This is an automated email from the ASF dual-hosted git repository. mmarshall pushed a commit to branch branch-2.8 in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit e910bf0d6ce87938f06f14fb582763bce2da1789 Author: Michael Marshall <[email protected]> AuthorDate: Mon Dec 6 08:22:00 2021 -0600 [Authorization] Revert new AuthorizationProvider method (#13133) (cherry picked from commit d1156caf0dbe8c04a604a28a32800281d7ee2d2a) --- .../pulsar/broker/authorization/AuthorizationProvider.java | 10 ---------- .../authorization/MultiRolesTokenAuthorizationProvider.java | 5 ----- .../broker/authorization/PulsarAuthorizationProvider.java | 7 +------ .../apache/pulsar/broker/auth/MockAuthorizationProvider.java | 6 ------ .../pulsar/client/api/AuthorizationProducerConsumerTest.java | 5 ----- .../pulsar/client/impl/PatternTopicsConsumerImplAuthTest.java | 5 ----- 6 files changed, 1 insertion(+), 37 deletions(-) diff --git a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java index 6e930a4..443a2a8 100644 --- a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java +++ b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java @@ -164,16 +164,6 @@ public interface AuthorizationProvider extends Closeable { AuthenticationDataSource authenticationData); /** - * Allow consume operations with in this namespace - * @param namespaceName The namespace that the consume operations can be executed in - * @param role The role to check - * @param authenticationData authentication data related to the role - * @return a boolean to determine whether authorized or not - */ - CompletableFuture<Boolean> allowConsumeOpsAsync(NamespaceName namespaceName, String role, - AuthenticationDataSource authenticationData); - - /** * * Grant authorization-action permission on a namespace to the given client * diff --git a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/MultiRolesTokenAuthorizationProvider.java b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/MultiRolesTokenAuthorizationProvider.java index 0f6c2cb..23fb7bc 100644 --- a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/MultiRolesTokenAuthorizationProvider.java +++ b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/MultiRolesTokenAuthorizationProvider.java @@ -210,11 +210,6 @@ public class MultiRolesTokenAuthorizationProvider extends PulsarAuthorizationPro } @Override - public CompletableFuture<Boolean> allowConsumeOpsAsync(NamespaceName namespaceName, String role, AuthenticationDataSource authenticationData) { - return authorize(authenticationData, r -> super.allowConsumeOpsAsync(namespaceName, r, authenticationData)); - } - - @Override public CompletableFuture<Boolean> allowTenantOperationAsync(String tenantName, String role, TenantOperation operation, diff --git a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java index 7be0cac..d276757 100644 --- a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java +++ b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java @@ -235,11 +235,6 @@ public class PulsarAuthorizationProvider implements AuthorizationProvider { return allowTheSpecifiedActionOpsAsync(namespaceName, role, authenticationData, AuthAction.sinks); } - @Override - public CompletableFuture<Boolean> allowConsumeOpsAsync(NamespaceName namespaceName, String role, AuthenticationDataSource authenticationData) { - return allowTheSpecifiedActionOpsAsync(namespaceName, role, authenticationData, AuthAction.consume); - } - private CompletableFuture<Boolean> allowTheSpecifiedActionOpsAsync(NamespaceName namespaceName, String role, AuthenticationDataSource authenticationData, AuthAction authAction) { @@ -548,7 +543,7 @@ public class PulsarAuthorizationProvider implements AuthorizationProvider { case GET_TOPICS: case UNSUBSCRIBE: case CLEAR_BACKLOG: - isAuthorizedFuture = allowConsumeOpsAsync(namespaceName, role, authData); + isAuthorizedFuture = allowTheSpecifiedActionOpsAsync(namespaceName, role, authData, AuthAction.consume); break; default: isAuthorizedFuture = CompletableFuture.completedFuture(false); diff --git a/pulsar-broker/src/test/java/org/apache/pulsar/broker/auth/MockAuthorizationProvider.java b/pulsar-broker/src/test/java/org/apache/pulsar/broker/auth/MockAuthorizationProvider.java index ae9480b..421da4f 100644 --- a/pulsar-broker/src/test/java/org/apache/pulsar/broker/auth/MockAuthorizationProvider.java +++ b/pulsar-broker/src/test/java/org/apache/pulsar/broker/auth/MockAuthorizationProvider.java @@ -105,12 +105,6 @@ public class MockAuthorizationProvider implements AuthorizationProvider { } @Override - public CompletableFuture<Boolean> allowConsumeOpsAsync(NamespaceName namespaceName, String role, - AuthenticationDataSource authenticationData) { - return roleAuthorizedAsync(role); - } - - @Override public CompletableFuture<Void> grantPermissionAsync(NamespaceName namespace, Set<AuthAction> actions, String role, String authDataJson) { return CompletableFuture.completedFuture(null); diff --git a/pulsar-broker/src/test/java/org/apache/pulsar/client/api/AuthorizationProducerConsumerTest.java b/pulsar-broker/src/test/java/org/apache/pulsar/client/api/AuthorizationProducerConsumerTest.java index 603a816..78f71f2 100644 --- a/pulsar-broker/src/test/java/org/apache/pulsar/client/api/AuthorizationProducerConsumerTest.java +++ b/pulsar-broker/src/test/java/org/apache/pulsar/client/api/AuthorizationProducerConsumerTest.java @@ -614,11 +614,6 @@ public class AuthorizationProducerConsumerTest extends ProducerConsumerBase { } @Override - public CompletableFuture<Boolean> allowConsumeOpsAsync(NamespaceName namespaceName, String role, AuthenticationDataSource authenticationData) { - return null; - } - - @Override public CompletableFuture<Void> grantPermissionAsync(NamespaceName namespace, Set<AuthAction> actions, String role, String authenticationData) { return CompletableFuture.completedFuture(null); diff --git a/pulsar-broker/src/test/java/org/apache/pulsar/client/impl/PatternTopicsConsumerImplAuthTest.java b/pulsar-broker/src/test/java/org/apache/pulsar/client/impl/PatternTopicsConsumerImplAuthTest.java index adb427d..af47c79 100644 --- a/pulsar-broker/src/test/java/org/apache/pulsar/client/impl/PatternTopicsConsumerImplAuthTest.java +++ b/pulsar-broker/src/test/java/org/apache/pulsar/client/impl/PatternTopicsConsumerImplAuthTest.java @@ -297,11 +297,6 @@ public class PatternTopicsConsumerImplAuthTest extends ProducerConsumerBase { } @Override - public CompletableFuture<Boolean> allowConsumeOpsAsync(NamespaceName namespaceName, String role, AuthenticationDataSource authenticationData) { - return null; - } - - @Override public CompletableFuture<Void> grantPermissionAsync(NamespaceName namespace, Set<AuthAction> actions, String role, String authenticationData) { return CompletableFuture.completedFuture(null);
