Package org.apache.polaris.service.catalog.common

Class CatalogHandler

java.lang.Object
org.apache.polaris.service.catalog.common.CatalogHandler
Direct Known Subclasses:
GenericTableCatalogHandler, IcebergCatalogHandler, PolicyCatalogHandler
public abstract class CatalogHandler extends Object
An ABC for catalog wrappers which provides authorize methods that should be called before a request is actually forwarded to a catalog. Child types must implement `initializeCatalog` which will be called after a successful authorization.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final org.apache.polaris.core.auth.PolarisAuthorizer
    authorizer
     
    protected final org.apache.polaris.core.context.CallContext
    callContext
     
    protected final String
    catalogName
     
    protected final org.apache.polaris.core.credentials.PolarisCredentialManager
    credentialManager
     
    protected final org.apache.polaris.core.PolarisDiagnostics
    diagnostics
     
    protected final jakarta.enterprise.inject.Instance<org.apache.polaris.core.catalog.ExternalCatalogFactory>
    externalCatalogFactories
     
    protected final org.apache.polaris.core.auth.PolarisPrincipal
    polarisPrincipal
     
    protected final org.apache.polaris.core.config.RealmConfig
    realmConfig
     
    protected org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest
    resolutionManifest
     
    protected final org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory
    resolutionManifestFactory
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    CatalogHandler(org.apache.polaris.core.PolarisDiagnostics diagnostics, org.apache.polaris.core.context.CallContext callContext, org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory resolutionManifestFactory, org.apache.polaris.core.auth.PolarisPrincipal principal, String catalogName, org.apache.polaris.core.auth.PolarisAuthorizer authorizer, org.apache.polaris.core.credentials.PolarisCredentialManager credentialManager, jakarta.enterprise.inject.Instance<org.apache.polaris.core.catalog.ExternalCatalogFactory> externalCatalogFactories)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    authorizeBasicNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.Namespace namespace)
     
    protected void
    authorizeBasicNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.Namespace namespace, List<org.apache.iceberg.catalog.Namespace> extraPassthroughNamespaces, List<org.apache.iceberg.catalog.TableIdentifier> extraPassthroughTableLikes, List<org.apache.polaris.service.types.PolicyIdentifier> extraPassThroughPolicies)
     
    protected void
    authorizeBasicTableLikeOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.polaris.core.entity.PolarisEntitySubType subType, org.apache.iceberg.catalog.TableIdentifier identifier)
     
    protected void
    authorizeBasicTableLikeOperationsOrThrow(EnumSet<org.apache.polaris.core.auth.PolarisAuthorizableOperation> ops, org.apache.polaris.core.entity.PolarisEntitySubType subType, org.apache.iceberg.catalog.TableIdentifier identifier)
     
    protected void
    authorizeCollectionOfTableLikeOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.polaris.core.entity.PolarisEntitySubType subType, List<org.apache.iceberg.catalog.TableIdentifier> ids)
     
    protected void
    authorizeCreateNamespaceUnderNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.Namespace namespace)
     
    protected void
    authorizeCreateTableLikeUnderNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.TableIdentifier identifier)
     
    protected void
    authorizeRenameTableLikeOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.polaris.core.entity.PolarisEntitySubType subType, org.apache.iceberg.catalog.TableIdentifier src, org.apache.iceberg.catalog.TableIdentifier dst)
     
    protected void
    ensureResolutionManifestForTable(org.apache.iceberg.catalog.TableIdentifier identifier)
    Ensures resolution manifest is initialized for a table identifier.
    protected org.apache.polaris.core.credentials.PolarisCredentialManager
    getPolarisCredentialManager()
     
    protected abstract void
    initializeCatalog()
    Initialize the catalog once authorized.
    protected org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest
    newResolutionManifest()
     
    static void
    throwNotFoundExceptionForTableLikeEntity(org.apache.iceberg.catalog.TableIdentifier identifier, List<org.apache.polaris.core.entity.PolarisEntitySubType> subTypes)
    Helper function for when a TABLE_LIKE entity is not found so we want to throw the appropriate exception.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • resolutionManifest

      protected org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest resolutionManifest

    • resolutionManifestFactory

      protected final org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory resolutionManifestFactory

    • catalogName

      protected final String catalogName

    • authorizer

      protected final org.apache.polaris.core.auth.PolarisAuthorizer authorizer

    • credentialManager

      protected final org.apache.polaris.core.credentials.PolarisCredentialManager credentialManager

    • externalCatalogFactories

      protected final jakarta.enterprise.inject.Instance<org.apache.polaris.core.catalog.ExternalCatalogFactory> externalCatalogFactories

    • diagnostics

      protected final org.apache.polaris.core.PolarisDiagnostics diagnostics

    • callContext

      protected final org.apache.polaris.core.context.CallContext callContext

    • realmConfig

      protected final org.apache.polaris.core.config.RealmConfig realmConfig

    • polarisPrincipal

      protected final org.apache.polaris.core.auth.PolarisPrincipal polarisPrincipal

  • Constructor Details

    • CatalogHandler

      public CatalogHandler(org.apache.polaris.core.PolarisDiagnostics diagnostics, org.apache.polaris.core.context.CallContext callContext, org.apache.polaris.core.persistence.resolver.ResolutionManifestFactory resolutionManifestFactory, org.apache.polaris.core.auth.PolarisPrincipal principal, String catalogName, org.apache.polaris.core.auth.PolarisAuthorizer authorizer, org.apache.polaris.core.credentials.PolarisCredentialManager credentialManager, jakarta.enterprise.inject.Instance<org.apache.polaris.core.catalog.ExternalCatalogFactory> externalCatalogFactories)

  • Method Details

    • getPolarisCredentialManager

      protected org.apache.polaris.core.credentials.PolarisCredentialManager getPolarisCredentialManager()

    • newResolutionManifest

      protected org.apache.polaris.core.persistence.resolver.PolarisResolutionManifest newResolutionManifest()

    • initializeCatalog

      protected abstract void initializeCatalog()
      Initialize the catalog once authorized. Called after all `authorize...` methods.

    • authorizeBasicNamespaceOperationOrThrow

      protected void authorizeBasicNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.Namespace namespace)

    • authorizeBasicNamespaceOperationOrThrow

      protected void authorizeBasicNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.Namespace namespace, List<org.apache.iceberg.catalog.Namespace> extraPassthroughNamespaces, List<org.apache.iceberg.catalog.TableIdentifier> extraPassthroughTableLikes, List<org.apache.polaris.service.types.PolicyIdentifier> extraPassThroughPolicies)

    • authorizeCreateNamespaceUnderNamespaceOperationOrThrow

      protected void authorizeCreateNamespaceUnderNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.Namespace namespace)

    • authorizeCreateTableLikeUnderNamespaceOperationOrThrow

      protected void authorizeCreateTableLikeUnderNamespaceOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.iceberg.catalog.TableIdentifier identifier)

    • ensureResolutionManifestForTable

      protected void ensureResolutionManifestForTable(org.apache.iceberg.catalog.TableIdentifier identifier)
      Ensures resolution manifest is initialized for a table identifier. This allows checking catalog-level feature flags or other resolved entities before authorization. If already initialized, this is a no-op.

    • authorizeBasicTableLikeOperationOrThrow

      protected void authorizeBasicTableLikeOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.polaris.core.entity.PolarisEntitySubType subType, org.apache.iceberg.catalog.TableIdentifier identifier)

    • authorizeBasicTableLikeOperationsOrThrow

      protected void authorizeBasicTableLikeOperationsOrThrow(EnumSet<org.apache.polaris.core.auth.PolarisAuthorizableOperation> ops, org.apache.polaris.core.entity.PolarisEntitySubType subType, org.apache.iceberg.catalog.TableIdentifier identifier)

    • authorizeCollectionOfTableLikeOperationOrThrow

      protected void authorizeCollectionOfTableLikeOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.polaris.core.entity.PolarisEntitySubType subType, List<org.apache.iceberg.catalog.TableIdentifier> ids)

    • authorizeRenameTableLikeOperationOrThrow

      protected void authorizeRenameTableLikeOperationOrThrow(org.apache.polaris.core.auth.PolarisAuthorizableOperation op, org.apache.polaris.core.entity.PolarisEntitySubType subType, org.apache.iceberg.catalog.TableIdentifier src, org.apache.iceberg.catalog.TableIdentifier dst)

    • throwNotFoundExceptionForTableLikeEntity

      public static void throwNotFoundExceptionForTableLikeEntity(org.apache.iceberg.catalog.TableIdentifier identifier, List<org.apache.polaris.core.entity.PolarisEntitySubType> subTypes)
      Helper function for when a TABLE_LIKE entity is not found so we want to throw the appropriate exception. Used in Iceberg APIs, so the Iceberg messages cannot be changed.
      Parameters:
      subTypes - The subtypes of the entity that the exception should report doesn't exist