xiaoyuyao commented on a change in pull request #2254:
URL: https://github.com/apache/ozone/pull/2254#discussion_r635557465
##########
File path:
hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/HddsUtils.java
##########
@@ -409,10 +414,10 @@ public static boolean requireBlockToken(
public static boolean requireContainerToken(
ContainerProtos.Type cmdType) {
switch (cmdType) {
+ case ListBlock:
Review comment:
Two reasons:
1. We are sending token validation error for those unsupported operation,
which makes it like the call is supported and we just need a valid token. The
actual reason that the operation is not supported will be hidden after this.
2. We don't need to secure APIs that we don't support. Some of those
unsupported operations are added in early days when SCM is not there. When the
implementation is added, I would suggest we review the security requirements
case by case then.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For additional commands, e-mail: issues-h...@ozone.apache.org
