Fixes #27093 : Add warning logging to silent catch blocks in SubjectContext

[RajdeepKushwaha5]

Describe your changes:

Fixes #27093

Add warning-level logging to 5 silent catch blocks in SubjectContext.java — security-critical authorization code that silently swallowed all exceptions with no logging, making intermittent auth failures impossible to diagnose.

What changed:
All 5 catch blocks now log LOG.warn(...) with the exception message, full stack trace, and context (team name/ID, method purpose). No behavioral changes — the fail-closed pattern (returning false / skipping) is correct for security code and is preserved.

#	Method	Line	What it catches
1	isTeamAsset()	~171	Team entity lookup for asset ownership
2	isInTeam()	~201	Team hierarchy traversal for membership
3	getRolesForTeams()	~228	Role resolution from team hierarchy
4	hasRole()	~300	Role check via team parent chain
5	UserPolicyIterator	~473	Resource owner team policy loading

Why:
A transient DB failure during policy evaluation would silently deny user access with zero log entries. The class already uses LOG.warn() for circular dependency detection — these catches should be consistent.

How I tested:

• mvn spotless:check passes
• Verified no behavioral changes — same return values, same control flow
• Existing auth tests unaffected (purely additive logging)

This continues the silent exception cleanup pattern from PR #27063 (FeedRepository) and PR #27092 (SAML/IndexResource resource leaks).

Type of change:

• Bug fix

Checklist:

• I have read the CONTRIBUTING document.
• My PR title is Fixes #ISSUE_NUMBER: Add warning logging to silent catch blocks in SubjectContext
• I have commented on my code, particularly in hard-to-understand areas.
• For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

[github-actions]

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

[Copilot]

Pull request overview

Adds warning-level logging to previously silent exception catch blocks in SubjectContext to improve diagnosability of authorization/policy-evaluation failures without changing fail-closed behavior.

Changes:

• Added LOG.warn(...) to several catch blocks in team/role/policy traversal logic.
• Included contextual details (team/role identifiers) plus exception message + stack trace in logs.

[github-actions]

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

[github-actions]

🔴 Playwright Results — 1 failure(s), 24 flaky

✅ 3593 passed · ❌ 1 failed · 🟡 24 flaky · ⏭️ 207 skipped

Shard	Passed	Failed	Flaky	Skipped
🔴 Shard 1	453	1	3	2
🟡 Shard 2	638	0	4	32
🟡 Shard 3	646	0	5	26
🟡 Shard 4	617	0	5	47
🟡 Shard 5	604	0	3	67
🟡 Shard 6	635	0	4	33

Genuine Failures (failed on all attempts)

❌ Pages/SearchIndexApplication.spec.ts › Search Index Application (shard 1)

Error: �[2mexpect(�[22m�[31mreceived�[39m�[2m).�[22mtoEqual�[2m(�[22m�[32mexpected�[39m�[2m) // deep equality�[22m

Expected: �[32mStringMatching /success|activeError/g�[39m
Received: �[31m"failed"�[39m

🟡 24 flaky test(s) (passed on retry)

• Flow/Tour.spec.ts › Tour should work from help section (shard 1, 1 retry)
• Flow/Tour.spec.ts › Tour should work from welcome screen (shard 1, 1 retry)
• Pages/AuditLogs.spec.ts › should apply both User and EntityType filters simultaneously (shard 1, 2 retries)
• Features/BulkEditEntity.spec.ts › Glossary (shard 2, 1 retry)
• Features/DataQuality/TestCaseImportExportE2eFlow.spec.ts › Admin: Complete export-import-validate flow (shard 2, 1 retry)
• Features/DataQuality/TestCaseIncidentPermissions.spec.ts › User with only VIEW cannot PATCH incidents (shard 2, 1 retry)
• Features/DataQuality/TestCaseResultPermissions.spec.ts › User with TEST_CASE.EDIT_ALL can see edit action on test case (shard 2, 1 retry)
• Features/NestedColumnsExpandCollapse.spec.ts › should not duplicate rows when expanding and collapsing nested columns with same names (shard 3, 1 retry)
• Features/Permissions/GlossaryPermissions.spec.ts › Team-based permissions work correctly (shard 3, 1 retry)
• Features/Table.spec.ts › Tags term should be consistent for search (shard 3, 1 retry)
• Features/TestSuiteMultiPipeline.spec.ts › TestSuite multi pipeline support (shard 3, 1 retry)
• Flow/ExploreDiscovery.spec.ts › Should display deleted assets when showDeleted is checked and deleted is not present in queryFilter (shard 3, 1 retry)
• Pages/Customproperties-part2.spec.ts › entityReferenceList shows item count, scrollable list, no expand toggle (shard 4, 1 retry)
• Pages/DataContracts.spec.ts › Create Data Contract and validate for Directory (shard 4, 1 retry)
• Pages/DataContractsSemanticRules.spec.ts › Validate Owner Rule Any_In (shard 4, 1 retry)
• Pages/Domains.spec.ts › Multiple consecutive domain renames preserve all associations (shard 4, 1 retry)
• Pages/Entity.spec.ts › User as Owner with unsorted list (shard 4, 1 retry)
• Pages/ExplorePageRightPanel.spec.ts › Should update panel content when switching between entities (shard 5, 1 retry)
• Pages/ExploreTree.spec.ts › Verify Database and Database Schema available in explore tree (shard 5, 1 retry)
• Pages/Glossary.spec.ts › Add and Remove Assets (shard 5, 1 retry)
• Features/AutoPilot.spec.ts › Agents created by AutoPilot should be deleted (shard 6, 1 retry)
• Pages/Lineage/LineageFilters.spec.ts › Verify lineage schema filter selection (shard 6, 1 retry)
• Pages/ProfilerConfigurationPage.spec.ts › Non admin user (shard 6, 1 retry)
• Pages/Users.spec.ts › Permissions for table details page for Data Consumer (shard 6, 1 retry)

📦 Download artifacts

How to debug locally

# Download playwright-test-results-<shard> artifact and unzip
npx playwright show-trace path/to/trace.zip    # view trace

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

[gitar-bot]

Code Review ✅ Approved

Adds warning logging to 5 silent catch blocks in SubjectContext to improve error visibility and debuggability. No issues found.

Options

Display: compact → Showing less information.

Comment with these commands to change:

Compact

gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}

[sonarqubecloud]

Quality Gate passed for 'open-metadata-ingestion'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud