Re: [PR] [improve][broker] cleanup the empty subscriptionAuthenticationMap in zk when revoke subscription permission [pulsar]

Fri, 08 Dec 2023 05:51:03 -0800 


nodece commented on code in PR #21696:
URL: https://github.com/apache/pulsar/pull/21696#discussion_r1420469789


##########
pulsar-broker/src/test/java/org/apache/pulsar/client/api/AuthenticatedProducerConsumerTest.java:
##########
@@ -498,4 +498,55 @@ public void testCleanupEmptyTopicAuthenticationMap() 
throws Exception {
                     
.get().auth_policies.getTopicAuthentication().containsKey(topic));
         });
     }
+
+    @Test
+    public void testCleanupEmptySubscriptionAuthenticationMap() throws 
Exception {
+        Map<String, String> authParams = new HashMap<>();
+        authParams.put("tlsCertFile", getTlsFileForClient("admin.cert"));
+        authParams.put("tlsKeyFile", getTlsFileForClient("admin.key-pk8"));
+        Authentication authTls = new AuthenticationTls();
+        authTls.configure(authParams);
+        internalSetup(authTls);
+
+        admin.clusters().createCluster("test", ClusterData.builder().build());
+        admin.tenants().createTenant("p1",
+                new TenantInfoImpl(Collections.emptySet(), new 
HashSet<>(admin.clusters().getClusters())));
+        String namespace = "p1/ns1";
+        admin.namespaces().createNamespace("p1/ns1");
+
+        // grant permission1 and permission2
+        String subscription = "test-sub-1";
+        String role1 = "test-user-1";
+        String role2 = "test-user-2";
+        Set<String> roles = new HashSet<>();
+        roles.add(role1);
+        roles.add(role2);
+        admin.namespaces().grantPermissionOnSubscription(namespace, 
subscription, roles);
+        Awaitility.await().untilAsserted(() -> {
+            
assertTrue(pulsar.getPulsarResources().getNamespaceResources().getPolicies(NamespaceName.get(namespace))

Review Comment:
   Don't get the policies multiple times.
   ```
   Awaitility.await().untilAsserted(() -> {
       Optional<Policies> policiesOpt = 
pulsar.getPulsarResources().getNamespaceResources()
               .getPolicies(NamespaceName.get(namespace));
       assertTrue(policiesOpt.isPresent());
       Policies policies = policiesOpt.get();
       
assertTrue(policies.auth_policies.getSubscriptionAuthentication().containsKey(subscription));
       
assertTrue(policies.auth_policies.getSubscriptionAuthentication().get(subscription).contains(role1));
       
assertTrue(policies.auth_policies.getSubscriptionAuthentication().get(subscription).contains(role2));
   });
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to