This is an automated email from the ASF dual-hosted git repository.
jackie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git
The following commit(s) were added to refs/heads/master by this push:
new a96e36eecd Simplify authrozation for table config get (#11640)
a96e36eecd is described below
commit a96e36eecd2a993c32090622f0f1b01d24b2230f
Author: Xiaotian (Jackie) Jiang <[email protected]>
AuthorDate: Wed Sep 20 17:40:29 2023 -0700
Simplify authrozation for table config get (#11640)
---
.../api/resources/PinotTableRestletResource.java | 25 +++++++---------------
1 file changed, 8 insertions(+), 17 deletions(-)
diff --git
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotTableRestletResource.java
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotTableRestletResource.java
index 29ff4a7849..b4dda6a56a 100644
---
a/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotTableRestletResource.java
+++
b/pinot-controller/src/main/java/org/apache/pinot/controller/api/resources/PinotTableRestletResource.java
@@ -349,7 +349,14 @@ public class PinotTableRestletResource {
NAME, CREATIONTIME, LASTMODIFIEDTIME
}
- private String listTableConfigs(String tableName, @Nullable String
tableTypeStr) {
+ @GET
+ @Path("/tables/{tableName}")
+ @Authorize(targetType = TargetType.TABLE, paramName = "tableName", action =
Actions.Table.GET_TABLE_CONFIG)
+ @Produces(MediaType.APPLICATION_JSON)
+ @ApiOperation(value = "Lists the table configs")
+ public String listTableConfigs(
+ @ApiParam(value = "Name of the table", required = true)
@PathParam("tableName") String tableName,
+ @ApiParam(value = "realtime|offline") @QueryParam("type") String
tableTypeStr) {
try {
ObjectNode ret = JsonUtils.newObjectNode();
@@ -372,22 +379,6 @@ public class PinotTableRestletResource {
}
}
- @GET
- @Produces(MediaType.APPLICATION_JSON)
- @ManualAuthorization
- @Path("/tables/{tableName}")
- @ApiOperation(value = "Lists the table configs")
- public String listTableConfig(
- @ApiParam(value = "Name of the table", required = true)
@PathParam("tableName") String tableName,
- @ApiParam(value = "realtime|offline") @QueryParam("type") String
tableTypeStr, @Context HttpHeaders httpHeaders,
- @Context Request request) {
- if (!_accessControlFactory.create()
- .hasAccess(httpHeaders, TargetType.TABLE, tableName,
Actions.Table.GET_TABLE_CONFIG)) {
- throw new ControllerApplicationException(LOGGER, "Permission denied",
Response.Status.FORBIDDEN);
- }
- return listTableConfigs(tableName, tableTypeStr);
- }
-
@DELETE
@Path("/tables/{tableName}")
@Authorize(targetType = TargetType.TABLE, paramName = "tableName", action =
Actions.Table.DELETE_TABLE)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
