You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by sa...@apache.org on 2020/06/11 23:43:50 UTC
[pulsar] branch master updated: Ensure that admin operations are
gated by super user check (#7226)
This is an automated email from the ASF dual-hosted git repository.
sanjeevrk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new eda3526 Ensure that admin operations are gated by super user check (#7226)
eda3526 is described below
commit eda3526b335d58e7aa7ba4bb81d44ea03a2922a7
Author: Sanjeev Kulkarni <sa...@gmail.com>
AuthorDate: Thu Jun 11 16:43:35 2020 -0700
Ensure that admin operations are gated by super user check (#7226)
* Ensure that admin operations are gated by super user check
* keep /clusters open
Co-authored-by: Sanjeev Kulkarni <sa...@splunk.com>
---
.../java/org/apache/pulsar/broker/admin/impl/BrokersBase.java | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/BrokersBase.java b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/BrokersBase.java
index 072e91c..57c88ab 100644
--- a/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/BrokersBase.java
+++ b/pulsar-broker/src/main/java/org/apache/pulsar/broker/admin/impl/BrokersBase.java
@@ -153,9 +153,12 @@ public class BrokersBase extends AdminResource {
@Path("/configuration/values")
@ApiOperation(value = "Get value of all dynamic configurations' value overridden on local config")
@ApiResponses(value = {
+ @ApiResponse(code = 403, message = "You don't have admin permission to view configuration"),
@ApiResponse(code = 404, message = "Configuration not found"),
@ApiResponse(code = 500, message = "Internal server error")})
public Map<String, String> getAllDynamicConfigurations() throws Exception {
+ validateSuperUserAccess();
+
ZooKeeperDataCache<Map<String, String>> dynamicConfigurationCache = pulsar().getBrokerService()
.getDynamicConfigurationCache();
Map<String, String> configurationMap = null;
@@ -175,7 +178,10 @@ public class BrokersBase extends AdminResource {
@GET
@Path("/configuration")
@ApiOperation(value = "Get all updatable dynamic configurations's name")
+ @ApiResponses(value = {
+ @ApiResponse(code = 403, message = "You don't have admin permission to get configuration")})
public List<String> getDynamicConfigurationName() {
+ validateSuperUserAccess();
return BrokerService.getDynamicConfiguration();
}
@@ -240,7 +246,9 @@ public class BrokersBase extends AdminResource {
@GET
@Path("/internal-configuration")
@ApiOperation(value = "Get the internal configuration data", response = InternalConfigurationData.class)
+ @ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission") })
public InternalConfigurationData getInternalConfigurationData() {
+ validateSuperUserAccess();
return pulsar().getInternalConfigurationData();
}