From 389ef4a47450edb6235828df00af03c8aadc29f5 Mon Sep 17 00:00:00 2001
From: Rory <roryqi@apache.org>
Date: Mon, 23 Dec 2024 15:02:27 +0800
Subject: [PATCH] [#5947] fix(auth): It will throw error if we enable
 authorization and rename catalog

---
 .../ranger/integration/test/RangerBaseE2EIT.java | 16 ++++++++++++++++
 .../authorization/AuthorizationUtils.java        | 14 ++++++++++++--
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/authorizations/authorization-ranger/src/test/java/org/apache/gravitino/authorization/ranger/integration/test/RangerBaseE2EIT.java b/authorizations/authorization-ranger/src/test/java/org/apache/gravitino/authorization/ranger/integration/test/RangerBaseE2EIT.java
index 95dc4f93636..5fef46dc609 100644
--- a/authorizations/authorization-ranger/src/test/java/org/apache/gravitino/authorization/ranger/integration/test/RangerBaseE2EIT.java
+++ b/authorizations/authorization-ranger/src/test/java/org/apache/gravitino/authorization/ranger/integration/test/RangerBaseE2EIT.java
@@ -29,8 +29,10 @@
 import java.util.List;
 import org.apache.commons.io.FileUtils;
 import org.apache.gravitino.Catalog;
+import org.apache.gravitino.CatalogChange;
 import org.apache.gravitino.MetadataObject;
 import org.apache.gravitino.MetadataObjects;
+import org.apache.gravitino.MetalakeChange;
 import org.apache.gravitino.NameIdentifier;
 import org.apache.gravitino.auth.AuthConstants;
 import org.apache.gravitino.authorization.Owner;
@@ -197,6 +199,20 @@ protected static void waitForUpdatingPolicies() throws InterruptedException {
 
   protected abstract void testAlterTable();
 
+  // ISSUE-5947: can't rename a catalog
+  @Test
+  void testRenameMetalakeOrCatalog() {
+    Assertions.assertDoesNotThrow(
+            () -> client.alterMetalake(metalakeName, MetalakeChange.rename("new_name")));
+    Assertions.assertDoesNotThrow(
+            () -> client.alterMetalake("new_name", MetalakeChange.rename(metalakeName)));
+
+    Assertions.assertDoesNotThrow(
+        () -> metalake.alterCatalog(catalogName, CatalogChange.rename("new_name")));
+    Assertions.assertDoesNotThrow(
+        () -> metalake.alterCatalog("new_name", CatalogChange.rename(catalogName)));
+  }
+
   @Test
   void testCreateSchema() throws InterruptedException {
     // Choose a catalog
diff --git a/core/src/main/java/org/apache/gravitino/authorization/AuthorizationUtils.java b/core/src/main/java/org/apache/gravitino/authorization/AuthorizationUtils.java
index ca5866558b4..ab8ca5348be 100644
--- a/core/src/main/java/org/apache/gravitino/authorization/AuthorizationUtils.java
+++ b/core/src/main/java/org/apache/gravitino/authorization/AuthorizationUtils.java
@@ -298,9 +298,19 @@ public static void authorizationPluginRenamePrivileges(
           NameIdentifierUtil.toMetadataObject(NameIdentifier.of(ident.namespace(), newName), type);
       MetadataObjectChange renameObject =
           MetadataObjectChange.rename(oldMetadataObject, newMetadataObject);
+
+      String metalake;
+      if (type == Entity.EntityType.METALAKE) {
+         metalake = newName;
+      } else {
+        metalake = ident.namespace().level(0);
+      }
+
+      // For a renamed catalog, we should pass the new name catalog, otherwise we can't find the
+      // catalog in the entity store
       callAuthorizationPluginForMetadataObject(
-          ident.namespace().level(0),
-          oldMetadataObject,
+          metalake,
+          newMetadataObject,
           authorizationPlugin -> {
             authorizationPlugin.onMetadataUpdated(renameObject);
           });