rdhabalia commented on a change in pull request #2981: Allow subscribers to
access subscription admin-api
URL: https://github.com/apache/pulsar/pull/2981#discussion_r233585605
##########
File path:
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java
##########
@@ -71,6 +71,18 @@
CompletableFuture<Boolean> canConsumeAsync(TopicName topicName, String
role,
AuthenticationDataSource authenticationData, String subscription);
+ /**
+ * Returns authorized roles that can access admin-api for given
subscription
+ *
+ * @param topicName
+ * the fully qualified topic name associated with the topic.
+ * @param subscription
+ * the subscription name defined by the client
+ * @return
+ */
+ CompletableFuture<Set<String>> getAuthorizedRolesOnSubscription(TopicName
topicName,
Review comment:
> I would say to not add a new method, but rather handle that internally in
the canConsume().
@merlimat this will not work because we want to explicitly give access to
certain role that can use subscription-based admin-api (eg: reset-cursor, skip)
for a given subscription. If the role is not configured/present into
authorization list then admin-api request should fail.
whereas `canConsume()` can not fail if `subscription-authorization` list is
not configured. If we enforce `subscription-authorization` in `canConsume`
method then all existing consumer will start failing because we don't set this
permission explicitly.
I can make change in `canConsume()` where if `sub-authorization` is
configured then validate role else ignore the check. but we can't use
`canConsume()` for admin-api validation (once we have this check then we
deprecate `sub-prefix-auth`).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
