merlimat commented on code in PR #20456:
URL: https://github.com/apache/pulsar/pull/20456#discussion_r1213339811
##########
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java:
##########
@@ -185,6 +185,18 @@ CompletableFuture<Boolean> allowSinkOpsAsync(NamespaceName
namespaceName, String
CompletableFuture<Void> grantPermissionAsync(NamespaceName namespace,
Set<AuthAction> actions, String role,
String authDataJson);
+ /**
+ * Revoke authorization-action permission on a namespace to the given
client.
+ * @param namespace
+ * @param role
+ * @return
+ */
+ default CompletableFuture<Void> revokePermissionAsync(NamespaceName
namespace, String role) {
Review Comment:
Agree, also the "revoke" is already broken today when using a custom authz
plugin. Even if today it succeeds, the revoke does nothing because it would
just try to remove the ACL from zookeeper, where there are not any.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
