[GitHub] [pulsar] eolivelli commented on a change in pull request #13773: [Authorization] Role with namespace produce authz can also get topics

[GitBox]

eolivelli commented on a change in pull request #13773:
URL: https://github.com/apache/pulsar/pull/13773#discussion_r786475895



##########
File path: 
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java
##########
@@ -228,6 +228,40 @@ public void initialize(ServiceConfiguration conf, 
PulsarResources pulsarResource
         return allowTheSpecifiedActionOpsAsync(namespaceName, role, 
authenticationData, AuthAction.sinks);
     }
 
+    private CompletableFuture<Boolean> 
allowConsumeOrProduceOpsAsync(NamespaceName namespaceName,
+                                                                     String 
role,
+                                                                     
AuthenticationDataSource authenticationData) {
+        CompletableFuture<Boolean> finalResult = new CompletableFuture<>();
+        allowTheSpecifiedActionOpsAsync(namespaceName, role, 
authenticationData, AuthAction.produce)
+                .whenComplete((produceAuthorized, e) -> {
+                    if (e == null) {
+                        if (produceAuthorized) {
+                            finalResult.complete(produceAuthorized);
+                            return;
+                        }
+                    } else {
+                        if (log.isDebugEnabled()) {

Review comment:
       we cannot let pass every exception
   we should fall back to checking the second action only in case of missing 
authentication, otherwise if there is a system error (system overloaded?) we 
are going to generate the error twice 

##########
File path: 
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java
##########
@@ -228,6 +228,40 @@ public void initialize(ServiceConfiguration conf, 
PulsarResources pulsarResource
         return allowTheSpecifiedActionOpsAsync(namespaceName, role, 
authenticationData, AuthAction.sinks);
     }
 
+    private CompletableFuture<Boolean> 
allowConsumeOrProduceOpsAsync(NamespaceName namespaceName,
+                                                                     String 
role,
+                                                                     
AuthenticationDataSource authenticationData) {
+        CompletableFuture<Boolean> finalResult = new CompletableFuture<>();
+        allowTheSpecifiedActionOpsAsync(namespaceName, role, 
authenticationData, AuthAction.produce)
+                .whenComplete((produceAuthorized, e) -> {
+                    if (e == null) {
+                        if (produceAuthorized) {
+                            finalResult.complete(produceAuthorized);
+                            return;
+                        }
+                    } else {
+                        if (log.isDebugEnabled()) {
+                            log.debug("Namespace [{}] Role [{}] exception 
occurred while trying to check Produce "
+                                    + "permissions. {}", namespaceName, role, 
e.getMessage());
+                        }
+                    }
+                    allowTheSpecifiedActionOpsAsync(namespaceName, role, 
authenticationData, AuthAction.consume)

Review comment:
       can we do the check for "consume" as first check?
   this way the code will behave mostly like before and we are just adding the 
case for the "produce" action




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org