public PrincipalRole createAndAssignPrincipalRole()

in polaris-synchronizer/api/src/main/java/org/apache/polaris/tools/sync/polaris/access/AccessControlService.java [126:154]

• 25 lines of code
• 5 McCabe index (conditional complexity)

  public PrincipalRole createAndAssignPrincipalRole(
      PrincipalWithCredentials omnipotentPrincipal, boolean replace) {
    List<PrincipalRole> principalRoles = polaris.listPrincipalRoles();

    PrincipalRole omnipotentPrincipalRole =
        new PrincipalRole()
            .name(omnipotentPrincipal.getPrincipal().getName())
            .putPropertiesItem(OMNIPOTENCE_PROPERTY, "");

    for (PrincipalRole principalRole : principalRoles) {
      if (principalRole.getProperties() != null
          && principalRole.getProperties().containsKey(OMNIPOTENCE_PROPERTY)) {
        // replace existing principal role if exists
        if (replace) {
          polaris.dropPrincipalRole(principalRole.getName());
        } else {
          throw new IllegalStateException(
              "Not permitted to replace existing omnipotent principal role, but omnipotent "
                  + "principal role with property "
                  + OMNIPOTENCE_PROPERTY
                  + " already exists");
        }
      }
    }

    polaris.createPrincipalRole(omnipotentPrincipalRole);
    polaris.assignPrincipalRole(omnipotentPrincipal.getPrincipal().getName(), omnipotentPrincipalRole.getName());
    return omnipotentPrincipalRole;
  }