[pulsar] branch master updated: Add missing permission checck, fail update on non-existent ResourceGroup (#11957)

Mon, 13 Sep 2021 17:53:40 -0700 

This is an automated email from the ASF dual-hosted git repository.

aahmed pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new e671932  Add missing permission checck, fail update on non-existent 
ResourceGroup (#11957)
e671932 is described below

commit e671932e8d2416869a0c43b8a4f2ba3700cfc422
Author: ravi-vaidyanathan <[email protected]>
AuthorDate: Mon Sep 13 17:52:53 2021 -0700

    Add missing permission checck, fail update on non-existent ResourceGroup 
(#11957)
    
    Add unit tests
---
 .../broker/admin/impl/ResourceGroupsBase.java      |  2 +
 .../pulsar/broker/admin/AdminApiTlsAuthTest.java   | 67 ++++++++++++++++++++++
 .../client/admin/internal/ResourceGroupsImpl.java  |  4 +-
 3 files changed, 72 insertions(+), 1 deletion(-)

diff --git 
a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/ResourceGroupsBase.java
 
b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/ResourceGroupsBase.java
index 351f521..4e676a4 100644
--- 
a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/ResourceGroupsBase.java
+++ 
b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/ResourceGroupsBase.java
@@ -50,6 +50,7 @@ public abstract class ResourceGroupsBase extends 
AdminResource {
     protected ResourceGroup internalGetResourceGroup(String rgName) {
         try {
             final String resourceGroupPath = 
AdminResource.path(RESOURCEGROUPS, rgName);
+            validateSuperUserAccess();
             ResourceGroup resourceGroup = 
resourceGroupResources().get(resourceGroupPath)
                     .orElseThrow(() -> new 
RestException(Response.Status.NOT_FOUND, "ResourceGroup does not exist"));
             return resourceGroup;
@@ -161,6 +162,7 @@ public abstract class ResourceGroupsBase extends 
AdminResource {
          * need to walk the namespaces and make sure it is not in use
          */
         try {
+            validateSuperUserAccess();
             /*
              * walk the namespaces and make sure it is not in use.
              */
diff --git 
a/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/AdminApiTlsAuthTest.java
 
b/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/AdminApiTlsAuthTest.java
index fb39aae..c33676b 100644
--- 
a/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/AdminApiTlsAuthTest.java
+++ 
b/pulsar-broker/src/test/java/org/apache/pulsar/broker/admin/AdminApiTlsAuthTest.java
@@ -49,6 +49,7 @@ import org.apache.pulsar.client.api.Producer;
 import org.apache.pulsar.client.api.PulsarClient;
 import org.apache.pulsar.client.api.Schema;
 import org.apache.pulsar.common.policies.data.ClusterData;
+import org.apache.pulsar.common.policies.data.ResourceGroup;
 import org.apache.pulsar.common.tls.NoopHostnameVerifier;
 import org.apache.pulsar.common.policies.data.AuthAction;
 import org.apache.pulsar.common.policies.data.ClusterDataImpl;
@@ -175,6 +176,72 @@ public class AdminApiTlsAuthTest extends 
MockedPulsarServiceBaseTest {
     }
 
     @Test
+    public void testSuperUserCanGetResourceGroups() throws Exception {
+        try (PulsarAdmin admin = buildAdminClient("admin")) {
+            admin.resourcegroups().createResourceGroup("test-resource-group",
+                    new ResourceGroup());
+            admin.resourcegroups().getResourceGroup("test-resource-group");
+            Assert.assertEquals(ImmutableSet.of("test-resource-group"),
+                            admin.resourcegroups().getResourceGroups());
+            admin.resourcegroups().getResourceGroup("test-resource-group");
+        }
+    }
+
+    @Test
+    public void testSuperUserCanDeleteResourceGroups() throws Exception {
+        try (PulsarAdmin admin = buildAdminClient("admin")) {
+            admin.resourcegroups().createResourceGroup("test-resource-group",
+                    new ResourceGroup());
+            admin.resourcegroups().deleteResourceGroup("test-resource-group");
+        }
+    }
+
+    @Test
+    public void testProxyRoleCantDeleteResourceGroups() throws Exception {
+        try (PulsarAdmin admin = buildAdminClient("admin")) {
+            admin.resourcegroups().createResourceGroup("test-resource-group",
+                    new ResourceGroup());
+        }
+        try (PulsarAdmin admin = buildAdminClient("proxy")) {
+            admin.resourcegroups().deleteResourceGroup("test-resource-group");
+            Assert.fail("Shouldn't be able to delete ResourceGroup");
+        } catch (PulsarAdminException.NotAuthorizedException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testProxyRoleCantCreateResourceGroups() throws Exception {
+        try (PulsarAdmin admin = buildAdminClient("proxy")) {
+            admin.resourcegroups().createResourceGroup("test-resource-group",
+                    new ResourceGroup());
+            Assert.fail("Shouldn't be able to create ResourceGroup");
+        } catch (PulsarAdminException.NotAuthorizedException e) {
+            // expected
+        }
+    }
+
+    @Test
+    public void testProxyRoleCantGetResourceGroups() throws Exception {
+        try (PulsarAdmin admin = buildAdminClient("admin")) {
+            admin.resourcegroups().createResourceGroup("test-resource-group",
+                    new ResourceGroup());
+        }
+        try (PulsarAdmin admin = buildAdminClient("proxy")) {
+            admin.resourcegroups().getResourceGroups();
+            Assert.fail("Shouldn't be able to list ResourceGroups");
+        } catch (PulsarAdminException.NotAuthorizedException e) {
+            // expected
+        }
+        try (PulsarAdmin admin = buildAdminClient("proxy")) {
+            admin.resourcegroups().getResourceGroup("test-resource-group");
+            Assert.fail("Shouldn't be able to get ResourceGroup");
+        } catch (PulsarAdminException.NotAuthorizedException e) {
+            // expected
+        }
+    }
+
+    @Test
     public void testProxyRoleCantListNamespacesEvenWithAccess() throws 
Exception {
         try (PulsarAdmin admin = buildAdminClient("admin")) {
             admin.tenants().createTenant("tenant1",
diff --git 
a/pulsar-client-admin/src/main/java/org/apache/pulsar/client/admin/internal/ResourceGroupsImpl.java
 
b/pulsar-client-admin/src/main/java/org/apache/pulsar/client/admin/internal/ResourceGroupsImpl.java
index b099087..ecc424d 100644
--- 
a/pulsar-client-admin/src/main/java/org/apache/pulsar/client/admin/internal/ResourceGroupsImpl.java
+++ 
b/pulsar-client-admin/src/main/java/org/apache/pulsar/client/admin/internal/ResourceGroupsImpl.java
@@ -31,6 +31,7 @@ import org.apache.pulsar.client.admin.PulsarAdminException;
 import org.apache.pulsar.client.admin.ResourceGroups;
 import org.apache.pulsar.client.api.Authentication;
 import org.apache.pulsar.common.policies.data.ResourceGroup;
+import org.apache.pulsar.common.util.RestException;
 
 
 public class ResourceGroupsImpl extends BaseResource implements ResourceGroups 
{
@@ -130,8 +131,9 @@ public class ResourceGroupsImpl extends BaseResource 
implements ResourceGroups {
     @Override
     public void updateResourceGroup(String name, ResourceGroup resourcegroup) 
throws PulsarAdminException {
         try {
+            getResourceGroup(name);
             updateResourceGroupAsync(name, 
resourcegroup).get(this.readTimeoutMs, TimeUnit.MILLISECONDS);
-        } catch (ExecutionException e) {
+        } catch (ExecutionException | RestException e) {
             throw (PulsarAdminException) e.getCause();
         } catch (InterruptedException e) {
             Thread.currentThread().interrupt();

Reply via email to