flyrain commented on code in PR #3852:
URL: https://github.com/apache/polaris/pull/3852#discussion_r2985045392
##########
polaris-core/src/main/java/org/apache/polaris/core/entity/PolarisEntityConstants.java:
##########
@@ -43,6 +43,9 @@ public class PolarisEntityConstants {
// the name of the principal role we create to manage the entire Polaris
service
private static final String ADMIN_PRINCIPAL_ROLE_NAME = "service_admin";
+ // the name of the principal role for catalog admins to list principal roles
+ private static final String CATALOG_ROLE_MANAGER_PRINCIPAL_ROLE_NAME =
"catalog_role_manager";
Review Comment:
The name `catalog_role_manager` feels confusing to me. It is not really
about managing catalog roles. In this PR, it is only granted because of
`catalog_admin`, but the role itself is about listing principal roles, and the
same capability could be reused in other contexts that have nothing to do with
catalog roles.
A name like `principal_role_viewer` or `principal_role_reader` seems more
accurate and easier to understand.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
