https://github.com/apache/polaris/pull/875
On Fri, Jan 24, 2025 at 11:02 AM Dmitri Bourlatchkov <di...@apache.org> wrote: > Thanks for the context, Mike! I'll open a PR to remove them. > > Cheers, > Dmitri. > > On Fri, Jan 24, 2025 at 10:46 AM Michael Collado <collado.m...@gmail.com> > wrote: > >> They are leftover from a previous Authz design. They don’t do anything >> anymore, so I don’t see a reason to keep them. >> >> Mike >> >> On Fri, Jan 24, 2025 at 6:57 AM Alex Dutra <alex.du...@dremio.com.invalid >> > >> wrote: >> >> > Hi Dmitri, >> > >> > I think it would make sense to remove these annotations. While >> convenient, >> > such annotations freeze the allowed roles at compile time, and imho this >> > won't be extensible enough for Polaris. >> > >> > Thanks, >> > Alex >> > >> > On Fri, Jan 24, 2025 at 3:25 PM Dmitri Bourlatchkov <di...@apache.org> >> > wrote: >> > >> > > Hi All, >> > > >> > > Currently the code generated for various REST API endpoints contains >> > > "@RolesAllowed" annotations. >> > > >> > > Do people find them critical? >> > > >> > > From my POV, it is preferable to delegate all authorization logic >> > > to PolarisAuthorizer implementations and remove any framework-specific >> > ways >> > > to control access. >> > > >> > > WDYT? >> > > >> > > Thanks, >> > > Dmitri. >> > > >> > >> >
