[ https://issues.apache.org/jira/browse/SOLR-8415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15094863#comment-15094863 ]
Gregory Chanan commented on SOLR-8415: -------------------------------------- bq. Aside: There has to be a better way to share this than just pasting my proposed changes in a comment each time. Hmm, you could just go ahead and change the wiki I guess? Don't know of a better way. Patch looks good. Some comments: 1) Provide javadoc for {code}+ public Stat setACL(String path, List<ACL> acls, boolean retryOnConnLoss) throws InterruptedException, KeeperException { {code} 2) Using the @FunctionalInterface stuff means I can't commit this to 5.x, are you okay with that? 3) The set vs reset in SolrZkClient is kind of confusing. As it stands, set means a single node, reset means recursive. That's not the common usage of the words, e.g. we don't have clean vs reclean to mean a single node vs recursively (there it's delete vs clean). I don't know which terminology to use; reset seems to imply changing from ACLs that existed (either from secure-> other secure or secure->unsecure), while set seems to imply changing from unsecure to secure. This is really a problem with ZooKeeper lacking declarative APIs (what you actually want is an API that says "after this runs, the ACLs are this" -- you don't really care how it actually happens). Given that, what makes the most sense to me is to just call everything "set", since this matches the ZK API that you are calling. Maybe instead of setAcl vs resetACLs you should have setAcl vs setAcls or setAcl vs setAclsRecursively. Thoughts? > Provide command to switch between non/secure mode in ZK > ------------------------------------------------------- > > Key: SOLR-8415 > URL: https://issues.apache.org/jira/browse/SOLR-8415 > Project: Solr > Issue Type: Improvement > Components: security, SolrCloud > Reporter: Mike Drob > Assignee: Gregory Chanan > Fix For: Trunk > > Attachments: SOLR-8415.patch, SOLR-8415.patch, SOLR-8415.patch, > SOLR-8415.patch > > > We have the ability to run both with and without zk acls, but we don't have a > great way to switch between the two modes. Most common use case, I imagine, > would be upgrading from an old version that did not support this to a new > version that does, and wanting to protect all of the existing content in ZK, > but it is conceivable that a user might want to remove ACLs as well. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org