[GitHub] [pulsar] zhaohaidao commented on a change in pull request #5767: Support batch authorization of partitioned topic

Mon, 02 Dec 2019 17:00:59 -0800 

zhaohaidao commented on a change in pull request #5767: Support batch 
authorization of partitioned topic
URL: https://github.com/apache/pulsar/pull/5767#discussion_r352938788
 
 

 ##########
 File path: 
pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/PersistentTopicsBase.java
 ##########
 @@ -301,13 +295,29 @@ protected void internalGrantPermissionsOnTopic(String 
role, Set<AuthAction> acti
             log.warn("[{}] Failed to grant permissions on topic {}: concurrent 
modification", clientAppId(),
                     topicUri);
             throw new RestException(Status.CONFLICT, "Concurrent 
modification");
-        }
-        catch (Exception e) {
+        } catch (Exception e) {
             log.error("[{}] Failed to grant permissions for topic {}", 
clientAppId(), topicUri, e);
             throw new RestException(e);
         }
     }
 
+    protected void internalGrantPermissionsOnTopic(String role, 
Set<AuthAction> actions) {
+        // This operation should be reading from zookeeper and it should be 
allowed without having admin privileges
+        validateAdminAccessForTenant(namespaceName.getTenant());
+        validatePoliciesReadOnlyAccess();
+
+        PartitionedTopicMetadata meta = getPartitionedTopicMetadata(topicName, 
true, false);
 
 Review comment:
   @tuteng As far as I understand, rest API v1 already supports partitioned 
topic. Can you help me check if my understanding is right.
   org.apache.pulsar.broker.admin.v1.PersistentTopics has implement API about 
partitioned topic, like createPartitionedTopic and getPartitionedMetadata as 
followed
   ```java
       @PUT
       @Path("/{property}/{cluster}/{namespace}/{topic}/partitions")
       @ApiOperation(hidden = true, value = "Create a partitioned topic.", 
notes = "It needs to be called before creating a producer on a partitioned 
topic.")
       @ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have 
admin permission"),
               @ApiResponse(code = 409, message = "Partitioned topic already 
exist") })
       public void createPartitionedTopic(@PathParam("property") String 
property, @PathParam("cluster") String cluster,
               @PathParam("namespace") String namespace, @PathParam("topic") 
@Encoded String encodedTopic,
               int numPartitions) {
           validateTopicName(property, cluster, namespace, encodedTopic);
           internalCreatePartitionedTopic(numPartitions);
       }
   ...
       @GET
       @Path("/{property}/{cluster}/{namespace}/{topic}/partitions")
       @ApiOperation(hidden = true, value = "Get partitioned topic metadata.")
       @ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have 
admin permission") })
       public PartitionedTopicMetadata 
getPartitionedMetadata(@PathParam("property") String property,
               @PathParam("cluster") String cluster, @PathParam("namespace") 
String namespace,
               @PathParam("topic") @Encoded String encodedTopic,
               @QueryParam("authoritative") @DefaultValue("false") boolean 
authoritative,
               @QueryParam("checkAllowAutoCreation") @DefaultValue("false") 
boolean checkAllowAutoCreation) {
           validateTopicName(property, cluster, namespace, encodedTopic);
           return internalGetPartitionedMetadata(authoritative, 
checkAllowAutoCreation);
       }
   
   ```

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

Reply via email to