You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2019/01/21 23:30:49 UTC
[GitHub] merlimat commented on a change in pull request #3383: refactor
AuthorizationProvider interface to allow custom logic for determining super
user
merlimat commented on a change in pull request #3383: refactor AuthorizationProvider interface to allow custom logic for determining super user
URL: https://github.com/apache/pulsar/pull/3383#discussion_r249602574
##########
File path: pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationProvider.java
##########
@@ -35,6 +35,14 @@
*/
public interface AuthorizationProvider extends Closeable {
+ /**
+ * Check if specified role is a super user
+ * @param role the role to check
+ * @return a CompletableFuture containing a boolean in which true means the role is a super user
+ * and false if it is not
+ */
+ CompletableFuture<Boolean> isSuperUser(String role);
Review comment:
The problem here is that the current behavior is based on the list of super-user roles that comes from the config file. Having the `default` method in the interface will not help because it doesn't have access to the config file.
At the same time, this is something that should have been added in the authorization plugin interface when we created. At this point, since I don't know of any alternative concrete implementations, I think it's better to fix the interface and document the breaking change in the release notes.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services