sijie opened a new pull request #7788: URL: https://github.com/apache/pulsar/pull/7788
*Motivation* In 2.6.0, allowTopicOperationAsync checks if topic operations are allowed for the original role. But it checks if the proxy role is a super-user by mistake. It should check if the original role is a super-user. *Modifications* Fix the `allowTopicOperationAsync` to checks if the original role is a super-user role or topic operations are allowed. The current authorization provider interface is also confused. Because some of the interfaces verify both the proxy role and original role and some don't. The authorization provider doesn't have to care about the proxy role and original role. Hence this pull request refactors the authorization provider to authorize a given role and move the logic of verifying proxy and original roles to AuthorizationService. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
