You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2021/12/23 09:49:44 UTC

[GitHub] [pulsar] yuruguo removed a comment on pull request #13463: Revert "[Authorization] Converge authz of ns policies from super-user to tenant-administrator (#13157)"

yuruguo removed a comment on pull request #13463:
URL: https://github.com/apache/pulsar/pull/13463#issuecomment-1000176666


   @massakam Thanks for your clarification, I have a few questions.
   1. Theoretically, the tenant administrators have the right to manage the namespace under it.
   The `publish-rate` example you cited may reflect the question whether the tenant administrators complete a reasonable operation with the authz. Perhaps `internalSetMaxTopicsPerNamespace` / `internalSetMaxProducersPerTopic` / ` internalSetMaxConsumersPerTopic` also have this problem although the tenant administrators can operate it at present. 
   One solution is to regulate the behavior of tenant administrators. For example, there is an upper limit for the `publish-rate` set by tenant administrators and it can only be operated by the super user once the upper limit is exceeded. 
   2. The role with `lookup topic` authz can set the publish rate to topic, is there a similar problem like the example?
   3. Except for rate-related policies in this PR, can other policies be operated by tenant administrators? 
   Including: `internalSetInactiveTopic`, `internalSetDelayedDelivery`, `internalSetMaxSubscriptionsPerTopic`
   
   Thank you for your reply, I want to try to provide more information
   > I think we are likely missing policies at the tenant level
   
   Currently, we provide `AuthorizationProvider#allowTenantOperationAsync`
   https://github.com/apache/pulsar/blob/76f35666deb5a956b7eef9732a3028b246e5294c/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java#L283-L290
   But we don’t use `TenantOperation operation` in default implementation-`PulsarAuthorizationProvider`
   https://github.com/apache/pulsar/blob/76f35666deb5a956b7eef9732a3028b246e5294c/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java#L511-L517
   Maybe we need to use it to optimize this piece of permission logic
   
   > i.e. what operations should be super user and what should be tenant admin
   
   There is a summary here but there is no update  [PIP 49: Permission levels and inheritance](https://github.com/apache/pulsar/wiki/PIP-49%3A-Permission-levels-and-inheritance)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org