Policy Store: Add PolicyEntity and PolicyTypes #1133
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,129 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.polaris.core.policy; | ||
|
|
||
| import com.fasterxml.jackson.annotation.JsonIgnore; | ||
| import com.google.common.base.Preconditions; | ||
| import org.apache.iceberg.catalog.Namespace; | ||
| import org.apache.iceberg.rest.RESTUtil; | ||
| import org.apache.polaris.core.entity.NamespaceEntity; | ||
| import org.apache.polaris.core.entity.PolarisBaseEntity; | ||
| import org.apache.polaris.core.entity.PolarisEntity; | ||
| import org.apache.polaris.core.entity.PolarisEntityType; | ||
|
|
||
| public class PolicyEntity extends PolarisEntity { | ||
|
|
||
| public static final String POLICY_TYPE_CODE_KEY = "policy-type-code"; | ||
| public static final String POLICY_DESCRIPTION_KEY = "policy-description"; | ||
| public static final String POLICY_VERSION_KEY = "policy-version"; | ||
| public static final String POLICY_CONTENT_KEY = "policy-content"; | ||
|
|
||
| PolicyEntity(PolarisBaseEntity sourceEntity) { | ||
| super(sourceEntity); | ||
| } | ||
|
|
||
| public static PolicyEntity of(PolarisBaseEntity sourceEntity) { | ||
| if (sourceEntity != null) { | ||
| return new PolicyEntity(sourceEntity); | ||
| } | ||
|
|
||
| return null; | ||
| } | ||
|
|
||
| @JsonIgnore | ||
| public PolicyType getPolicyType() { | ||
| return PolicyType.fromCode(getPolicyTypeCode()); | ||
| } | ||
|
|
||
| @JsonIgnore | ||
| public int getPolicyTypeCode() { | ||
| Preconditions.checkArgument( | ||
| getPropertiesAsMap().containsKey(POLICY_TYPE_CODE_KEY), | ||
| "Invalid policy entity: policy type must exist"); | ||
| String policyTypeCode = getPropertiesAsMap().get(POLICY_TYPE_CODE_KEY); | ||
| return Integer.parseInt(policyTypeCode); | ||
| } | ||
|
|
||
| @JsonIgnore | ||
| public String getDescription() { | ||
| return getPropertiesAsMap().get(POLICY_DESCRIPTION_KEY); | ||
| } | ||
|
|
||
| @JsonIgnore | ||
| public String getContent() { | ||
| return getPropertiesAsMap().get(POLICY_CONTENT_KEY); | ||
| } | ||
|
|
||
| @JsonIgnore | ||
| public int getPolicyVersion() { | ||
| return Integer.parseInt(getPropertiesAsMap().get(POLICY_VERSION_KEY)); | ||
| } | ||
|
|
||
| public static class Builder extends PolarisEntity.BaseBuilder<PolicyEntity, Builder> { | ||
| public Builder(Namespace namespace, String policyName, PolicyType policyType) { | ||
| super(); | ||
| setType(PolarisEntityType.POLICY); | ||
| setParentNamespace(namespace); | ||
| setName(policyName); | ||
| setPolicyType(policyType); | ||
| setPolicyVersion(0); | ||
| } | ||
|
|
||
| public Builder(PolicyEntity original) { | ||
| super(original); | ||
| } | ||
|
|
||
| @Override | ||
| public PolicyEntity build() { | ||
| Preconditions.checkArgument( | ||
| properties.containsKey(POLICY_TYPE_CODE_KEY), "Policy type must be specified"); | ||
|
|
||
| return new PolicyEntity(buildBase()); | ||
| } | ||
|
|
||
| public Builder setParentNamespace(Namespace namespace) { | ||
| if (namespace != null && !namespace.isEmpty()) { | ||
| internalProperties.put( | ||
| NamespaceEntity.PARENT_NAMESPACE_KEY, RESTUtil.encodeNamespace(namespace)); | ||
| } | ||
| return this; | ||
| } | ||
|
|
||
| public Builder setPolicyType(PolicyType policyType) { | ||
| Preconditions.checkArgument(policyType != null, "Policy type must be specified"); | ||
| properties.put(POLICY_TYPE_CODE_KEY, Integer.toString(policyType.getCode())); | ||
| return this; | ||
| } | ||
|
|
||
| public Builder setDescription(String description) { | ||
| properties.put(POLICY_DESCRIPTION_KEY, description); | ||
| return this; | ||
| } | ||
|
|
||
| public Builder setPolicyVersion(int version) { | ||
| properties.put(POLICY_VERSION_KEY, Integer.toString(version)); | ||
| return this; | ||
| } | ||
|
|
||
| public Builder setContent(String content) { | ||
| properties.put(POLICY_CONTENT_KEY, content); | ||
| return this; | ||
| } | ||
| } | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,84 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.polaris.core.policy; | ||
|
|
||
| import com.fasterxml.jackson.annotation.JsonCreator; | ||
| import com.fasterxml.jackson.annotation.JsonValue; | ||
| import jakarta.annotation.Nullable; | ||
|
|
||
| /** | ||
| * Represents a policy type in Polaris. A policy type defines a category of policies that may be | ||
| * either predefined or custom (user-defined). | ||
| * | ||
| * <p>A policy type can be either inheritable or non-inheritable. Inheritable policies are passed | ||
| * down to lower-level entities (e.g., from a namespace to a table). | ||
|
There was a problem hiding this comment. [doubt] may be a naive question, what stops these policies to inherited from namespace -> view ? There was a problem hiding this comment.
Good question, I think that's a valid concern. Currently, our engine determines how policies are enforced, and the TMS service is focused solely on tables. That said, if we later find it necessary to restrict inheritance, we can extend the PolicyType to provide the functionality to limit the valid target types. cc @flyrain There was a problem hiding this comment.
Thats true for enforcing part, but polaris here is acting as a policy store, which should make sure if such inheritence if they are un-intentional are blocked. So a call to get a TMS policy on view should return nothing. That being said it fine if we want address this later, considering presently the caller just wants TMS on tables and never on a view. |
||
| */ | ||
| public interface PolicyType { | ||
|
|
||
| /** | ||
| * Retrieves the unique type code associated with this policy type. | ||
| * | ||
| * @return the type code of the policy type | ||
| */ | ||
| @JsonValue | ||
| int getCode(); | ||
|
|
||
| /** | ||
| * Retrieves the human-readable name of this policy type. | ||
| * | ||
| * @return the name of the policy type | ||
| */ | ||
| String getName(); | ||
|
|
||
| /** | ||
| * Determines whether this policy type is inheritable. | ||
| * | ||
| * @return {@code true} if the policy type is inheritable, otherwise {@code false} | ||
| */ | ||
| boolean isInheritable(); | ||
|
|
||
| /** | ||
| * Retrieves a {@link PolicyType} instance corresponding to the given type code. | ||
| * | ||
| * <p>This method searches for the policy type in predefined policy types. If a custom policy type | ||
| * storage mechanism is implemented in the future, it may also check registered custom policy | ||
| * types. | ||
| * | ||
| * @param code the type code of the policy type | ||
| * @return the corresponding {@link PolicyType}, or {@code null} if no matching type is found | ||
| */ | ||
| @JsonCreator | ||
| static @Nullable PolicyType fromCode(int code) { | ||
| return PredefinedPolicyTypes.fromCode(code); | ||
| } | ||
|
|
||
| /** | ||
| * Retrieves a {@link PolicyType} instance corresponding to the given policy name. | ||
| * | ||
| * <p>This method searches for the policy type in predefined policy types. If a custom policy type | ||
| * storage mechanism is implemented in the future, it may also check registered custom policy | ||
| * types. | ||
| * | ||
| * @param name the name of the policy type | ||
| * @return the corresponding {@link PolicyType}, or {@code null} if no matching type is found | ||
| */ | ||
| static @Nullable PolicyType fromName(String name) { | ||
| return PredefinedPolicyTypes.fromName(name); | ||
| } | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.polaris.core.policy; | ||
|
|
||
| import com.fasterxml.jackson.annotation.JsonCreator; | ||
| import com.fasterxml.jackson.annotation.JsonValue; | ||
| import com.google.common.collect.ImmutableMap; | ||
| import jakarta.annotation.Nullable; | ||
|
|
||
| /* Represents all predefined policy types in Polaris */ | ||
| public enum PredefinedPolicyTypes implements PolicyType { | ||
| DATA_COMPACTION(0, "system.data-compaction", true), | ||
|
There was a problem hiding this comment. [doubt] I might be late to this, but why There was a problem hiding this comment. The prefix is to make it consistent with the path of the content schema of these policies, introduced in #969. |
||
| METADATA_COMPACTION(1, "system.metadata-compaction", true), | ||
| ORPHAN_FILE_REMOVAL(2, "system.orphan-file-removal", true), | ||
| SNAPSHOT_RETENTION(3, "system.snapshot-retention", true); | ||
|
|
||
| private final int code; | ||
| private final String name; | ||
| private final boolean isInheritable; | ||
| private static final PredefinedPolicyTypes[] REVERSE_CODE_MAPPING_ARRAY; | ||
| private static final ImmutableMap<String, PredefinedPolicyTypes> REVERSE_NAME_MAPPING_ARRAY; | ||
|
|
||
| static { | ||
| int maxId = 0; | ||
| for (PredefinedPolicyTypes policyType : PredefinedPolicyTypes.values()) { | ||
| if (maxId < policyType.code) { | ||
| maxId = policyType.code; | ||
| } | ||
| } | ||
|
|
||
| REVERSE_CODE_MAPPING_ARRAY = new PredefinedPolicyTypes[maxId + 1]; | ||
| ImmutableMap.Builder<String, PredefinedPolicyTypes> builder = ImmutableMap.builder(); | ||
| // populate both | ||
| for (PredefinedPolicyTypes policyType : PredefinedPolicyTypes.values()) { | ||
| REVERSE_CODE_MAPPING_ARRAY[policyType.code] = policyType; | ||
| builder.put(policyType.name, policyType); | ||
| } | ||
| REVERSE_NAME_MAPPING_ARRAY = builder.build(); | ||
| } | ||
|
|
||
| PredefinedPolicyTypes(int code, String name, boolean isInheritable) { | ||
| this.code = code; | ||
| this.name = name; | ||
| this.isInheritable = isInheritable; | ||
| } | ||
|
|
||
| /** {@inheritDoc} */ | ||
| @Override | ||
| @JsonValue | ||
| public int getCode() { | ||
| return code; | ||
| } | ||
|
|
||
| /** {@inheritDoc} */ | ||
| @Override | ||
| public String getName() { | ||
| return name; | ||
| } | ||
|
|
||
| /** {@inheritDoc} */ | ||
| @Override | ||
| public boolean isInheritable() { | ||
| return isInheritable; | ||
| } | ||
|
|
||
| /** | ||
| * Retrieves a {@link PredefinedPolicyTypes} instance corresponding to the given type code. | ||
| * | ||
| * @param code the type code of the predefined policy type | ||
| * @return the corresponding {@link PredefinedPolicyTypes}, or {@code null} if no matching type is | ||
| * found | ||
| */ | ||
| @JsonCreator | ||
| public static @Nullable PredefinedPolicyTypes fromCode(int code) { | ||
| if (code >= REVERSE_CODE_MAPPING_ARRAY.length) { | ||
| return null; | ||
| } | ||
|
|
||
| return REVERSE_CODE_MAPPING_ARRAY[code]; | ||
| } | ||
|
|
||
| /** | ||
| * Retrieves a {@link PredefinedPolicyTypes} instance corresponding to the given policy name. | ||
| * | ||
| * @param name the name of the predefined policy type | ||
| * @return the corresponding {@link PredefinedPolicyTypes}, or {@code null} if no matching type is | ||
| * found | ||
| */ | ||
| public static @Nullable PredefinedPolicyTypes fromName(String name) { | ||
| return REVERSE_NAME_MAPPING_ARRAY.get(name); | ||
| } | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We will need policy type to be a top-level field instead of hidden in property map in the future, but it's fine now.