[GitHub] [pulsar] rounak11 opened a new issue #8989: Pulsar Admin API - allows any authenticated user to delete or make changes to any tenant/namespace/topic

Thu, 17 Dec 2020 08:02:49 -0800 


rounak11 opened a new issue #8989:
URL: https://github.com/apache/pulsar/issues/8989


   **Describe the bug**
   1. Superuser is unable to produce or subscribe to the topics. 
   2. The delete persistent topic rest api does not seem to check 
originalPrincipal if the following permission grant is set
   namespace level - role granted to X
   topic level - no role granted or set
   
   **To Reproduce**
   
   We have a pulsar cluster setup based on the helm charts. Here are our 
configurations
   
   Proxy.conf:
   authorizationEnabled=false
   forwardAuthorizationCredentials=true
   
brokerClientAuthenticationParameters=tlsCertFile:dev.pulsar.cert.pem,tlsKeyFile:dev.pulsar.key-pk8.pem
   
   Broker.conf
   proxyRoles=dev.pulsar.com
   authenticateOriginalAuthData=true
   
authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
   superUserRoles=admin-dev.com,dev.pulsar.com
   
   Tenant: 'pulsartestclient1'
   Namespace: pulsartestclient1ns
   Topics: testtopic1, testtopic2
   Role: pulsartestclient1
   Action: produce, consume
   
   Tenant: 'pulsartestclient2'
   Namespace: pulsartestclient2ns
   Topics: testtopic1, testtopic2
   Role: pulsartestclient2
   Action: produce, consume
   
   **Issue**
   
   1. Using superuser role, we are unable to produce or consume messages to a 
topic
   pulsar-client produce 
persistent://pulsartestclient1/pulsartestclient1ns/testtopic1 -m "Testtopic1" 
-n 10
   Error: Valid Proxy Client role should be provided for lookup  with role 
dev.pulsar.com and proxyClientAuthRole dev.pulsar.com
   
   2. Using pulsartestclient1 role, we are able to delete this topic
   /admin/v2/topics/persistent/pulsartestclient2/pulsartestclient2ns/testtopic1
   
   **Expected behavior**
   1. Using superuser role, we should be able to produce or consume messages to 
a topic
   pulsar-client produce 
persistent://pulsartestclient1/pulsartestclient1ns/testtopic1 -m "Testtopic1" 
-n 10
   
   2. Using pulsartestclient1 role, we should not be able to delete this topic
   /admin/v2/topics/persistent/pulsartestclient2/pulsartestclient2ns/testtopic1
   
   **Screenshots**
   If applicable, add screenshots to help explain your problem.
   
   **Desktop (please complete the following information):**
    - OS: [e.g. iOS]
   
   **Additional context**
   Add any other context about the problem here.
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to