liliguo2023 opened a new issue, #9966: URL: https://github.com/apache/rocketmq/issues/9966
### Before Creating the Bug Report - [x] I found a bug, not just asking a question, which should be created in [GitHub Discussions](https://github.com/apache/rocketmq/discussions). - [x] I have searched the [GitHub Issues](https://github.com/apache/rocketmq/issues) and [GitHub Discussions](https://github.com/apache/rocketmq/discussions) of this repository and believe that this is not a duplicate. - [x] I have confirmed that this bug belongs to the current repository, not other repositories of RocketMQ. ### Runtime platform environment macos ### RocketMQ version 5.3.4 ### JDK Version 1.8 ### Describe the Bug dashboard 可以创建 PolicyType 为Default 类型的acl,但是 mqadmin 删除acl的时候 无法指定 PolicyType,再加上mqadmin 和 dashboard都不强制 源ip 地址,dashboard遇到ip为 null 现在有bug,最坏情况就是在dashboard 创建了 Default 类型,并且没设置ip地址的acl,之后dashboard ACL Permissions页面就彻底挂了 <img width="1042" height="562" alt="Image" src="https://github.com/user-attachments/assets/7b17e093-d4be-4927-946c-265a7af7b868"; /> ### Steps to Reproduce 打开dashboard 创建 Default 类型的 acl ### What Did You Expect to See? dashboard 是否应该禁止创建 Default 类型的 acl,或者 mqadmin 支持删除 Default 类型的acl ### What Did You See Instead? 无法删除 PolicyType为Default 的 acl ### Additional Context ` // https://github.com/apache/rocketmq/blob/rocketmq-all-5.3.4/client/src/main/java/org/apache/rocketmq/client/impl/MQClientAPIImpl.java#L3553 // 创建 requestHeader 的时候就没传递 PolicyType public void deleteAcl(String addr, String subject, String resource, long millis) throws RemotingConnectException, RemotingSendRequestException, RemotingTimeoutException, InterruptedException, MQBrokerException { DeleteAclRequestHeader requestHeader = new DeleteAclRequestHeader(subject, resource); RemotingCommand request = RemotingCommand.createRequestCommand(RequestCode.AUTH_DELETE_ACL, requestHeader); RemotingCommand response = this.remotingClient.invokeSync(addr, request, millis); assert response != null; switch (response.getCode()) { case ResponseCode.SUCCESS: { return; } default: break; } throw new MQBrokerException(response.getCode(), response.getRemark()); } // https://github.com/apache/rocketmq/blob/rocketmq-all-5.3.4/auth/src/main/java/org/apache/rocketmq/auth/authorization/manager/AuthorizationMetadataManagerImpl.java // 可以看到 当前没有设置 policyType 的时候 设置的是 CUSTOM public CompletableFuture<Void> deleteAcl(Subject subject, PolicyType policyType, Resource resource) { try { if (subject == null) { throw new AuthorizationException("The subject is null."); } if (policyType == null) { policyType = PolicyType.CUSTOM; } ` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
