Add DDL statements to drop branches and tags

[agrawalreetika]

Description

Add DDL statements to drop branches and tags

Motivation and Context

Resolves #22028

Impact

Resolves #22028

SQL support for dropping a branch from a table :

ALTER TABLE users DROP BRANCH 'branch1';

SQL support for dropping a tag from a table :

ALTER TABLE users DROP TAG 'tag1';

Test Plan

Contributor checklist

• Please make sure your submission complies with our development, formatting, commit message, and attribution guidelines.
• PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
• Documented new properties (with its default value), SQL syntax, functions, or other functionality.
• If release notes are required, they follow the release notes guidelines.
• Adequate tests were added if applicable.
• CI passed.

Release Notes

Please follow release notes guidelines and fill in the release notes below.

== RELEASE NOTES ==

General Changes
* DDL support for dropping a branch from a table. :pr:`23614`
* DDL support for dropping a tag from a table. :pr:`23614`

Iceberg Connector Changes
* Support for dropping a branch from an Iceberg table. :pr:`23614`
* Support for dropping a branch from an Iceberg table.  :pr:`23614`

[github-actions]

Codenotify: Notifying subscribers in CODENOTIFY files for diff c00f8af...6a679d8.

Notify	File(s)
@aditi-pandit	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4
@elharo	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4
@kaikalur	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4
@rschlussel	presto-parser/src/main/antlr4/com/facebook/presto/sql/parser/SqlBase.g4

[steveburnett]

LGTM! (docs)

Pull branch, local docs build, looks good. Thanks!

[ZacBlanco]

Some high level feedback. Most of the code looks good. I will take a closer look on 2nd pass.

Also, I wanted to bring a thought I had about parser extensions. Since many connectors will not support this branching and tagging, I was thinking that maybe we ought to consider designing a SQL syntax plugin extension interface. Spark allows custom syntax extensions through implementing some set of interfaces or bringing your own parser. The upstream iceberg project now maintains their own spark SQL syntax extensions.

I'm not proposing we need that for this PR, but maybe it's something we should start thinking about if connectors start adding more radically different features that would be best left to some syntax extensions/optional plugins, especially for things outside the SQL specification.

[ZacBlanco]

I wonder about the granularity of these methods. In other implementation (e.g. spark?) at what granularity do they enforce the ability to do CRUD operations on tags and branches?

I'm thinking about a few cases

1. A group or user(s) can only access a certain set of branches or tags
2. A group or user(s) can only create branches starting from a specific branch
3. A group or user(s) can create tags

I know we're only implementing DROP but I want to understand the whole story for access control around branches and tags. Would we ever need to pass the branch/tag to these methods?

[agrawalreetika]

I think the granularity of access control methods in Spark for CRUD operations on Iceberg tags and branches is limited by Spark's integration with external systems (such as file systems, catalogs, and security frameworks like Apache Ranger).
For example, Ranger policies can define access controls at the table level, which could be extended to manage specific branches or tag-based access.
And like for cloud-based catalogs like AWS Glue, you can control access to Iceberg metadata (branches and tags) via IAM policies that grant or restrict specific operations.

[ZacBlanco]

Thanks for the info. Would the parameters passed here as context have enough information for us to act at a similar granularity? I don't see anything in the method parameters that contains the branch name which I assume we would need to perform access control at a similar level.

[agrawalreetika]

I would like to discuss around this, Systems like Ranger can define access controls at the table level, column level. So in this case I think access of drop branch & tags could be table based. As per I can think of branch & tag level policies then has to be maintained on engine side if we introduce branch name / tag name in here?

[agrawalreetika]

@tdcmeehan What do you think about access control for branches and tags? Would be based on the parent table itself or based on the tags/branches?
My thinking was that since no policies are enforced based on branch/tags via security frameworks, should this honor the same access policies as table? Or if we don't even need access control exposed for dropTag & dropBranch?

[agrawalreetika]

@ZacBlanco Can you please take another pass?

[hantangwangd]

The whole change overall looks good to me. Some little nits, and one problem for discussing about the behavior of if exists on branch and tag.

[hantangwangd]

Suggested change

	public boolean isbranchExists()
	public boolean isBranchExists()

[hantangwangd]

Did you miss branchExists?

[hantangwangd]

Suggested change

	Objects.equals(branchExists, branchExists);
	Objects.equals(branchExists, that.branchExists);

[hantangwangd]

Suggested change

	Objects.equals(tagExists, tagExists);
	Objects.equals(tagExists, that.tagExists);

[hantangwangd]

Missed tagExists?

[hantangwangd]

The same as above, did not consider the if exists flag for tag.

[hantangwangd]

Should we take the value of if exists into consider here?

[hantangwangd]

The same as above, should we take the value of if exists into consider here?

[hantangwangd]

Is this a correct behavior? As I understand, this statement should not fail.

[hantangwangd]

The same as above, should this statement fail?