[spi] Add generateDatasourceConnection to ThirdEyeAuthorizer interface (

#1584) * [spi] Add generateDatasourceConnection method to ThirdEyeAuthorizer interface * Address feedback --------- Co-authored-by: Anshul Singh <anshul.singh@anshuls-macbook-pro-1.wyvern-sun.ts.net>
startreedata · Oct 9, 2024 · 0acf41e · 0acf41e
1 parent ea32f99
commit 0acf41e
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 0 deletions.
diff --git a/thirdeye-server/src/main/java/ai/startree/thirdeye/auth/ThirdEyeAuthorizerProvider.java b/thirdeye-server/src/main/java/ai/startree/thirdeye/auth/ThirdEyeAuthorizerProvider.java
@@ -15,6 +15,7 @@
 
 import static com.google.common.base.Preconditions.checkState;
 
+import ai.startree.thirdeye.spi.api.DataSourceApi;
 import ai.startree.thirdeye.spi.auth.AccessType;
 import ai.startree.thirdeye.spi.auth.ResourceIdentifier;
 import ai.startree.thirdeye.spi.auth.ThirdEyeAuthorizer;
@@ -89,6 +90,11 @@ public boolean authorize(final ThirdEyePrincipal principal, final ResourceIdenti
  return getAccessControl().listNamespaces(principal);
  }
 
+ @Override
+ public @Nullable DataSourceApi generateDatasourceConnection(final ThirdEyePrincipal principal) {
+ return getAccessControl().generateDatasourceConnection(principal);
+ }
+
  @VisibleForTesting
  public static class AlwaysAllowAuthorizer implements ThirdEyeAuthorizer {
 
@@ -120,6 +126,11 @@ public boolean authorize(final ThirdEyePrincipal principal, final ResourceIdenti
  }
  return LIST_OF_NULL;
  }
+
+ @Override
+ public @Nullable DataSourceApi generateDatasourceConnection(final ThirdEyePrincipal principal) {
+ return null;
+ }
  }
 
  private static class AlwaysDenyAuthorizer implements ThirdEyeAuthorizer {
@@ -134,5 +145,10 @@ public boolean authorize(final ThirdEyePrincipal principal, final ResourceIdenti
  public @NonNull List<String> listNamespaces(final ThirdEyePrincipal principal) {
  return List.of();
  }
+
+ @Override
+ public @Nullable DataSourceApi generateDatasourceConnection(final ThirdEyePrincipal principal) {
+ return null;
+ }
  }
 }
diff --git a/...ver/src/test/java/ai/startree/thirdeye/resources/testutils/SingleNamespaceAuthorizer.java b/...ver/src/test/java/ai/startree/thirdeye/resources/testutils/SingleNamespaceAuthorizer.java
@@ -13,6 +13,7 @@
  */
 package ai.startree.thirdeye.resources.testutils;
 
+import ai.startree.thirdeye.spi.api.DataSourceApi;
 import ai.startree.thirdeye.spi.auth.AccessType;
 import ai.startree.thirdeye.spi.auth.ResourceIdentifier;
 import ai.startree.thirdeye.spi.auth.ThirdEyeAuthorizer;
@@ -54,4 +55,9 @@ public boolean authorize(final ThirdEyePrincipal principal,
  public @NonNull List<String> listNamespaces(final ThirdEyePrincipal principal) {
  return Collections.singletonList(null);
  }
+
+ @Override
+ public @Nullable DataSourceApi generateDatasourceConnection(final ThirdEyePrincipal principal) {
+ return null;
+ }
 }
diff --git a/...rver/src/test/java/ai/startree/thirdeye/resources/testutils/SingleResourceAuthorizer.java b/...rver/src/test/java/ai/startree/thirdeye/resources/testutils/SingleResourceAuthorizer.java
@@ -13,13 +13,15 @@
  */
 package ai.startree.thirdeye.resources.testutils;
 
+import ai.startree.thirdeye.spi.api.DataSourceApi;
 import ai.startree.thirdeye.spi.auth.AccessType;
 import ai.startree.thirdeye.spi.auth.ResourceIdentifier;
 import ai.startree.thirdeye.spi.auth.ThirdEyeAuthorizer;
 import ai.startree.thirdeye.spi.auth.ThirdEyePrincipal;
 import java.util.Collections;
 import java.util.List;
 import org.checkerframework.checker.nullness.qual.NonNull;
+import org.checkerframework.checker.nullness.qual.Nullable;
 
 public class SingleResourceAuthorizer implements ThirdEyeAuthorizer {
 
@@ -39,4 +41,9 @@ public boolean authorize(final ThirdEyePrincipal principal, final ResourceIdenti
  public @NonNull List<String> listNamespaces(final ThirdEyePrincipal principal) {
  return Collections.singletonList(null);
  }
+
+ @Override
+ public @Nullable DataSourceApi generateDatasourceConnection(final ThirdEyePrincipal principal) {
+ return null;
+ }
 }
diff --git a/thirdeye-spi/src/main/java/ai/startree/thirdeye/spi/auth/ThirdEyeAuthorizer.java b/thirdeye-spi/src/main/java/ai/startree/thirdeye/spi/auth/ThirdEyeAuthorizer.java
@@ -14,9 +14,11 @@
 package ai.startree.thirdeye.spi.auth;
 
 import ai.startree.thirdeye.spi.PluginServiceFactory;
+import ai.startree.thirdeye.spi.api.DataSourceApi;
 import java.util.List;
 import java.util.Map;
 import org.checkerframework.checker.nullness.qual.NonNull;
+import org.checkerframework.checker.nullness.qual.Nullable;
 
 public interface ThirdEyeAuthorizer {
 
@@ -37,6 +39,19 @@ boolean authorize(
  // if the implementation does not support multiple namespace, please return a list with the value null Collections.singletonList(null)
  @NonNull List<String> listNamespaces(final ThirdEyePrincipal principal);
 
+ /**
+ * Generates a recommended datasource configuration to use in the ThirdEye instance.
+ * Does not create the datasource.
+ *
+ * Example: an authorizer plugin could:
+ * 1. set up a service account to connect to Pinot
+ * 2. return a valid datasource configuration that uses the service account just created.
+ *
+ * @param principal the principal to generate datasource for
+ * @return DataSourceApi -> Returns null if there is no recommended datasource configuration
+ */
+ @Nullable DataSourceApi generateDatasourceConnection(final ThirdEyePrincipal principal);
+
  interface ThirdEyeAuthorizerFactory extends
  PluginServiceFactory<ThirdEyeAuthorizer, Map<String, Object>> {}
 }