Skip to content

fix: Denial by default to all resources when no permissions set #5663

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jyejare wants to merge 2 commits into
base: master
Choose a base branch
from
Open

fix: Denial by default to all resources when no permissions set #5663

jyejare wants to merge 2 commits into from

Conversation

@jyejare
Copy link
Contributor

@jyejare jyejare commented Oct 14, 2025
edited
Loading

What this PR does / why we need it:

We observed Inconsistent permission response behavior across Feature Store API routes.

  • Fixing the behaviour by changes in filter_only and named_patterns

Which issue(s) this PR fixes:

Inconsistent permission response behavior across Feature Store API routes. RHOAIENG-35929

Misc

@jyejare jyejare requested a review from a team as a code owner October 14, 2025 13:54
@jyejare jyejare changed the title Denial by default to all resources when no permissions set fix: Denial by default to all resources when no permissions set Oct 14, 2025
jameerpathan111
jameerpathan111 reviewed Oct 21, 2025
View reviewed changes
@jyejare
Denial by default to all resources when no permissions set
1d1bfb0 
Signed-off-by: jyejare <jyejare@redhat.com>

filter only for named patterns
No matching permissions are handled
@jyejare jyejare force-pushed the objects_default_deniel branch from 59af5bb to 1d1bfb0 Compare December 15, 2025 07:38
@jyejare
Tests are updated to match the new behavior
8739c76 
Signed-off-by: jyejare <jyejare@redhat.com>
ntkathole
ntkathole reviewed Dec 15, 2025
View reviewed changes
sdk/python/feast/permissions/enforcer.py
if not resource_type_permissions:
# No permissions exist for this resource type - should raise error
message = f"No permissions defined to manage {actions} on {type(resource)}/{resource.name}."
logger.exception(f"**PERMISSION NOT GRANTED**: {message}")
Copy link
Member

@ntkathole ntkathole Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this be logger.error() ?

Copy link
Contributor Author

@jyejare jyejare Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah thats error with exception :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ntkathole ntkathole ntkathole left review comments

+1 more reviewer

@jameerpathan111 jameerpathan111 jameerpathan111 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jyejare @ntkathole @jameerpathan111