Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Authorization] Support GET_BACKLOG_SIZE topic op after enable auth #12850

Merged
merged 1 commit into from
Nov 19, 2021
Merged

[Authorization] Support GET_BACKLOG_SIZE topic op after enable auth #12850

merged 1 commit into from
Nov 19, 2021

Conversation

yuruguo
Copy link
Contributor

@yuruguo yuruguo commented Nov 17, 2021

Motivation

Currently, we can get the backlog size of a topic through bin/pulsar-admin topics get-backlog-size tn1/ns1/tp1, however I found that PulsarAuthorizationProvider lacks support for topic operation GET_BACKLOG_SIZE when verifying the role's authorization, code as below:

pulsar/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/PersistentTopicsBase.java

Line 2767 in b99f75e

validateTopicOperation(topicName, TopicOperation.GET_BACKLOG_SIZE);

pulsar/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java

Lines 569 to 599 in b99f75e

switch (operation) {
case LOOKUP:
case GET_STATS:
case GET_METADATA:
isAuthorizedFuture = canLookupAsync(topicName, role, authData);
break;
case PRODUCE:
isAuthorizedFuture = canProduceAsync(topicName, role, authData);
break;
case GET_SUBSCRIPTIONS:
case CONSUME:
case SUBSCRIBE:
case UNSUBSCRIBE:
case SKIP:
case EXPIRE_MESSAGES:
case PEEK_MESSAGES:
case RESET_CURSOR:
case SET_REPLICATED_SUBSCRIPTION_STATUS:
isAuthorizedFuture = canConsumeAsync(topicName, role, authData, authData.getSubscription());
break;
case TERMINATE:
case COMPACT:
case OFFLOAD:
case UNLOAD:
case ADD_BUNDLE_RANGE:
case GET_BUNDLE_RANGE:
case DELETE_BUNDLE_RANGE:
return validateTenantAdminAccess(topicName.getTenant(), role, authData);
default:
return FutureUtil.failedFuture(
new IllegalStateException("TopicOperation [" + operation.name() + "] is not supported."));

The purpose of this PR is to support role with consume topic authorization to GET_BACKLOG_SIZE of topic.

Documentation

  • no-need-doc

@github-actions github-actions bot added the doc-not-needed Your PR changes do not impact docs label Nov 17, 2021
@codelipenghui codelipenghui added this to the 2.10.0 milestone Nov 19, 2021
@codelipenghui codelipenghui merged commit 5eb43ea into apache:master Nov 19, 2021
dlg99 pushed a commit to dlg99/pulsar that referenced this pull request Nov 23, 2021
@yuruguo @dlg99
[Authorization] Support GET_BACKLOG_SIZE topic op after enable auth (a…
aa601e2 
…pache#12850)
eolivelli pushed a commit to eolivelli/pulsar that referenced this pull request Nov 29, 2021
@yuruguo @eolivelli
[Authorization] Support GET_BACKLOG_SIZE topic op after enable auth (a…
775cef2 
…pache#12850)
fxbing pushed a commit to fxbing/pulsar that referenced this pull request Dec 19, 2021
@yuruguo
[Authorization] Support GET_BACKLOG_SIZE topic op after enable auth (a…
a38b0f2 
…pache#12850)
codelipenghui pushed a commit that referenced this pull request Dec 21, 2021
@yuruguo @codelipenghui
[Authorization] Support GET_BACKLOG_SIZE topic op after enable auth (#…
68d5af2 
…12850)

(cherry picked from commit 5eb43ea)
@codelipenghui codelipenghui added the cherry-picked/branch-2.9 Archived: 2.9 is end of life label Dec 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codelipenghui codelipenghui codelipenghui approved these changes

@RobertIndie RobertIndie RobertIndie approved these changes

Assignees

@yuruguo yuruguo

Labels
area/authn cherry-picked/branch-2.9 Archived: 2.9 is end of life doc-not-needed Your PR changes do not impact docs release/2.9.2
Projects
None yet
Milestone
2.10.0
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@yuruguo @codelipenghui @RobertIndie @eolivelli @gaoran10 @tisonkun