Jason918 commented on a change in pull request #13904:
URL: https://github.com/apache/pulsar/pull/13904#discussion_r791686048
##########
File path:
pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
##########
@@ -307,6 +307,114 @@ protected static void
validateAdminAccessForTenant(PulsarService pulsar, String
}
}
+ /**
+ * Checks that the http client role has admin access to the specified
tenant async.
+ *
+ * @param tenant the tenant id
+ */
+ protected CompletableFuture<Void> validateAdminAccessForTenantAsync(String
tenant) {
+ return validateAdminAccessForTenantAsync(pulsar(), clientAppId(),
originalPrincipal(), tenant,
+ clientAuthData());
+ }
+
+ protected static CompletableFuture<Void> validateAdminAccessForTenantAsync(
+ PulsarService pulsar, String clientAppId,
+ String originalPrincipal, String tenant,
+ AuthenticationDataSource authenticationData) {
+ CompletableFuture<Void> future = new CompletableFuture<>();
+ if (log.isDebugEnabled()) {
+ log.debug("check admin access on tenant: {} - Authenticated: {} --
role: {}", tenant,
+ (isClientAuthenticated(clientAppId)), clientAppId);
+ }
+
+ pulsar.getPulsarResources().getTenantResources().getTenantAsync(tenant)
+ .thenAccept(tenantInfoOptional -> {
+ if (!tenantInfoOptional.isPresent()) {
+ throw new RestException(Status.NOT_FOUND, "Tenant does
not exist");
+ }
+ TenantInfo tenantInfo = tenantInfoOptional.get();
+ if (pulsar.getConfiguration().isAuthenticationEnabled() &&
pulsar.getConfiguration()
+ .isAuthorizationEnabled()) {
+ if (!isClientAuthenticated(clientAppId)) {
+ throw new RestException(Status.FORBIDDEN, "Need to
authenticate to perform the request");
+ }
+
+
validateOriginalPrincipal(pulsar.getConfiguration().getProxyRoles(),
clientAppId,
+ originalPrincipal);
+
+ if
(pulsar.getConfiguration().getProxyRoles().contains(clientAppId)) {
+ AuthorizationService authorizationService =
+
pulsar.getBrokerService().getAuthorizationService();
+ CompletableFuture<Boolean> isProxySuperUserFuture =
+
authorizationService.isSuperUser(clientAppId, authenticationData);
+ CompletableFuture<Boolean>
isOriginalPrincipalSuperUserFuture =
+
authorizationService.isSuperUser(originalPrincipal, authenticationData);
+
+
isProxySuperUserFuture.thenCompose(isProxySuperUser -> {
+ if (isProxySuperUser) {
+ return
CompletableFuture.completedFuture(true);
+ } else {
+ return
authorizationService.isTenantAdmin(tenant, clientAppId, tenantInfo,
+ authenticationData);
+ }
+ }).thenAccept(authorized -> {
+ if (!authorized) {
+ throw new
RestException(Status.UNAUTHORIZED,
Review comment:
This exception won't be passed to `exceptionally` in Line411, need
`thenCompse` in line 331
##########
File path:
pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
##########
@@ -307,6 +307,114 @@ protected static void
validateAdminAccessForTenant(PulsarService pulsar, String
}
}
+ /**
+ * Checks that the http client role has admin access to the specified
tenant async.
+ *
+ * @param tenant the tenant id
+ */
+ protected CompletableFuture<Void> validateAdminAccessForTenantAsync(String
tenant) {
+ return validateAdminAccessForTenantAsync(pulsar(), clientAppId(),
originalPrincipal(), tenant,
+ clientAuthData());
+ }
+
+ protected static CompletableFuture<Void> validateAdminAccessForTenantAsync(
+ PulsarService pulsar, String clientAppId,
+ String originalPrincipal, String tenant,
+ AuthenticationDataSource authenticationData) {
+ CompletableFuture<Void> future = new CompletableFuture<>();
+ if (log.isDebugEnabled()) {
+ log.debug("check admin access on tenant: {} - Authenticated: {} --
role: {}", tenant,
+ (isClientAuthenticated(clientAppId)), clientAppId);
+ }
+
+ pulsar.getPulsarResources().getTenantResources().getTenantAsync(tenant)
+ .thenAccept(tenantInfoOptional -> {
+ if (!tenantInfoOptional.isPresent()) {
+ throw new RestException(Status.NOT_FOUND, "Tenant does
not exist");
+ }
+ TenantInfo tenantInfo = tenantInfoOptional.get();
+ if (pulsar.getConfiguration().isAuthenticationEnabled() &&
pulsar.getConfiguration()
+ .isAuthorizationEnabled()) {
+ if (!isClientAuthenticated(clientAppId)) {
+ throw new RestException(Status.FORBIDDEN, "Need to
authenticate to perform the request");
+ }
+
+
validateOriginalPrincipal(pulsar.getConfiguration().getProxyRoles(),
clientAppId,
+ originalPrincipal);
+
+ if
(pulsar.getConfiguration().getProxyRoles().contains(clientAppId)) {
+ AuthorizationService authorizationService =
+
pulsar.getBrokerService().getAuthorizationService();
+ CompletableFuture<Boolean> isProxySuperUserFuture =
+
authorizationService.isSuperUser(clientAppId, authenticationData);
+ CompletableFuture<Boolean>
isOriginalPrincipalSuperUserFuture =
+
authorizationService.isSuperUser(originalPrincipal, authenticationData);
+
+
isProxySuperUserFuture.thenCompose(isProxySuperUser -> {
+ if (isProxySuperUser) {
+ return
CompletableFuture.completedFuture(true);
+ } else {
+ return
authorizationService.isTenantAdmin(tenant, clientAppId, tenantInfo,
+ authenticationData);
+ }
+ }).thenAccept(authorized -> {
+ if (!authorized) {
+ throw new
RestException(Status.UNAUTHORIZED,
+ String.format(
+ "Proxy not authorized to
access resource (proxy:%s,original:%s)",
+ clientAppId,
originalPrincipal));
+ }
+ });
+
+
isOriginalPrincipalSuperUserFuture.thenCompose(isOriginalPrincipalSuperUser -> {
+ if (isOriginalPrincipalSuperUser) {
+ return
CompletableFuture.completedFuture(true);
+ } else {
+ return
authorizationService.isTenantAdmin(tenant, originalPrincipal, tenantInfo,
+ authenticationData);
+ }
+ }).thenAccept(originalPrincipalAuthorized -> {
+ if (!originalPrincipalAuthorized) {
+ throw new
RestException(Status.UNAUTHORIZED,
+ String.format(
+ "Proxy not authorized to
access resource (proxy:%s,original:%s)",
+ clientAppId,
originalPrincipal));
+ } else {
+ log.debug("Successfully authorized {}
(proxied by {}) on tenant {}",
+ originalPrincipal, clientAppId,
tenant);
+ future.complete(null);
+ }
+ });
+ } else {
+ pulsar.getBrokerService()
+ .getAuthorizationService()
+ .isSuperUser(clientAppId,
authenticationData)
+ .thenCompose(isSuperUser -> {
+ if (!isSuperUser) {
+ return
pulsar.getBrokerService().getAuthorizationService()
+ .isTenantAdmin(tenant,
clientAppId, tenantInfo, authenticationData);
+ } else {
+ return
CompletableFuture.completedFuture(true);
+ }
+ }).thenAccept(authorized -> {
+ if (!authorized) {
+ throw new
RestException(Status.UNAUTHORIZED,
Review comment:
Same here.
##########
File path:
pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
##########
@@ -307,6 +307,114 @@ protected static void
validateAdminAccessForTenant(PulsarService pulsar, String
}
}
+ /**
+ * Checks that the http client role has admin access to the specified
tenant async.
+ *
+ * @param tenant the tenant id
+ */
+ protected CompletableFuture<Void> validateAdminAccessForTenantAsync(String
tenant) {
+ return validateAdminAccessForTenantAsync(pulsar(), clientAppId(),
originalPrincipal(), tenant,
+ clientAuthData());
+ }
+
+ protected static CompletableFuture<Void> validateAdminAccessForTenantAsync(
+ PulsarService pulsar, String clientAppId,
+ String originalPrincipal, String tenant,
+ AuthenticationDataSource authenticationData) {
+ CompletableFuture<Void> future = new CompletableFuture<>();
+ if (log.isDebugEnabled()) {
+ log.debug("check admin access on tenant: {} - Authenticated: {} --
role: {}", tenant,
+ (isClientAuthenticated(clientAppId)), clientAppId);
+ }
+
+ pulsar.getPulsarResources().getTenantResources().getTenantAsync(tenant)
+ .thenAccept(tenantInfoOptional -> {
+ if (!tenantInfoOptional.isPresent()) {
+ throw new RestException(Status.NOT_FOUND, "Tenant does
not exist");
+ }
+ TenantInfo tenantInfo = tenantInfoOptional.get();
+ if (pulsar.getConfiguration().isAuthenticationEnabled() &&
pulsar.getConfiguration()
+ .isAuthorizationEnabled()) {
+ if (!isClientAuthenticated(clientAppId)) {
+ throw new RestException(Status.FORBIDDEN, "Need to
authenticate to perform the request");
+ }
+
+
validateOriginalPrincipal(pulsar.getConfiguration().getProxyRoles(),
clientAppId,
+ originalPrincipal);
+
+ if
(pulsar.getConfiguration().getProxyRoles().contains(clientAppId)) {
+ AuthorizationService authorizationService =
+
pulsar.getBrokerService().getAuthorizationService();
+ CompletableFuture<Boolean> isProxySuperUserFuture =
+
authorizationService.isSuperUser(clientAppId, authenticationData);
+ CompletableFuture<Boolean>
isOriginalPrincipalSuperUserFuture =
+
authorizationService.isSuperUser(originalPrincipal, authenticationData);
+
+
isProxySuperUserFuture.thenCompose(isProxySuperUser -> {
+ if (isProxySuperUser) {
+ return
CompletableFuture.completedFuture(true);
+ } else {
+ return
authorizationService.isTenantAdmin(tenant, clientAppId, tenantInfo,
+ authenticationData);
+ }
+ }).thenAccept(authorized -> {
+ if (!authorized) {
+ throw new
RestException(Status.UNAUTHORIZED,
+ String.format(
+ "Proxy not authorized to
access resource (proxy:%s,original:%s)",
+ clientAppId,
originalPrincipal));
+ }
+ });
+
+
isOriginalPrincipalSuperUserFuture.thenCompose(isOriginalPrincipalSuperUser -> {
+ if (isOriginalPrincipalSuperUser) {
+ return
CompletableFuture.completedFuture(true);
+ } else {
+ return
authorizationService.isTenantAdmin(tenant, originalPrincipal, tenantInfo,
+ authenticationData);
+ }
+ }).thenAccept(originalPrincipalAuthorized -> {
+ if (!originalPrincipalAuthorized) {
+ throw new
RestException(Status.UNAUTHORIZED,
Review comment:
same here.
##########
File path:
pulsar-broker/src/main/java/org/apache/pulsar/broker/web/PulsarWebResource.java
##########
@@ -307,6 +307,114 @@ protected static void
validateAdminAccessForTenant(PulsarService pulsar, String
}
}
+ /**
+ * Checks that the http client role has admin access to the specified
tenant async.
+ *
+ * @param tenant the tenant id
+ */
+ protected CompletableFuture<Void> validateAdminAccessForTenantAsync(String
tenant) {
+ return validateAdminAccessForTenantAsync(pulsar(), clientAppId(),
originalPrincipal(), tenant,
+ clientAuthData());
+ }
+
+ protected static CompletableFuture<Void> validateAdminAccessForTenantAsync(
Review comment:
It's better to use this async method to implement the sync method
`validateAdminAccessForTenant`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
