Fix wrong prompt exception when get non-persistent topic list without GET_BUDNLE permission #14638
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…h un-authorized permission.
codelipenghui
approved these changes
Mar 10, 2022
RobertIndie
approved these changes
Mar 11, 2022
Member
RobertIndie
left a comment
RobertIndie
left a comment
There was a problem hiding this comment.
LGTM. Do we need to apply these changes to v1 API as well?
Contributor
Author
Yes, thanks. Updated for v1. Beside, We may not update non-persistent topics in v1 for a long time, there is an NPE in the getList and getListFromBundle . |
codelipenghui
pushed a commit
that referenced
this pull request
Apr 19, 2022
… GET_BUDNLE permission (#14638) Fixes #14191 ### Motivation We have some big issues with the permission part. We only have the permission with [doc](https://pulsar.apache.org/docs/en/admin-api-permissions/) mentioned. But if user do it according to the doc, they will face the same issue that #14191 described. We don't have GET_BUNDLE in the grant interface but given the prompt message to the user. And currently, only the admin role could have the permission. This pr is not solving the permission issue but fixing the prompt message first, not giving 500 error to the user. Then I open an issue #14639 to discuss refactoring the permission part. ### Modification - Return 403 to the user when permission is denied. (cherry picked from commit ca6e824)
Nicklee007
pushed a commit
to Nicklee007/pulsar
that referenced
this pull request
Apr 20, 2022
… GET_BUDNLE permission (apache#14638) Fixes apache#14191 ### Motivation We have some big issues with the permission part. We only have the permission with [doc](https://pulsar.apache.org/docs/en/admin-api-permissions/) mentioned. But if user do it according to the doc, they will face the same issue that apache#14191 described. We don't have GET_BUNDLE in the grant interface but given the prompt message to the user. And currently, only the admin role could have the permission. This pr is not solving the permission issue but fixing the prompt message first, not giving 500 error to the user. Then I open an issue apache#14639 to discuss refactoring the permission part. ### Modification - Return 403 to the user when permission is denied.
mattisonchao
added
release/2.9.3
cherry-picked/branch-2.9
mattisonchao
pushed a commit
that referenced
this pull request
Jun 13, 2022
… GET_BUDNLE permission (#14638) Fixes #14191 ### Motivation We have some big issues with the permission part. We only have the permission with [doc](https://pulsar.apache.org/docs/en/admin-api-permissions/) mentioned. But if user do it according to the doc, they will face the same issue that #14191 described. We don't have GET_BUNDLE in the grant interface but given the prompt message to the user. And currently, only the admin role could have the permission. This pr is not solving the permission issue but fixing the prompt message first, not giving 500 error to the user. Then I open an issue #14639 to discuss refactoring the permission part. ### Modification - Return 403 to the user when permission is denied. (cherry picked from commit ca6e824)
Contributor
|
Add the |
BewareMyPower
pushed a commit
that referenced
this pull request
Jul 28, 2022
… GET_BUDNLE permission (#14638) Fixes #14191 ### Motivation We have some big issues with the permission part. We only have the permission with [doc](https://pulsar.apache.org/docs/en/admin-api-permissions/) mentioned. But if user do it according to the doc, they will face the same issue that #14191 described. We don't have GET_BUNDLE in the grant interface but given the prompt message to the user. And currently, only the admin role could have the permission. This pr is not solving the permission issue but fixing the prompt message first, not giving 500 error to the user. Then I open an issue #14639 to discuss refactoring the permission part. ### Modification - Return 403 to the user when permission is denied. (cherry picked from commit ca6e824)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #14191
Motivation
We have some big issues with the permission part. We only have the permission with doc mentioned. But if user do it according to the doc, they will face the same issue that #14191 described. We don't have GET_BUNDLE in the grant interface but given the prompt message to the user. And currently, only the admin role could have the permission.
This pr is not solving the permission issue but fixing the prompt message first, not giving 500 error to the user. Then I open an issue #14639 to discuss refactoring the permission part.
Modification
Documentation
no-need-doc