(pulsar) branch branch-3.0 updated: [fix][admin] Fix namespace admin api exception response (#22587)

Thu, 25 Apr 2024 18:50:37 -0700 

This is an automated email from the ASF dual-hosted git repository.

zhaocong pushed a commit to branch branch-3.0
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/branch-3.0 by this push:
     new 5ffec8a3cd8 [fix][admin] Fix namespace admin api exception response 
(#22587)
5ffec8a3cd8 is described below

commit 5ffec8a3cd89325a7040cb69c8370608092e2b33
Author: Cong Zhao <[email protected]>
AuthorDate: Fri Apr 26 09:18:27 2024 +0800

    [fix][admin] Fix namespace admin api exception response (#22587)
    
    (cherry picked from commit f25776d7fe6812f11b17226995d989c5a2364920)
---
 .../pulsar/broker/admin/impl/NamespacesBase.java   |  5 ++-
 .../pulsar/broker/admin/NamespaceAuthZTest.java    | 48 +++++++++++++++++++---
 2 files changed, 46 insertions(+), 7 deletions(-)

diff --git 
a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/NamespacesBase.java
 
b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/NamespacesBase.java
index d3c5f681b6d..a73ef0b4400 100644
--- 
a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/NamespacesBase.java
+++ 
b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/NamespacesBase.java
@@ -2042,7 +2042,7 @@ public abstract class NamespacesBase extends 
AdminResource {
     }
 
     protected void internalSetMaxSubscriptionsPerTopic(Integer 
maxSubscriptionsPerTopic){
-        validateNamespacePolicyOperationAsync(namespaceName, 
PolicyName.MAX_SUBSCRIPTIONS, PolicyOperation.WRITE);
+        validateNamespacePolicyOperation(namespaceName, 
PolicyName.MAX_SUBSCRIPTIONS, PolicyOperation.WRITE);
         validatePoliciesReadOnlyAccess();
         if (maxSubscriptionsPerTopic != null && maxSubscriptionsPerTopic < 0) {
             throw new RestException(Status.PRECONDITION_FAILED,
@@ -2148,9 +2148,10 @@ public abstract class NamespacesBase extends 
AdminResource {
                     f.complete(null);
                 })
                 .exceptionally(t -> {
+                    Throwable cause = FutureUtil.unwrapCompletionException(t);
                     log.error("[{}] Failed to update offloadThresholdInSeconds 
configuration for namespace {}",
                             clientAppId(), namespaceName, t);
-                    f.completeExceptionally(new RestException(t));
+                    f.completeExceptionally(new RestException(cause));
                     return null;
                 });
 
diff --git 
a/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/NamespaceAuthZTest.java
 
b/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/NamespaceAuthZTest.java
index cc905608016..bfd0dfaaffe 100644
--- 
a/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/NamespaceAuthZTest.java
+++ 
b/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/NamespaceAuthZTest.java
@@ -20,6 +20,10 @@
 package org.apache.pulsar.broker.admin;
 
 import io.jsonwebtoken.Jwts;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
 import lombok.Cleanup;
 import lombok.SneakyThrows;
 import org.apache.pulsar.client.admin.PulsarAdmin;
@@ -33,11 +37,6 @@ import org.testng.annotations.AfterClass;
 import org.testng.annotations.BeforeClass;
 import org.testng.annotations.Test;
 
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-import java.util.UUID;
-
 @Test(groups = "broker-admin")
 public class NamespaceAuthZTest extends MockedPulsarStandalone {
 
@@ -161,4 +160,43 @@ public class NamespaceAuthZTest extends 
MockedPulsarStandalone {
         }
         superUserAdmin.topics().delete(topic, true);
     }
+
+    @Test
+    @SneakyThrows
+    public void testOffloadThresholdInSeconds() {
+        final String namespace = "public/default";
+        final String subject = UUID.randomUUID().toString();
+        final String token = Jwts.builder()
+                .claim("sub", subject).signWith(SECRET_KEY).compact();
+        @Cleanup final PulsarAdmin subAdmin = PulsarAdmin.builder()
+                .serviceHttpUrl(getPulsarService().getWebServiceAddress())
+                .authentication(new AuthenticationToken(token))
+                .build();
+        Assert.assertThrows(PulsarAdminException.NotAuthorizedException.class,
+                () -> 
subAdmin.namespaces().getOffloadThresholdInSeconds(namespace));
+
+        Assert.assertThrows(PulsarAdminException.NotAuthorizedException.class,
+                () -> 
subAdmin.namespaces().setOffloadThresholdInSeconds(namespace, 10000));
+    }
+
+    @Test
+    @SneakyThrows
+    public void testMaxSubscriptionsPerTopic() {
+        final String namespace = "public/default";
+        final String subject = UUID.randomUUID().toString();
+        final String token = Jwts.builder()
+                .claim("sub", subject).signWith(SECRET_KEY).compact();
+        @Cleanup final PulsarAdmin subAdmin = PulsarAdmin.builder()
+                .serviceHttpUrl(getPulsarService().getWebServiceAddress())
+                .authentication(new AuthenticationToken(token))
+                .build();
+        Assert.assertThrows(PulsarAdminException.NotAuthorizedException.class,
+                () -> 
subAdmin.namespaces().getMaxSubscriptionsPerTopic(namespace));
+
+        Assert.assertThrows(PulsarAdminException.NotAuthorizedException.class,
+                () -> 
subAdmin.namespaces().setMaxSubscriptionsPerTopic(namespace, 100));
+
+        Assert.assertThrows(PulsarAdminException.NotAuthorizedException.class,
+                () -> 
subAdmin.namespaces().removeMaxSubscriptionsPerTopic(namespace));
+    }
 }

Reply via email to