merlimat commented on a change in pull request #12339:
URL: https://github.com/apache/pulsar/pull/12339#discussion_r727515017
##########
File path:
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java
##########
@@ -322,48 +324,42 @@ public void initialize(ServiceConfiguration conf,
PulsarResources pulsarResource
return updateSubscriptionPermissionAsync(namespace, subscriptionName,
Collections.singleton(role), true);
}
- private CompletableFuture<Void>
updateSubscriptionPermissionAsync(NamespaceName namespace, String
subscriptionName, Set<String> roles,
- boolean remove) {
- CompletableFuture<Void> result = new CompletableFuture<>();
-
+ private CompletableFuture<Void>
updateSubscriptionPermissionAsync(NamespaceName namespace, String
subscriptionName,
+
Set<String> roles,
+ boolean
remove) {
try {
validatePoliciesReadOnlyAccess();
} catch (Exception e) {
- result.completeExceptionally(e);
+ return FutureUtil.failedFuture(e);
}
- try {
- Policies policies =
pulsarResources.getNamespaceResources().getPolicies(namespace)
- .orElseThrow(() -> new NotFoundException(namespace + " not
found"));
- if (remove) {
- if
(policies.auth_policies.getSubscriptionAuthentication().get(subscriptionName)
!= null) {
-
policies.auth_policies.getSubscriptionAuthentication().get(subscriptionName).removeAll(roles);
- }else {
- log.info("[{}] Couldn't find role {} while revoking for
sub = {}", namespace, subscriptionName, roles);
- result.completeExceptionally(new
IllegalArgumentException("couldn't find subscription"));
- return result;
- }
- } else {
-
policies.auth_policies.getSubscriptionAuthentication().put(subscriptionName,
roles);
- }
- pulsarResources.getNamespaceResources().setPolicies(namespace,
(data)->policies);
+ CompletableFuture<Void> future =
+
pulsarResources.getNamespaceResources().setPoliciesAsync(namespace, policies ->
{
+ if (remove) {
+ if
(policies.auth_policies.getSubscriptionAuthentication().get(subscriptionName)
!= null) {
+
policies.auth_policies.getSubscriptionAuthentication().get(subscriptionName)
+ .removeAll(roles);
+ } else {
+ log.info("[{}] Couldn't find role {} while
revoking for sub = {}", namespace,
Review comment:
👍
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
