dragonls commented on PR #20068: URL: https://github.com/apache/pulsar/pull/20068#issuecomment-1504769161
In fact, there are many places in the current code that check the permission of super user or tenant admin: 1. `org.apache.pulsar.broker.authorization.AuthorizationProvider#isSuperUser` in `org.apache.pulsar.broker.authorization.AuthorizationService`, including functions `canProduceAsync`, `canConsumeAsync`, `canLookupAsync`. **No tenant admin check here.** 2. `org.apache.pulsar.broker.authorization.AuthorizationProvider#isSuperUserOrAdmin` in `org.apache.pulsar.broker.authorization.AuthorizationService`, including function `allowSinkOpsAsync`, `allowSourceOpsAsync`, `allowFunctionOpsAsync`. 3. After this PR, `org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider#validateTenantAdminAccess` in `org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider`, including functions `canProduceAsync`, `canConsumeAsync`. **No tenant admin check in `allowTheSpecifiedActionOpsAsync`.** Maybe we need to uniformly add/update permission check wherever we need. And also remove some reduplicated check, for example: 1. `validateTenantAdminAccess` in `org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider#allowTopicOperationAsync` 2. `isSuperUser` in `org.apache.pulsar.broker.authorization.AuthorizationService`, including functions `canProduceAsync`, `canConsumeAsync`, `canLookupAsync`. What do you think? @Technoboy- @nodece -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
