WIP cred vend to storage-creds-cache - step 2

Author: snazy

persistence/eclipselink/src/main/java/org/apache/polaris/extension/persistence/impl/eclipselink/EclipseLinkPolarisMetaStoreManagerFactory.java

@@ -31,7 +31,6 @@
 import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
 import org.apache.polaris.core.persistence.bootstrap.RootCredentialsSet;
 import org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
-import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
 
 /**
  * The implementation of Configuration interface for configuring the {@link PolarisMetaStoreManager}
@@ -47,16 +46,15 @@ public class EclipseLinkPolarisMetaStoreManagerFactory
 
   @SuppressWarnings("unused") // Required by CDI
   protected EclipseLinkPolarisMetaStoreManagerFactory() {
-    this(null, null, null, null);
+    this(null, null, null);
   }
 
   @Inject
   protected EclipseLinkPolarisMetaStoreManagerFactory(
       Clock clock,
       PolarisDiagnostics diagnostics,
-      PolarisStorageIntegrationProvider storageIntegrationProvider,
       EclipseLinkConfiguration eclipseLinkConfiguration) {
-    super(clock, diagnostics, storageIntegrationProvider);
+    super(clock, diagnostics);
     this.eclipseLinkConfiguration = eclipseLinkConfiguration;
   }
 

persistence/eclipselink/src/test/java/org/apache/polaris/extension/persistence/impl/eclipselink/PolarisEclipseLinkMetaStoreManagerTest.java

@@ -48,7 +48,6 @@
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
 import org.junit.jupiter.params.provider.MethodSource;
-import org.mockito.Mockito;
 
 /**
  * Integration test for EclipseLink based metastore implementation
@@ -88,7 +87,7 @@ protected PolarisTestMetaStoreManager createPolarisTestMetaStoreManager() {
         new PolarisEclipseLinkMetaStoreSessionImpl(
             store, realmContext, null, "polaris", RANDOM_SECRETS);
     TransactionalMetaStoreManagerImpl metaStoreManager =
-        new TransactionalMetaStoreManagerImpl(clock, Mockito.mock());
+        new TransactionalMetaStoreManagerImpl(clock);
     PolarisCallContext callCtx = new PolarisCallContext(realmContext, session, diagServices);
     return new PolarisTestMetaStoreManager(metaStoreManager, callCtx);
   }

persistence/relational-jdbc/src/main/java/org/apache/polaris/persistence/relational/jdbc/JdbcMetaStoreManagerFactory.java

@@ -87,7 +87,7 @@ protected PrincipalSecretsGenerator secretsGenerator(
   }
 
   protected PolarisMetaStoreManager createNewMetaStoreManager() {
-    return new AtomicOperationMetaStoreManager(clock, storageIntegrationProvider);
+    return new AtomicOperationMetaStoreManager(clock);
   }
 
   private void initializeForRealm(

persistence/relational-jdbc/src/test/java/org/apache/polaris/persistence/relational/jdbc/AtomicMetastoreManagerWithJdbcBasePersistenceImplTest.java

@@ -32,7 +32,6 @@
 import org.apache.polaris.core.persistence.BasePolarisMetaStoreManagerTest;
 import org.apache.polaris.core.persistence.PolarisTestMetaStoreManager;
 import org.h2.jdbcx.JdbcConnectionPool;
-import org.mockito.Mockito;
 
 public class AtomicMetastoreManagerWithJdbcBasePersistenceImplTest
     extends BasePolarisMetaStoreManagerTest {
@@ -65,8 +64,7 @@ protected PolarisTestMetaStoreManager createPolarisTestMetaStoreManager() {
     JdbcBasePersistenceImpl basePersistence =
         new JdbcBasePersistenceImpl(
             datasourceOperations, RANDOM_SECRETS, realmContext.getRealmIdentifier(), schemaVersion);
-    AtomicOperationMetaStoreManager metaStoreManager =
-        new AtomicOperationMetaStoreManager(clock, Mockito.mock());
+    AtomicOperationMetaStoreManager metaStoreManager = new AtomicOperationMetaStoreManager(clock);
     PolarisCallContext callCtx =
         new PolarisCallContext(realmContext, basePersistence, diagServices);
     return new PolarisTestMetaStoreManager(metaStoreManager, callCtx);

polaris-core/src/main/java/org/apache/polaris/core/persistence/AtomicOperationMetaStoreManager.java

@@ -70,7 +70,6 @@
 import org.apache.polaris.core.policy.PolicyEntity;
 import org.apache.polaris.core.policy.PolicyMappingUtil;
 import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -84,9 +83,7 @@ public class AtomicOperationMetaStoreManager extends BaseMetaStoreManager {
 
   private final Clock clock;
 
-  public AtomicOperationMetaStoreManager(
-      Clock clock, PolarisStorageIntegrationProvider storageIntegrationProvider) {
-    super(storageIntegrationProvider);
+  public AtomicOperationMetaStoreManager(Clock clock) {
     this.clock = clock;
   }
 

polaris-core/src/main/java/org/apache/polaris/core/persistence/BaseMetaStoreManager.java

@@ -18,75 +18,23 @@
  */
 package org.apache.polaris.core.persistence;
 
-import static java.util.Objects.requireNonNull;
-
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.annotation.Nonnull;
 import java.util.Map;
-import java.util.Set;
 import org.apache.polaris.core.PolarisCallContext;
 import org.apache.polaris.core.entity.PolarisBaseEntity;
 import org.apache.polaris.core.entity.PolarisEntityConstants;
 import org.apache.polaris.core.entity.PolarisEntitySubType;
 import org.apache.polaris.core.entity.PolarisEntityType;
-import org.apache.polaris.core.persistence.dao.entity.BaseResult;
 import org.apache.polaris.core.persistence.dao.entity.GenerateEntityIdResult;
-import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
-import org.apache.polaris.core.storage.AccessConfig;
-import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
-import org.apache.polaris.core.storage.PolarisStorageIntegration;
-import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
 
 /** Shared basic PolarisMetaStoreManager logic for transactional and non-transactional impls. */
 public abstract class BaseMetaStoreManager implements PolarisMetaStoreManager {
   /** mapper, allows to serialize/deserialize properties to/from JSON */
   private static final ObjectMapper MAPPER = new ObjectMapper();
 
-  private final PolarisStorageIntegrationProvider storageIntegrationProvider;
-
-  public BaseMetaStoreManager(PolarisStorageIntegrationProvider storageIntegrationProvider) {
-    this.storageIntegrationProvider = storageIntegrationProvider;
-  }
-
-  /** {@inheritDoc} */
-  @Override
-  public @Nonnull ScopedCredentialsResult getSubscopedCredsForEntity(
-      @Nonnull PolarisCallContext callCtx,
-      @Nonnull PolarisStorageConfigurationInfo storageConfigurationInfo,
-      boolean allowListOperation,
-      @Nonnull Set<String> allowedReadLocations,
-      @Nonnull Set<String> allowedWriteLocations) {
-
-    // get meta store session we should be using
-    callCtx
-        .getDiagServices()
-        .check(
-            !allowedReadLocations.isEmpty() || !allowedWriteLocations.isEmpty(),
-            "allowed_locations_to_subscope_is_required");
-
-    // get storage integration
-    PolarisStorageIntegration<PolarisStorageConfigurationInfo> storageIntegration =
-        storageIntegrationProvider.getStorageIntegrationForConfig(storageConfigurationInfo);
-
-    // cannot be null
-    requireNonNull(storageIntegration);
-
-    try {
-      AccessConfig accessConfig =
-          storageIntegration.getSubscopedCreds(
-              callCtx.getRealmConfig(),
-              allowListOperation,
-              allowedReadLocations,
-              allowedWriteLocations);
-      return new ScopedCredentialsResult(accessConfig);
-    } catch (Exception ex) {
-      return new ScopedCredentialsResult(
-          BaseResult.ReturnStatus.SUBSCOPE_CREDS_ERROR, ex.getMessage());
-    }
-  }
-
   /**
    * Given the internal property as a map of key/value pairs, serialize it to a String
    *

polaris-core/src/main/java/org/apache/polaris/core/persistence/LocalPolarisMetaStoreManagerFactory.java

@@ -38,7 +38,6 @@
 import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
 import org.apache.polaris.core.persistence.transactional.TransactionalMetaStoreManagerImpl;
 import org.apache.polaris.core.persistence.transactional.TransactionalPersistence;
-import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -54,20 +53,16 @@ public abstract class LocalPolarisMetaStoreManagerFactory<StoreType>
   final Map<String, EntityCache> entityCacheMap = new HashMap<>();
   final Map<String, StoreType> backingStoreMap = new HashMap<>();
   final Map<String, Supplier<TransactionalPersistence>> sessionSupplierMap = new HashMap<>();
-  protected final PolarisStorageIntegrationProvider storageIntegrationProvider;
   private final Clock clock;
   private final PolarisDiagnostics diagnostics;
 
   private static final Logger LOGGER =
       LoggerFactory.getLogger(LocalPolarisMetaStoreManagerFactory.class);
 
   protected LocalPolarisMetaStoreManagerFactory(
-      @Nonnull Clock clock,
-      @Nonnull PolarisDiagnostics diagnostics,
-      @Nonnull PolarisStorageIntegrationProvider storageIntegrationProvider) {
+      @Nonnull Clock clock, @Nonnull PolarisDiagnostics diagnostics) {
     this.clock = clock;
     this.diagnostics = diagnostics;
-    this.storageIntegrationProvider = storageIntegrationProvider;
   }
 
   protected abstract StoreType createBackingStore(@Nonnull PolarisDiagnostics diagnostics);
@@ -93,7 +88,7 @@ protected PrincipalSecretsGenerator secretsGenerator(
    * into the existing realm-based setup flow.
    */
   protected PolarisMetaStoreManager createNewMetaStoreManager(Clock clock) {
-    return new TransactionalMetaStoreManagerImpl(clock, storageIntegrationProvider);
+    return new TransactionalMetaStoreManagerImpl(clock);
   }
 
   private void initializeForRealm(

polaris-core/src/main/java/org/apache/polaris/core/persistence/PolarisMetaStoreManager.java

@@ -49,17 +49,13 @@
 import org.apache.polaris.core.persistence.dao.entity.ResolvedEntityResult;
 import org.apache.polaris.core.persistence.pagination.PageToken;
 import org.apache.polaris.core.policy.PolarisPolicyMappingManager;
-import org.apache.polaris.core.storage.PolarisCredentialVendor;
 
 /**
  * Polaris Metastore Manager manages all Polaris entities and associated grant records metadata for
  * authorization. It uses the underlying persistent metastore to store and retrieve Polaris metadata
  */
 public interface PolarisMetaStoreManager
-    extends PolarisSecretsManager,
-        PolarisGrantManager,
-        PolarisCredentialVendor,
-        PolarisPolicyMappingManager {
+    extends PolarisSecretsManager, PolarisGrantManager, PolarisPolicyMappingManager {
 
   /**
    * Bootstrap the Polaris service, creating the root catalog, root principal, and associated

polaris-core/src/main/java/org/apache/polaris/core/persistence/TransactionWorkspaceMetaStoreManager.java

@@ -25,7 +25,6 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-import java.util.Set;
 import org.apache.polaris.core.PolarisCallContext;
 import org.apache.polaris.core.entity.LocationBasedEntity;
 import org.apache.polaris.core.entity.PolarisBaseEntity;
@@ -51,11 +50,9 @@
 import org.apache.polaris.core.persistence.dao.entity.PrincipalSecretsResult;
 import org.apache.polaris.core.persistence.dao.entity.PrivilegeResult;
 import org.apache.polaris.core.persistence.dao.entity.ResolvedEntityResult;
-import org.apache.polaris.core.persistence.dao.entity.ScopedCredentialsResult;
 import org.apache.polaris.core.persistence.pagination.PageToken;
 import org.apache.polaris.core.policy.PolicyEntity;
 import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.PolarisStorageConfigurationInfo;
 
 /**
  * Wraps an existing impl of PolarisMetaStoreManager and delegates expected "read" operations
@@ -330,21 +327,6 @@ public EntitiesResult loadTasks(
     return null;
   }
 
-  @Override
-  public ScopedCredentialsResult getSubscopedCredsForEntity(
-      @Nonnull PolarisCallContext callCtx,
-      @Nonnull PolarisStorageConfigurationInfo storageConfigurationInfo,
-      boolean allowListOperation,
-      @Nonnull Set<String> allowedReadLocations,
-      @Nonnull Set<String> allowedWriteLocations) {
-    return delegate.getSubscopedCredsForEntity(
-        callCtx,
-        storageConfigurationInfo,
-        allowListOperation,
-        allowedReadLocations,
-        allowedWriteLocations);
-  }
-
   @Override
   public ResolvedEntityResult loadResolvedEntityById(
       @Nonnull PolarisCallContext callCtx,

polaris-core/src/main/java/org/apache/polaris/core/persistence/transactional/TransactionalMetaStoreManagerImpl.java

@@ -75,7 +75,6 @@
 import org.apache.polaris.core.policy.PolicyEntity;
 import org.apache.polaris.core.policy.PolicyMappingUtil;
 import org.apache.polaris.core.policy.PolicyType;
-import org.apache.polaris.core.storage.PolarisStorageIntegrationProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -90,9 +89,7 @@ public class TransactionalMetaStoreManagerImpl extends BaseMetaStoreManager {
 
   private final Clock clock;
 
-  public TransactionalMetaStoreManagerImpl(
-      Clock clock, PolarisStorageIntegrationProvider storageIntegrationProvider) {
-    super(storageIntegrationProvider);
+  public TransactionalMetaStoreManagerImpl(Clock clock) {
     this.clock = clock;
   }