eolivelli commented on pull request #11986: URL: https://github.com/apache/pulsar/pull/11986#issuecomment-924070251
> but I think this pr is introducing a breaking change that now producer will need admin permission to be able to produce if using HttpLookupService, since when creating producer it'll get topic metadata first, which now validate `WRITE` permission on `TOPIC`, while current authz check is coarse-grained so it just check if role has admin permission > that's why the cpp test is failing > @codelipenghui @hangc0276 @eolivelli any thought on this? I recently filed this issue for a similar problem https://github.com/apache/pulsar/issues/11945 btw you are right, this is a breaking change. I believe that we should relax the authz checks if you only want to get the list of partitions, you do not need "admin" access -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
