zachjsh commented on code in PR #14003:
URL: https://github.com/apache/druid/pull/14003#discussion_r1157513262
##########
indexing-service/src/main/java/org/apache/druid/indexing/overlord/http/OverlordResource.java:
##########
@@ -188,14 +194,36 @@ public OverlordResource(
public Response taskPost(final Task task, @Context final HttpServletRequest
req)
{
final String dataSource = task.getDataSource();
- final ResourceAction resourceAction = new ResourceAction(
- new Resource(dataSource, ResourceType.DATASOURCE),
- Action.WRITE
- );
+ final Set<ResourceAction> resourceActions = new HashSet<>();
+ resourceActions.add(new ResourceAction(new Resource(dataSource,
ResourceType.DATASOURCE), Action.WRITE));
+ if (authConfig.isEnableInputSourceSecurity()) {
+ if (task.usesFirehose()) {
+ return Response.status(Response.Status.BAD_REQUEST)
+ .entity(
+ ImmutableMap.of(
+ "error",
+ StringUtils.format(
+ "Input source based security cannot be performed for
Task[%s] because it uses firehose."
+ + "Change the tasks configuration, or disable
`isEnableInputSourceSecurity`",
+ task.getId()
+ )
+ )
+ )
+ .build();
+ }
+ if (null != task.getInputSourceTypes()) {
Review Comment:
fixed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
