They are leftover from a previous Authz design. They don’t do anything anymore, so I don’t see a reason to keep them.
Mike On Fri, Jan 24, 2025 at 6:57 AM Alex Dutra <alex.du...@dremio.com.invalid> wrote: > Hi Dmitri, > > I think it would make sense to remove these annotations. While convenient, > such annotations freeze the allowed roles at compile time, and imho this > won't be extensible enough for Polaris. > > Thanks, > Alex > > On Fri, Jan 24, 2025 at 3:25 PM Dmitri Bourlatchkov <di...@apache.org> > wrote: > > > Hi All, > > > > Currently the code generated for various REST API endpoints contains > > "@RolesAllowed" annotations. > > > > Do people find them critical? > > > > From my POV, it is preferable to delegate all authorization logic > > to PolarisAuthorizer implementations and remove any framework-specific > ways > > to control access. > > > > WDYT? > > > > Thanks, > > Dmitri. > > >
