNamespaceRequest createNamespaceRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { return withCatalog( securityContext, @@ -210,7 +210,7 @@ public Response listNamespaces( String pageToken, Integer pageSize, String parent, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Optional namespaceOptional = Optional.ofNullable(parent).map(IcebergCatalogAdapter::decodeNamespace); @@ -223,7 +223,7 @@ public Response listNamespaces( @Override public Response loadNamespaceMetadata( - String prefix, String namespace, RealmContext realmContext, SecurityContext securityContext) { + String prefix, String namespace, RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( securityContext, prefix, catalog -> Response.ok(catalog.loadNamespaceMetadata(ns)).build()); @@ -235,7 +235,7 @@ private static Namespace decodeNamespace(String namespace) { @Override public Response namespaceExists( - String prefix, String namespace, RealmContext realmContext, SecurityContext securityContext) { + String prefix, String namespace, RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( securityContext, @@ -248,7 +248,7 @@ public Response namespaceExists( @Override public Response dropNamespace( - String prefix, String namespace, RealmContext realmContext, SecurityContext securityContext) { + String prefix, String namespace, RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( securityContext, @@ -264,7 +264,7 @@ public Response updateProperties( String prefix, String namespace, UpdateNamespacePropertiesRequest updateNamespacePropertiesRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( @@ -291,7 +291,7 @@ public Response createTable( String namespace, CreateTableRequest createTableRequest, String accessDelegationMode, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { EnumSet delegationModes = parseAccessDelegationModes(accessDelegationMode); @@ -323,7 +323,7 @@ public Response listTables( String namespace, String pageToken, Integer pageSize, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( @@ -337,7 +337,7 @@ public Response loadTable( String table, String accessDelegationMode, String snapshots, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { EnumSet delegationModes = parseAccessDelegationModes(accessDelegationMode); @@ -361,7 +361,7 @@ public Response tableExists( String prefix, String namespace, String table, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(table)); @@ -380,7 +380,7 @@ public Response dropTable( String namespace, String table, Boolean purgeRequested, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(table)); @@ -402,7 +402,7 @@ public Response registerTable( String prefix, String namespace, RegisterTableRequest registerTableRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( @@ -415,7 +415,7 @@ public Response registerTable( public Response renameTable( String prefix, RenameTableRequest renameTableRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { return withCatalog( securityContext, @@ -432,7 +432,7 @@ public Response updateTable( String namespace, String table, CommitTableRequest commitTableRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(table)); @@ -455,7 +455,7 @@ public Response createView( String prefix, String namespace, CreateViewRequest createViewRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( @@ -470,7 +470,7 @@ public Response listViews( String namespace, String pageToken, Integer pageSize, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); return withCatalog( @@ -482,7 +482,7 @@ public Response loadView( String prefix, String namespace, String view, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(view)); @@ -495,7 +495,7 @@ public Response viewExists( String prefix, String namespace, String view, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(view)); @@ -513,7 +513,7 @@ public Response dropView( String prefix, String namespace, String view, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(view)); @@ -530,7 +530,7 @@ public Response dropView( public Response renameView( String prefix, RenameTableRequest renameTableRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { return withCatalog( securityContext, @@ -547,7 +547,7 @@ public Response replaceView( String namespace, String view, CommitViewRequest commitViewRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(view)); @@ -561,7 +561,7 @@ public Response replaceView( public Response commitTransaction( String prefix, CommitTransactionRequest commitTransactionRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { return withCatalog( securityContext, @@ -578,7 +578,7 @@ public Response reportMetrics( String namespace, String table, ReportMetricsRequest reportMetricsRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { return Response.status(Response.Status.NO_CONTENT).build(); } @@ -589,7 +589,7 @@ public Response sendNotification( String namespace, String table, NotificationRequest notificationRequest, - RealmContext realmContext, + RealmId realmId, SecurityContext securityContext) { Namespace ns = decodeNamespace(namespace); TableIdentifier tableIdentifier = TableIdentifier.of(ns, RESTUtil.decodeString(table)); @@ -604,8 +604,7 @@ public Response sendNotification( /** From IcebergRestConfigurationApiService. */ @Override - public Response getConfig( - String warehouse, RealmContext realmContext, SecurityContext securityContext) { + public Response getConfig(String warehouse, RealmId realmId, SecurityContext securityContext) { // 'warehouse' as an input here is catalogName. // 'warehouse' as an output will be treated by the client as a default catalog // storage diff --git a/service/common/src/main/java/org/apache/polaris/service/catalog/PolarisCatalogHandlerWrapper.java b/service/common/src/main/java/org/apache/polaris/service/catalog/PolarisCatalogHandlerWrapper.java index 26befcedc6..ea014f2cce 100644 --- a/service/common/src/main/java/org/apache/polaris/service/catalog/PolarisCatalogHandlerWrapper.java +++ b/service/common/src/main/java/org/apache/polaris/service/catalog/PolarisCatalogHandlerWrapper.java @@ -82,7 +82,7 @@ import org.apache.polaris.core.auth.PolarisAuthorizableOperation; import org.apache.polaris.core.auth.PolarisAuthorizer; import org.apache.polaris.core.catalog.PolarisCatalogHelpers; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.CatalogEntity; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntitySubType; @@ -120,7 +120,7 @@ public class PolarisCatalogHandlerWrapper implements AutoCloseable { private static final Logger LOGGER = LoggerFactory.getLogger(PolarisCatalogHandlerWrapper.class); - private final RealmContext realmContext; + private final RealmId realmId; private final PolarisMetaStoreSession session; private final PolarisConfigurationStore configurationStore; private final PolarisDiagnostics diagnostics; @@ -143,7 +143,7 @@ public class PolarisCatalogHandlerWrapper implements AutoCloseable { private ViewCatalog viewCatalog = null; public PolarisCatalogHandlerWrapper( - RealmContext realmContext, + RealmId realmId, PolarisMetaStoreSession session, PolarisConfigurationStore configurationStore, PolarisDiagnostics diagnostics, @@ -154,7 +154,7 @@ public PolarisCatalogHandlerWrapper( PolarisAuthorizer authorizer, TaskExecutor taskExecutor, FileIOFactory fileIOFactory) { - this.realmContext = realmContext; + this.realmId = realmId; this.session = session; this.entityManager = entityManager; this.metaStoreManager = metaStoreManager; @@ -208,7 +208,7 @@ private void initializeCatalog() { resolutionManifest.getResolvedReferenceCatalogEntity().getRawLeafEntity(); CatalogEntity catalog = CatalogEntity.of(baseCatalogEntity); - String realm = realmContext.getRealmIdentifier(); + String realm = realmId.id(); String catalogKey = realm + "/" + catalogName; LOGGER.info("Initializing new BasePolarisCatalog for key: {}", catalogKey); @@ -235,7 +235,7 @@ protected Catalog createBasePolarisCatalog(Map catalogProperties BasePolarisCatalog catalogInstance = new BasePolarisCatalog( - realmContext, + realmId, entityManager, metaStoreManager, session, @@ -291,7 +291,7 @@ private void authorizeBasicNamespaceOperationOrThrow( throw new NoSuchNamespaceException("Namespace does not exist: %s", namespace); } authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -325,7 +325,7 @@ private void authorizeCreateNamespaceUnderNamespaceOperationOrThrow( throw new NoSuchNamespaceException("Namespace does not exist: %s", parentNamespace); } authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -363,7 +363,7 @@ private void authorizeCreateTableLikeUnderNamespaceOperationOrThrow( throw new NoSuchNamespaceException("Namespace does not exist: %s", namespace); } authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -396,7 +396,7 @@ private void authorizeBasicTableLikeOperationOrThrow( } } authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -450,7 +450,7 @@ private void authorizeCollectionOfTableLikeOperationOrThrow( "View does not exist: %s", identifier))) .toList(); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -511,7 +511,7 @@ private void authorizeRenameTableLikeOperationOrThrow( PolarisResolvedPathWrapper secondary = resolutionManifest.getResolvedPath(dst.namespace(), true); authorizer.authorizeOrThrow( - realmContext, + realmId, authenticatedPrincipal, resolutionManifest.getAllActivatedCatalogRoleAndPrincipalRoles(), op, @@ -872,7 +872,7 @@ public LoadTableResponse loadTableWithAccessDelegation( .getCatalogType() .equals(org.apache.polaris.core.admin.model.Catalog.TypeEnum.EXTERNAL) && !configurationStore.getConfiguration( - realmContext, + realmId, catalogEntity, PolarisConfiguration.ALLOW_EXTERNAL_CATALOG_CREDENTIAL_VENDING)) { throw new ForbiddenException( @@ -1083,8 +1083,7 @@ public void commitTransaction(CommitTransactionRequest commitTransactionRequest) .location() .equals(((MetadataUpdate.SetLocation) singleUpdate).location()) && !configurationStore.getConfiguration( - realmContext, - PolarisConfiguration.ALLOW_NAMESPACE_LOCATION_OVERLAP)) { + realmId, PolarisConfiguration.ALLOW_NAMESPACE_LOCATION_OVERLAP)) { throw new BadRequestException( "Unsupported operation: commitTransaction containing SetLocation" + " for table '%s' and new location '%s'", diff --git a/service/common/src/main/java/org/apache/polaris/service/config/DefaultConfigurationStore.java b/service/common/src/main/java/org/apache/polaris/service/config/DefaultConfigurationStore.java index 17a0472a40..def0802618 100644 --- a/service/common/src/main/java/org/apache/polaris/service/config/DefaultConfigurationStore.java +++ b/service/common/src/main/java/org/apache/polaris/service/config/DefaultConfigurationStore.java @@ -24,7 +24,7 @@ import jakarta.inject.Inject; import java.util.Map; import org.apache.polaris.core.PolarisConfigurationStore; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; @ApplicationScoped public class DefaultConfigurationStore implements PolarisConfigurationStore { @@ -53,13 +53,11 @@ public DefaultConfigurationStore( } @Override - public @Nullable T getConfiguration(@Nullable RealmContext realmContext, String configName) { + public @Nullable T getConfiguration(@Nullable RealmId realmId, String configName) { Object rawValue = defaults.get(configName); - if (realmContext != null) { + if (realmId != null) { rawValue = - realmOverrides - .getOrDefault(realmContext.getRealmIdentifier(), Map.of()) - .getOrDefault(configName, rawValue); + realmOverrides.getOrDefault(realmId.id(), Map.of()).getOrDefault(configName, rawValue); } @SuppressWarnings("unchecked") T value = (T) rawValue; diff --git a/service/common/src/main/java/org/apache/polaris/service/config/RealmEntityManagerFactory.java b/service/common/src/main/java/org/apache/polaris/service/config/RealmEntityManagerFactory.java index 4936dcf346..a1e96f0f19 100644 --- a/service/common/src/main/java/org/apache/polaris/service/config/RealmEntityManagerFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/config/RealmEntityManagerFactory.java @@ -23,7 +23,7 @@ import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; import org.apache.polaris.core.persistence.PolarisEntityManager; import org.slf4j.Logger; @@ -48,8 +48,8 @@ public RealmEntityManagerFactory( this.diagnostics = diagnostics; } - public PolarisEntityManager getOrCreateEntityManager(RealmContext context) { - String realm = context.getRealmIdentifier(); + public PolarisEntityManager getOrCreateEntityManager(RealmId context) { + String realm = context.id(); LOGGER.debug("Looking up PolarisEntityManager for realm {}", realm); diff --git a/service/common/src/main/java/org/apache/polaris/service/context/DefaultRealmContextResolver.java b/service/common/src/main/java/org/apache/polaris/service/context/DefaultRealmIdResolver.java similarity index 85% rename from service/common/src/main/java/org/apache/polaris/service/context/DefaultRealmContextResolver.java rename to service/common/src/main/java/org/apache/polaris/service/context/DefaultRealmIdResolver.java index c12cdd42b7..7e6a3b4247 100644 --- a/service/common/src/main/java/org/apache/polaris/service/context/DefaultRealmContextResolver.java +++ b/service/common/src/main/java/org/apache/polaris/service/context/DefaultRealmIdResolver.java @@ -22,21 +22,21 @@ import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import java.util.Map; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; @ApplicationScoped @Identifier("default") -public class DefaultRealmContextResolver implements RealmContextResolver { +public class DefaultRealmIdResolver implements RealmIdResolver { private final RealmContextConfiguration configuration; @Inject - public DefaultRealmContextResolver(RealmContextConfiguration configuration) { + public DefaultRealmIdResolver(RealmContextConfiguration configuration) { this.configuration = configuration; } @Override - public RealmContext resolveRealmContext( + public RealmId resolveRealmContext( String requestURL, String method, String path, Map headers) { String realm; @@ -50,6 +50,6 @@ public RealmContext resolveRealmContext( realm = configuration.defaultRealm(); } - return () -> realm; + return RealmId.newRealmId(realm); } } diff --git a/service/common/src/main/java/org/apache/polaris/service/context/RealmContextResolver.java b/service/common/src/main/java/org/apache/polaris/service/context/RealmIdResolver.java similarity index 88% rename from service/common/src/main/java/org/apache/polaris/service/context/RealmContextResolver.java rename to service/common/src/main/java/org/apache/polaris/service/context/RealmIdResolver.java index dae00f377d..7ee2d80501 100644 --- a/service/common/src/main/java/org/apache/polaris/service/context/RealmContextResolver.java +++ b/service/common/src/main/java/org/apache/polaris/service/context/RealmIdResolver.java @@ -19,10 +19,10 @@ package org.apache.polaris.service.context; import java.util.Map; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; -public interface RealmContextResolver { +public interface RealmIdResolver { - RealmContext resolveRealmContext( + RealmId resolveRealmContext( String requestURL, String method, String path, Map headers); } diff --git a/service/common/src/main/java/org/apache/polaris/service/context/TestRealmContextResolver.java b/service/common/src/main/java/org/apache/polaris/service/context/TestRealmIdResolver.java similarity index 92% rename from service/common/src/main/java/org/apache/polaris/service/context/TestRealmContextResolver.java rename to service/common/src/main/java/org/apache/polaris/service/context/TestRealmIdResolver.java index 122a5436aa..08d224372b 100644 --- a/service/common/src/main/java/org/apache/polaris/service/context/TestRealmContextResolver.java +++ b/service/common/src/main/java/org/apache/polaris/service/context/TestRealmIdResolver.java @@ -24,7 +24,7 @@ import jakarta.inject.Inject; import java.util.HashMap; import java.util.Map; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -36,20 +36,20 @@ */ @ApplicationScoped @Identifier("test") -public class TestRealmContextResolver implements RealmContextResolver { - private static final Logger LOGGER = LoggerFactory.getLogger(DefaultRealmContextResolver.class); +public class TestRealmIdResolver implements RealmIdResolver { + private static final Logger LOGGER = LoggerFactory.getLogger(DefaultRealmIdResolver.class); public static final String REALM_PROPERTY_KEY = "realm"; private final RealmContextConfiguration configuration; @Inject - public TestRealmContextResolver(RealmContextConfiguration configuration) { + public TestRealmIdResolver(RealmContextConfiguration configuration) { this.configuration = configuration; } @Override - public RealmContext resolveRealmContext( + public RealmId resolveRealmContext( String requestURL, String method, String path, Map headers) { // Since this default resolver is strictly for use in test/dev environments, we'll consider // it safe to log all contents. Any "real" resolver used in a prod environment should make @@ -71,7 +71,7 @@ public RealmContext resolveRealmContext( parsedProperties.put(REALM_PROPERTY_KEY, configuration.defaultRealm()); } String realmId = parsedProperties.get(REALM_PROPERTY_KEY); - return () -> realmId; + return RealmId.newRealmId(realmId); } /** diff --git a/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java b/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java index 0c3cc6ec03..3e6a1c9e8f 100644 --- a/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/persistence/InMemoryPolarisMetaStoreManagerFactory.java @@ -31,7 +31,7 @@ import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; import org.apache.polaris.core.auth.PolarisSecretsManager.PrincipalSecretsResult; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.persistence.LocalPolarisMetaStoreManagerFactory; import org.apache.polaris.core.persistence.PolarisMetaStoreManager; import org.apache.polaris.core.persistence.PolarisMetaStoreSession; @@ -74,16 +74,15 @@ protected PolarisTreeMapStore createBackingStore(@Nonnull PolarisDiagnostics dia @Override protected PolarisMetaStoreSession createMetaStoreSession( @Nonnull PolarisTreeMapStore store, - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics) { return new PolarisTreeMapMetaStoreSessionImpl( - store, storageIntegration, secretsGenerator(realmContext), diagnostics); + store, storageIntegration, secretsGenerator(realmId), diagnostics); } @Override - public synchronized PolarisMetaStoreManager getOrCreateMetaStoreManager( - RealmContext realmContext) { - String realmId = realmContext.getRealmIdentifier(); + public synchronized PolarisMetaStoreManager getOrCreateMetaStoreManager(RealmId realmContext) { + String realmId = realmContext.id(); if (!bootstrappedRealms.contains(realmId)) { bootstrapRealmAndPrintCredentials(realmId); } @@ -92,8 +91,8 @@ public synchronized PolarisMetaStoreManager getOrCreateMetaStoreManager( @Override public synchronized Supplier getOrCreateSessionSupplier( - RealmContext realmContext) { - String realmId = realmContext.getRealmIdentifier(); + RealmId realmContext) { + String realmId = realmContext.id(); if (!bootstrappedRealms.contains(realmId)) { bootstrapRealmAndPrintCredentials(realmId); } diff --git a/service/common/src/main/java/org/apache/polaris/service/ratelimiter/DefaultTokenBucketFactory.java b/service/common/src/main/java/org/apache/polaris/service/ratelimiter/DefaultTokenBucketFactory.java index a1a9683e86..a392487a8f 100644 --- a/service/common/src/main/java/org/apache/polaris/service/ratelimiter/DefaultTokenBucketFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/ratelimiter/DefaultTokenBucketFactory.java @@ -25,7 +25,7 @@ import java.time.Duration; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; @ApplicationScoped @Identifier("default") @@ -51,8 +51,8 @@ public DefaultTokenBucketFactory(long requestsPerSecond, Duration window, Clock } @Override - public TokenBucket getOrCreateTokenBucket(RealmContext realmContext) { - String realmId = realmContext.getRealmIdentifier(); + public TokenBucket getOrCreateTokenBucket(RealmId realmContext) { + String realmId = realmContext.id(); return perRealmBuckets.computeIfAbsent( realmId, k -> diff --git a/service/common/src/main/java/org/apache/polaris/service/ratelimiter/RealmTokenBucketRateLimiter.java b/service/common/src/main/java/org/apache/polaris/service/ratelimiter/RealmTokenBucketRateLimiter.java index ee451f8cda..657a4e557f 100644 --- a/service/common/src/main/java/org/apache/polaris/service/ratelimiter/RealmTokenBucketRateLimiter.java +++ b/service/common/src/main/java/org/apache/polaris/service/ratelimiter/RealmTokenBucketRateLimiter.java @@ -21,7 +21,7 @@ import io.smallrye.common.annotation.Identifier; import jakarta.enterprise.context.RequestScoped; import jakarta.inject.Inject; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; /** * Rate limiter that maps the request's realm identifier to its own TokenBucket, with its own @@ -32,13 +32,12 @@ public class RealmTokenBucketRateLimiter implements RateLimiter { private final TokenBucketFactory tokenBucketFactory; - private final RealmContext realmContext; + private final RealmId realmId; @Inject - public RealmTokenBucketRateLimiter( - TokenBucketFactory tokenBucketFactory, RealmContext realmContext) { + public RealmTokenBucketRateLimiter(TokenBucketFactory tokenBucketFactory, RealmId realmId) { this.tokenBucketFactory = tokenBucketFactory; - this.realmContext = realmContext; + this.realmId = realmId; } /** @@ -49,6 +48,6 @@ public RealmTokenBucketRateLimiter( */ @Override public boolean canProceed() { - return tokenBucketFactory.getOrCreateTokenBucket(realmContext).tryAcquire(); + return tokenBucketFactory.getOrCreateTokenBucket(realmId).tryAcquire(); } } diff --git a/service/common/src/main/java/org/apache/polaris/service/ratelimiter/TokenBucketFactory.java b/service/common/src/main/java/org/apache/polaris/service/ratelimiter/TokenBucketFactory.java index 4ea382ba2a..6b62cc71f9 100644 --- a/service/common/src/main/java/org/apache/polaris/service/ratelimiter/TokenBucketFactory.java +++ b/service/common/src/main/java/org/apache/polaris/service/ratelimiter/TokenBucketFactory.java @@ -18,10 +18,10 @@ */ package org.apache.polaris.service.ratelimiter; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; /** Factory for creating token buckets per realm. */ public interface TokenBucketFactory { - TokenBucket getOrCreateTokenBucket(RealmContext realmContext); + TokenBucket getOrCreateTokenBucket(RealmId realmId); } diff --git a/service/common/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java b/service/common/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java index cd7759819b..8b967df7fb 100644 --- a/service/common/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java +++ b/service/common/src/main/java/org/apache/polaris/service/storage/PolarisStorageIntegrationProviderImpl.java @@ -32,7 +32,7 @@ import java.util.function.Supplier; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.storage.PolarisCredentialProperty; import org.apache.polaris.core.storage.PolarisStorageActions; import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo; @@ -102,7 +102,7 @@ public PolarisStorageIntegrationProviderImpl( new PolarisStorageIntegration<>("file") { @Override public EnumMap getSubscopedCreds( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull PolarisDiagnostics diagnostics, @Nonnull T storageConfig, boolean allowListOperation, @@ -114,7 +114,7 @@ public EnumMap getSubscopedCreds( @Override public @Nonnull Map> validateAccessToLocations( - @Nonnull RealmContext realmContext, + @Nonnull RealmId realmId, @Nonnull T storageConfig, @Nonnull Set actions, @Nonnull Set locations) { diff --git a/service/common/src/main/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandler.java b/service/common/src/main/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandler.java index f37400e6cb..2cd5c6e40a 100644 --- a/service/common/src/main/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandler.java +++ b/service/common/src/main/java/org/apache/polaris/service/task/ManifestFileCleanupTaskHandler.java @@ -37,7 +37,7 @@ import org.apache.iceberg.catalog.TableIdentifier; import org.apache.iceberg.io.FileIO; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.AsyncTaskType; import org.apache.polaris.core.entity.TaskEntity; import org.slf4j.Logger; @@ -56,12 +56,12 @@ public class ManifestFileCleanupTaskHandler implements TaskHandler { public static final int FILE_DELETION_RETRY_MILLIS = 100; private static final Logger LOGGER = LoggerFactory.getLogger(ManifestFileCleanupTaskHandler.class); - private final BiFunction fileIOSupplier; + private final BiFunction fileIOSupplier; private final ExecutorService executorService; private final PolarisDiagnostics diagnostics; public ManifestFileCleanupTaskHandler( - BiFunction fileIOSupplier, + BiFunction fileIOSupplier, ExecutorService executorService, PolarisDiagnostics diagnostics) { this.fileIOSupplier = fileIOSupplier; @@ -76,10 +76,10 @@ public boolean canHandleTask(TaskEntity task) { } @Override - public boolean handleTask(TaskEntity task, RealmContext realmContext) { + public boolean handleTask(TaskEntity task, RealmId realmId) { ManifestCleanupTask cleanupTask = task.readData(diagnostics, ManifestCleanupTask.class); TableIdentifier tableId = cleanupTask.getTableId(); - try (FileIO authorizedFileIO = fileIOSupplier.apply(task, realmContext)) { + try (FileIO authorizedFileIO = fileIOSupplier.apply(task, realmId)) { if (task.getTaskType(diagnostics) == AsyncTaskType.MANIFEST_FILE_CLEANUP) { ManifestFile manifestFile = decodeManifestData(cleanupTask.getManifestFileData()); return cleanUpManifestFile(manifestFile, authorizedFileIO, tableId); diff --git a/service/common/src/main/java/org/apache/polaris/service/task/TableCleanupTaskHandler.java b/service/common/src/main/java/org/apache/polaris/service/task/TableCleanupTaskHandler.java index e675121e99..94e8d3946a 100644 --- a/service/common/src/main/java/org/apache/polaris/service/task/TableCleanupTaskHandler.java +++ b/service/common/src/main/java/org/apache/polaris/service/task/TableCleanupTaskHandler.java @@ -33,7 +33,7 @@ import org.apache.iceberg.io.FileIO; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.AsyncTaskType; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntity; @@ -59,7 +59,7 @@ public class TableCleanupTaskHandler implements TaskHandler { private final MetaStoreManagerFactory metaStoreManagerFactory; private final PolarisConfigurationStore configurationStore; private final PolarisDiagnostics diagnostics; - private final BiFunction fileIOSupplier; + private final BiFunction fileIOSupplier; private final Clock clock; public TableCleanupTaskHandler( @@ -67,7 +67,7 @@ public TableCleanupTaskHandler( MetaStoreManagerFactory metaStoreManagerFactory, PolarisConfigurationStore configurationStore, PolarisDiagnostics diagnostics, - BiFunction fileIOSupplier, + BiFunction fileIOSupplier, Clock clock) { this.taskExecutor = taskExecutor; this.metaStoreManagerFactory = metaStoreManagerFactory; @@ -89,12 +89,12 @@ private boolean taskEntityIsTable(TaskEntity task) { } @Override - public boolean handleTask(TaskEntity cleanupTask, RealmContext realmContext) { + public boolean handleTask(TaskEntity cleanupTask, RealmId realmId) { PolarisBaseEntity entity = cleanupTask.readData(diagnostics, PolarisBaseEntity.class); PolarisMetaStoreManager metaStoreManager = - metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext); + metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId); PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); TableLikeEntity tableEntity = TableLikeEntity.of(entity); LOGGER @@ -106,7 +106,7 @@ public boolean handleTask(TaskEntity cleanupTask, RealmContext realmContext) { // It's likely the cleanupTask has already been completed, but wasn't dropped successfully. // Log a // warning and move on - try (FileIO fileIO = fileIOSupplier.apply(cleanupTask, realmContext)) { + try (FileIO fileIO = fileIOSupplier.apply(cleanupTask, realmId)) { if (!TaskUtils.exists(tableEntity.getMetadataLocation(), fileIO)) { LOGGER .atWarn() @@ -132,7 +132,7 @@ public boolean handleTask(TaskEntity cleanupTask, RealmContext realmContext) { // TODO: handle partition statistics files Stream metadataFileCleanupTasks = getMetadataTaskStream( - realmContext, + realmId, cleanupTask, tableMetadata, tableEntity, @@ -157,7 +157,7 @@ public boolean handleTask(TaskEntity cleanupTask, RealmContext realmContext) { .log( "Successfully queued tasks to delete manifests, previous metadata, and statistics files - deleting table metadata file"); for (PolarisBaseEntity createdTask : createdTasks) { - taskExecutor.addTaskHandlerContext(createdTask.getId(), realmContext); + taskExecutor.addTaskHandlerContext(createdTask.getId(), realmId); } fileIO.deleteFile(tableEntity.getMetadataLocation()); @@ -222,7 +222,7 @@ private Stream getManifestTaskStream( } private Stream getMetadataTaskStream( - RealmContext realmContext, + RealmId realmId, TaskEntity cleanupTask, TableMetadata tableMetadata, TableLikeEntity tableEntity, @@ -230,7 +230,7 @@ private Stream getMetadataTaskStream( PolarisMetaStoreSession metaStoreSession, PolarisConfigurationStore configurationStore, Clock clock) { - int batchSize = configurationStore.getConfiguration(realmContext, BATCH_SIZE_CONFIG_KEY, 10); + int batchSize = configurationStore.getConfiguration(realmId, BATCH_SIZE_CONFIG_KEY, 10); return getMetadataFileBatches(tableMetadata, batchSize).stream() .map( metadataBatch -> { diff --git a/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutor.java b/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutor.java index bcf2f61696..d3e10b8157 100644 --- a/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutor.java +++ b/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutor.java @@ -18,12 +18,12 @@ */ package org.apache.polaris.service.task; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; /** * Execute a task asynchronously with a provided context. The context must be cloned so that callers * can close their own context and closables */ public interface TaskExecutor { - void addTaskHandlerContext(long taskEntityId, RealmContext realmContext); + void addTaskHandlerContext(long taskEntityId, RealmId realmId); } diff --git a/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutorImpl.java b/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutorImpl.java index ff245dcf4a..04472decd5 100644 --- a/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutorImpl.java +++ b/service/common/src/main/java/org/apache/polaris/service/task/TaskExecutorImpl.java @@ -30,7 +30,7 @@ import java.util.concurrent.TimeUnit; import org.apache.polaris.core.PolarisConfigurationStore; import org.apache.polaris.core.PolarisDiagnostics; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisBaseEntity; import org.apache.polaris.core.entity.PolarisEntity; import org.apache.polaris.core.entity.PolarisEntityType; @@ -43,7 +43,7 @@ /** * Given a list of registered {@link TaskHandler}s, execute tasks asynchronously with the provided - * {@link RealmContext}. + * {@link RealmId}. */ public class TaskExecutorImpl implements TaskExecutor { private static final Logger LOGGER = LoggerFactory.getLogger(TaskExecutorImpl.class); @@ -91,37 +91,36 @@ public void addTaskHandler(TaskHandler taskHandler) { } /** - * Register a {@link RealmContext} for a specific task id. That task will be loaded and executed - * asynchronously with a copy of the provided {@link RealmContext} (because the realm context is a + * Register a {@link RealmId} for a specific task id. That task will be loaded and executed + * asynchronously with a copy of the provided {@link RealmId} (because the realm context is a * request-scoped component). */ @Override - public void addTaskHandlerContext(long taskEntityId, RealmContext realmContext) { - tryHandleTask(taskEntityId, RealmContext.copyOf(realmContext), null, 1); + public void addTaskHandlerContext(long taskEntityId, RealmId realmId) { + tryHandleTask(taskEntityId, realmId, null, 1); } private @Nonnull CompletableFuture tryHandleTask( - long taskEntityId, RealmContext realmContext, Throwable e, int attempt) { + long taskEntityId, RealmId realmId, Throwable e, int attempt) { if (attempt > 3) { return CompletableFuture.failedFuture(e); } - return CompletableFuture.runAsync( - () -> handleTask(taskEntityId, realmContext, attempt), executor) + return CompletableFuture.runAsync(() -> handleTask(taskEntityId, realmId, attempt), executor) .exceptionallyComposeAsync( (t) -> { LOGGER.warn("Failed to handle task entity id {}", taskEntityId, t); - return tryHandleTask(taskEntityId, realmContext, t, attempt + 1); + return tryHandleTask(taskEntityId, realmId, t, attempt + 1); }, CompletableFuture.delayedExecutor( TASK_RETRY_DELAY * (long) attempt, TimeUnit.MILLISECONDS, executor)); } - protected void handleTask(long taskEntityId, RealmContext realmContext, int attempt) { + protected void handleTask(long taskEntityId, RealmId realmId, int attempt) { LOGGER.info("Handling task entity id {}", taskEntityId); PolarisMetaStoreManager metaStoreManager = - metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext); + metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId); PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); PolarisBaseEntity taskEntity = metaStoreManager.loadEntity(metaStoreSession, 0L, taskEntityId).getEntity(); if (!PolarisEntityType.TASK.equals(taskEntity.getType())) { @@ -139,7 +138,7 @@ protected void handleTask(long taskEntityId, RealmContext realmContext, int atte return; } TaskHandler handler = handlerOpt.get(); - boolean success = handler.handleTask(task, realmContext); + boolean success = handler.handleTask(task, realmId); if (success) { LOGGER .atInfo() diff --git a/service/common/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java b/service/common/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java index b11a6d8db5..71d2660eb0 100644 --- a/service/common/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java +++ b/service/common/src/main/java/org/apache/polaris/service/task/TaskFileIOSupplier.java @@ -28,7 +28,7 @@ import org.apache.iceberg.io.FileIO; import org.apache.polaris.core.PolarisConfiguration; import org.apache.polaris.core.PolarisConfigurationStore; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.PolarisTaskConstants; import org.apache.polaris.core.entity.TaskEntity; import org.apache.polaris.core.persistence.MetaStoreManagerFactory; @@ -37,7 +37,7 @@ import org.apache.polaris.service.catalog.io.FileIOFactory; @ApplicationScoped -public class TaskFileIOSupplier implements BiFunction { +public class TaskFileIOSupplier implements BiFunction { private final MetaStoreManagerFactory metaStoreManagerFactory; private final FileIOFactory fileIOFactory; private final PolarisConfigurationStore configurationStore; @@ -53,25 +53,25 @@ public TaskFileIOSupplier( } @Override - public FileIO apply(TaskEntity task, RealmContext realmContext) { + public FileIO apply(TaskEntity task, RealmId realmId) { Map internalProperties = task.getInternalPropertiesAsMap(); String location = internalProperties.get(PolarisTaskConstants.STORAGE_LOCATION); PolarisMetaStoreManager metaStoreManager = - metaStoreManagerFactory.getOrCreateMetaStoreManager(realmContext); + metaStoreManagerFactory.getOrCreateMetaStoreManager(realmId); PolarisMetaStoreSession metaStoreSession = - metaStoreManagerFactory.getOrCreateSessionSupplier(realmContext).get(); + metaStoreManagerFactory.getOrCreateSessionSupplier(realmId).get(); Map properties = new HashMap<>(internalProperties); Boolean skipCredentialSubscopingIndirection = configurationStore.getConfiguration( - realmContext, + realmId, PolarisConfiguration.SKIP_CREDENTIAL_SUBSCOPING_INDIRECTION.key, PolarisConfiguration.SKIP_CREDENTIAL_SUBSCOPING_INDIRECTION.defaultValue); if (!skipCredentialSubscopingIndirection) { properties.putAll( metaStoreManagerFactory - .getOrCreateStorageCredentialCache(realmContext) + .getOrCreateStorageCredentialCache(realmId) .getOrGenerateSubScopeCreds( metaStoreManager, metaStoreSession, diff --git a/service/common/src/main/java/org/apache/polaris/service/task/TaskHandler.java b/service/common/src/main/java/org/apache/polaris/service/task/TaskHandler.java index f0d331494d..2c8dbfab02 100644 --- a/service/common/src/main/java/org/apache/polaris/service/task/TaskHandler.java +++ b/service/common/src/main/java/org/apache/polaris/service/task/TaskHandler.java @@ -18,11 +18,11 @@ */ package org.apache.polaris.service.task; -import org.apache.polaris.core.context.RealmContext; +import org.apache.polaris.core.context.RealmId; import org.apache.polaris.core.entity.TaskEntity; public interface TaskHandler { boolean canHandleTask(TaskEntity task); - boolean handleTask(TaskEntity task, RealmContext realmContext); + boolean handleTask(TaskEntity task, RealmId realmId); } diff --git a/site/content/in-dev/unreleased/configuring-polaris-for-production.md b/site/content/in-dev/unreleased/configuring-polaris-for-production.md index e02be618ff..ebf4c9d4aa 100644 --- a/site/content/in-dev/unreleased/configuring-polaris-for-production.md +++ b/site/content/in-dev/unreleased/configuring-polaris-for-production.md @@ -44,7 +44,7 @@ Notable configuration used to secure a Polaris deployment are outlined below. > [!WARNING] > Ensure that the `tokenBroker` setting reflects the token broker specified in `oauth2` above. -#### callContextResolver & realmContextResolver +#### callContextResolver & realmIdResolver * Use these configurations to specify a service that can resolve a realm from bearer tokens. * The service(s) used here must implement the relevant interfaces (i.e. [CallContextResolver](https://github.com/apache/polaris/blob/8290019c10290a600e40b35ddb1e2f54bf99e120/polaris-service/src/main/java/io/polaris/service/context/CallContextResolver.java#L27) and [RealmContextResolver](https://github.com/apache/polaris/blob/7ce86f10a68a3b56aed766235c88d6027c0de038/polaris-service/src/main/java/io/polaris/service/context/RealmContextResolver.java)).