suneet-s commented on a change in pull request #11718:
URL: https://github.com/apache/druid/pull/11718#discussion_r723368533
##########
File path:
indexing-service/src/test/java/org/apache/druid/indexing/overlord/http/OverlordResourceTest.java
##########
@@ -116,10 +117,22 @@ public Authorizer getAuthorizer(String name)
@Override
public Access authorize(AuthenticationResult authenticationResult,
Resource resource, Action action)
{
- if (resource.getName().equals("allow")) {
- return new Access(true);
- } else {
- return new Access(false);
+ final String username = authenticationResult.getIdentity();
+ switch (resource.getName()) {
+ case "allow":
+ return new Access(true);
+ case Datasources.WIKIPEDIA:
+ // All users can read wikipedia but only writer can write
+ return new Access(
+ action == Action.READ || Users.WIKI_WRITER.equals(username)
Review comment:
Primarily, yes.
Since there are only 2 actions, I suppose this is equivalent. If a new
action was added later, this logic may not match what is described in the
comment above.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
