liudezhi2098 commented on code in PR #14149:
URL: https://github.com/apache/pulsar/pull/14149#discussion_r851869005
##########
pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java:
##########
@@ -257,65 +260,125 @@ protected void validateAdminAccessForTenant(String
tenant) {
}
protected static void validateAdminAccessForTenant(PulsarService pulsar,
String clientAppId,
- String
originalPrincipal, String tenant,
-
AuthenticationDataSource authenticationData)
- throws Exception {
+ String originalPrincipal,
String tenant,
+ AuthenticationDataSource
authenticationData,
+ long timeout, TimeUnit unit) {
+ try {
+ validateAdminAccessForTenantAsync(pulsar, clientAppId,
originalPrincipal, tenant, authenticationData)
+ .get(timeout, unit);
+ } catch (InterruptedException | ExecutionException | TimeoutException
e) {
+ Throwable realCause = FutureUtil.unwrapCompletionException(e);
+ if (realCause instanceof WebApplicationException) {
+ throw (WebApplicationException) realCause;
+ } else {
+ throw new RestException(realCause);
+ }
+ }
+ }
+
+ /**
+ * Checks that the http client role has admin access to the specified
tenant async.
+ *
+ * @param tenant the tenant id
+ */
+ protected CompletableFuture<Void> validateAdminAccessForTenantAsync(String
tenant) {
+ return validateAdminAccessForTenantAsync(pulsar(), clientAppId(),
originalPrincipal(), tenant,
+ clientAuthData());
+ }
+
+ protected static CompletableFuture<Void> validateAdminAccessForTenantAsync(
+ PulsarService pulsar, String clientAppId,
+ String originalPrincipal, String tenant,
+ AuthenticationDataSource authenticationData) {
+ CompletableFuture<Void> future = new CompletableFuture<>();
if (log.isDebugEnabled()) {
log.debug("check admin access on tenant: {} - Authenticated: {} --
role: {}", tenant,
(isClientAuthenticated(clientAppId)), clientAppId);
}
- TenantInfo tenantInfo =
pulsar.getPulsarResources().getTenantResources().getTenant(tenant)
- .orElseThrow(() -> new RestException(Status.NOT_FOUND, "Tenant
does not exist"));
-
- if (pulsar.getConfiguration().isAuthenticationEnabled() &&
pulsar.getConfiguration().isAuthorizationEnabled()) {
- if (!isClientAuthenticated(clientAppId)) {
- throw new RestException(Status.FORBIDDEN, "Need to
authenticate to perform the request");
- }
-
-
validateOriginalPrincipal(pulsar.getConfiguration().getProxyRoles(),
clientAppId, originalPrincipal);
-
- if
(pulsar.getConfiguration().getProxyRoles().contains(clientAppId)) {
- CompletableFuture<Boolean> isProxySuperUserFuture;
- CompletableFuture<Boolean> isOriginalPrincipalSuperUserFuture;
- try {
- AuthorizationService authorizationService =
pulsar.getBrokerService().getAuthorizationService();
- isProxySuperUserFuture =
authorizationService.isSuperUser(clientAppId, authenticationData);
-
- isOriginalPrincipalSuperUserFuture =
-
authorizationService.isSuperUser(originalPrincipal, authenticationData);
-
- boolean proxyAuthorized = isProxySuperUserFuture.get()
- || authorizationService.isTenantAdmin(tenant,
clientAppId,
- tenantInfo, authenticationData).get();
- boolean originalPrincipalAuthorized =
- isOriginalPrincipalSuperUserFuture.get() ||
authorizationService.isTenantAdmin(tenant,
- originalPrincipal, tenantInfo,
authenticationData).get();
- if (!proxyAuthorized || !originalPrincipalAuthorized) {
- throw new RestException(Status.UNAUTHORIZED,
- String.format("Proxy not authorized to access
resource (proxy:%s,original:%s)",
- clientAppId, originalPrincipal));
+ pulsar.getPulsarResources().getTenantResources().getTenantAsync(tenant)
+ .thenCompose(tenantInfoOptional -> {
+ if (!tenantInfoOptional.isPresent()) {
+ throw new RestException(Status.NOT_FOUND, "Tenant does
not exist");
}
- } catch (InterruptedException | ExecutionException e) {
- throw new RestException(Status.INTERNAL_SERVER_ERROR,
e.getMessage());
- }
- log.debug("Successfully authorized {} (proxied by {}) on
tenant {}",
- originalPrincipal, clientAppId, tenant);
- } else {
- if (!pulsar.getBrokerService()
- .getAuthorizationService()
- .isSuperUser(clientAppId, authenticationData)
- .join()) {
- if (!pulsar.getBrokerService().getAuthorizationService()
- .isTenantAdmin(tenant, clientAppId, tenantInfo,
authenticationData).get()) {
- throw new RestException(Status.UNAUTHORIZED,
- "Don't have permission to administrate
resources on this tenant");
+ TenantInfo tenantInfo = tenantInfoOptional.get();
+ if (pulsar.getConfiguration().isAuthenticationEnabled() &&
pulsar.getConfiguration()
+ .isAuthorizationEnabled()) {
+ if (!isClientAuthenticated(clientAppId)) {
+ throw new RestException(Status.FORBIDDEN, "Need to
authenticate to perform the request");
+ }
+
validateOriginalPrincipal(pulsar.getConfiguration().getProxyRoles(),
clientAppId,
+ originalPrincipal);
+ if
(pulsar.getConfiguration().getProxyRoles().contains(clientAppId)) {
+ AuthorizationService authorizationService =
+
pulsar.getBrokerService().getAuthorizationService();
+ return authorizationService.isTenantAdmin(tenant,
clientAppId, tenantInfo,
+ authenticationData)
+ .thenCompose(isTenantAdmin -> {
+ String debugMsg = "Successfully authorized
{} (proxied by {}) on tenant {}";
+ if (!isTenantAdmin) {
+ return
authorizationService.isSuperUser(clientAppId, authenticationData)
+
.thenCombine(authorizationService.isSuperUser(originalPrincipal,
+
authenticationData),
+ new BiFunction<Boolean,
Boolean, Boolean>() {
Review Comment:
good idea
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
