[GitHub] [pulsar] Technoboy- commented on a diff in pull request #20299: [improve][ws] Use allowTopicOperationAsync for authz checks

2023-05-11 Thread via GitHub 


Technoboy- commented on code in PR #20299:
URL: https://github.com/apache/pulsar/pull/20299#discussion_r1191000611


##
pulsar-websocket/src/main/java/org/apache/pulsar/websocket/ProducerHandler.java:
##
@@ -242,7 +244,19 @@ public long getMsgPublishedCounter() {
 
 @Override
 protected Boolean isAuthorized(String authRole, AuthenticationDataSource 
authenticationData) throws Exception {
-return service.getAuthorizationService().canProduce(topic, authRole, 
authenticationData);
+try {
+return service.getAuthorizationService()
+.allowTopicOperationAsync(topic, TopicOperation.PRODUCE, 
authRole, authenticationData)
+
.get(service.getConfig().getMetadataStoreOperationTimeoutSeconds(), SECONDS);
+} catch (InterruptedException e) {

Review Comment:
   `InterruptedException` > `ExecutionException | InterruptedException | 
TimeoutException` ?



##
pulsar-websocket/src/main/java/org/apache/pulsar/websocket/ConsumerHandler.java:
##
@@ -467,8 +470,21 @@ protected ConsumerBuilder 
getConsumerConfiguration(PulsarClient client)
 
 @Override
 protected Boolean isAuthorized(String authRole, AuthenticationDataSource 
authenticationData) throws Exception {
-return service.getAuthorizationService().canConsume(topic, authRole, 
authenticationData,
-this.subscription);
+try {
+AuthenticationDataSubscription subscription = new 
AuthenticationDataSubscription(authenticationData,
+this.subscription);
+return service.getAuthorizationService()
+.allowTopicOperationAsync(topic, TopicOperation.CONSUME, 
authRole, subscription)
+
.get(service.getConfig().getMetadataStoreOperationTimeoutSeconds(), SECONDS);
+} catch (InterruptedException e) {

Review Comment:
   `InterruptedException` > `ExecutionException | InterruptedException | 
TimeoutException`



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar] Technoboy- commented on a diff in pull request #20299: [improve][ws] Use allowTopicOperationAsync for authz checks

2023-05-11 Thread via GitHub 


Technoboy- commented on code in PR #20299:
URL: https://github.com/apache/pulsar/pull/20299#discussion_r1191000219


##
pulsar-websocket/src/main/java/org/apache/pulsar/websocket/ConsumerHandler.java:
##
@@ -467,8 +470,21 @@ protected ConsumerBuilder 
getConsumerConfiguration(PulsarClient client)
 
 @Override
 protected Boolean isAuthorized(String authRole, AuthenticationDataSource 
authenticationData) throws Exception {
-return service.getAuthorizationService().canConsume(topic, authRole, 
authenticationData,
-this.subscription);
+try {
+AuthenticationDataSubscription subscription = new 
AuthenticationDataSubscription(authenticationData,
+this.subscription);
+return service.getAuthorizationService()
+.allowTopicOperationAsync(topic, TopicOperation.CONSUME, 
authRole, subscription)
+
.get(service.getConfig().getMetadataStoreOperationTimeoutSeconds(), SECONDS);
+} catch (InterruptedException e) {

Review Comment:
   InterruptedException > `ExecutionException | InterruptedException | 
TimeoutException`



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org