michaeljmarshall opened a new pull request, #20142: URL: https://github.com/apache/pulsar/pull/20142
Reverts: https://github.com/apache/pulsar/pull/20068 Fixes: https://github.com/apache/pulsar/issues/20066 ### Motivation In https://github.com/apache/pulsar/pull/20068 we changed the way that the `AuthorizationService` is implemented. I think this approach could have unintended consequences. Instead, I think we should change the `Consumer` and the `Producer` logic to call the correct `AuthorizationService` method. Given that our goal is to deprecate the `AuthorizationService` methods for `canProduce` and `canConsume`, this change helps us move in the right direction. ### Modifications * Revert https://github.com/apache/pulsar/pull/20068 * Update `Producer` and `Consumer` in broker to call the `AuthorizationService#allowTopicOperationAsync` method. ### Verifying this change This change is trivial. It removes certain test changes that were only made to make the previous PR work. ### Does this pull request potentially affect one of the following parts: The primary point of this change and of #20068 was to allow tenant admins the permission to produce/consume in certain edge cases. This is technically an elevation of privileges because a given role will have "new permission", but in this context, it is expected that a tenant admin can produce/consume, so that makes this a bug fix. ### Documentation - [x] `doc-not-needed` ### Matching PR in forked repository PR in forked repository: Skipping PR as I ran tests locally. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
