[GitHub] [pulsar] michaeljmarshall commented on pull request #13090: [Authorization] Optimize the logic of allowing namespace operation

[GitBox <gi...@apache.org>]

michaeljmarshall commented on pull request #13090:
URL: https://github.com/apache/pulsar/pull/13090#issuecomment-988468677


   > @yuruguo Please note that authZ is pluggable. Even if the default AuthorizationProvider does not use these operations, it exists plugins that are not role-based but token-based and they need the operations information to authorize. IMO, you should not deprecate the Operations which are not used in default AuthorizationProvider.
   
   @KannarFr - I agree that we shouldn't just deprecate fields because they are not used by the `PulsarAuthorizationProvider`. It's not clear to me why we need fields that are not present in the rest of the code base, though. Which fields are you opposed to deprecating? Above, I mention some fields that I think we could deprecate. Perhaps I am missing context on some of those fields though, and we should keep them. If that is the case, it'd be great to add some comments to the associated fields to add documentation within the code base. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org