Skip to content

[fix][authorization] Fix the return value of canConsumeAsync#19412

Merged
nodece merged 2 commits intoapache:masterfrom
nodece:fix-canConsumeAsync-return-value
Feb 7, 2023
Merged

[fix][authorization] Fix the return value of canConsumeAsync#19412
nodece merged 2 commits intoapache:masterfrom
nodece:fix-canConsumeAsync-return-value

Conversation

@nodece
Copy link
Copy Markdown
Member

@nodece nodece commented Feb 3, 2023

Motivation

When an exception occurs in the canConsumeAsync method, we should throw that.

Documentation

  • doc
  • doc-required
  • doc-not-needed
  • doc-complete

@nodece
[fix][authorization] Fix the return value of canConsumeAsync
470988d 
Signed-off-by: Zixuan Liu <nodeces@gmail.com>
@github-actions github-actions Bot added the doc-not-needed Your PR changes do not impact docs label Feb 3, 2023
@Technoboy- Technoboy- added this to the 3.0.0 milestone Feb 3, 2023
@Technoboy- Technoboy- closed this Feb 3, 2023
@Technoboy- Technoboy- reopened this Feb 3, 2023
lhotari
lhotari reviewed Feb 3, 2023
View reviewed changes
Comment thread ...common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java Outdated
log.warn("Client with Role - {} failed to get permissions for topic - {}. {}", role, topicName,
ex.getMessage());
return null;
throw FutureUtil.wrapToCompletionException(ex);
Copy link
Copy Markdown
Member

@lhotari lhotari Feb 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the logging just extra noise if the exception gets rethrown? Could we remove the .exceptionally completely? My assumption is that rethrowing could lead to the exception being logged more than 1 time.

I guess return null; is wrong and could be return false; if the desire is to just log and continue by returning false. The original code (before this PR) will fail with NullPointerException since the expected return value is Boolean.

Copy link
Copy Markdown
Member

@michaeljmarshall michaeljmarshall Feb 3, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already log the "error" multiple times. We log it in this class as a warning. We also have these logs for handling the result of this method:

pulsar/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/Consumer.java

Lines 888 to 902 in 9521872

return cnx.getBrokerService().getAuthorizationService().canConsumeAsync(topicName, appId,
cnx.getAuthenticationData(), subscription.getName())
.handle((ok, e) -> {
if (e != null) {
log.warn("[{}] Get unexpected error while authorizing [{}] {}", appId,
subscription.getTopicName(), e.getMessage(), e);
}
if (ok == null || !ok) {
log.info("[{}] is not allowed to consume from topic [{}] anymore", appId,
subscription.getTopicName());
disconnect();
}
return null;
});

After this change, we could have 3 lines and a stack trace. I think that is too many. I would prefer to simplify the code path and only log a single failure/error/rejection once.

michaeljmarshall
michaeljmarshall requested changes Feb 3, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@michaeljmarshall michaeljmarshall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My preference is to remove the exceptionally block all together and to make sure that pulsar logs the errors accordingly. Since this AuthorizationProvider is pluggable, it simplifies the flow if implementations can rely on pulsar to log appropriately in my opinion.

Let me know what you think @nodece. Thanks!

Comment thread ...common/src/main/java/org/apache/pulsar/broker/authorization/PulsarAuthorizationProvider.java Outdated
log.warn("Client with Role - {} failed to get permissions for topic - {}. {}", role, topicName,
ex.getMessage());
return null;
throw FutureUtil.wrapToCompletionException(ex);
Copy link
Copy Markdown
Member

@michaeljmarshall michaeljmarshall Feb 3, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already log the "error" multiple times. We log it in this class as a warning. We also have these logs for handling the result of this method:

pulsar/pulsar-broker/src/main/java/org/apache/pulsar/broker/service/Consumer.java

Lines 888 to 902 in 9521872

return cnx.getBrokerService().getAuthorizationService().canConsumeAsync(topicName, appId,
cnx.getAuthenticationData(), subscription.getName())
.handle((ok, e) -> {
if (e != null) {
log.warn("[{}] Get unexpected error while authorizing [{}] {}", appId,
subscription.getTopicName(), e.getMessage(), e);
}
if (ok == null || !ok) {
log.info("[{}] is not allowed to consume from topic [{}] anymore", appId,
subscription.getTopicName());
disconnect();
}
return null;
});

After this change, we could have 3 lines and a stack trace. I think that is too many. I would prefer to simplify the code path and only log a single failure/error/rejection once.

@nodece
Copy link
Copy Markdown
Member Author

nodece commented Feb 6, 2023
edited
Loading

I want to remove all exceptionally, then we can optimize the log info next PR. what do you think of that?

michaeljmarshall
michaeljmarshall approved these changes Feb 7, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@michaeljmarshall michaeljmarshall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @nodece!

@nodece
Copy link
Copy Markdown
Member Author

nodece commented Feb 7, 2023

/pulsarbot rerun-failure-checks

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Feb 7, 2023
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 26.48%. Comparing base (39dd1cd) to head (2e95581).
⚠️ Report is 2889 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff              @@
##             master   #19412      +/-   ##
============================================
- Coverage     32.36%   26.48%   -5.88%     
- Complexity     6355     6369      +14     
============================================
  Files          1648     1581      -67     
  Lines        123990   121828    -2162     
  Branches      13523    13304     -219     
============================================
- Hits          40129    32271    -7858     
- Misses        77958    84925    +6967     
+ Partials       5903     4632    -1271
Flag Coverage Δ
inttests 24.87% <ø> (+0.05%) ⬆️
systests ∅ <ø> (∅)
unittests 17.48% <ø> (-0.07%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
...ker/authorization/PulsarAuthorizationProvider.java 8.01% <ø> (-27.28%) ⬇️

... and 493 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@nodece nodece merged commit 016e7f0 into apache:master Feb 7, 2023
Technoboy- pushed a commit that referenced this pull request Feb 8, 2023
@nodece @Technoboy-
[fix][authorization] Fix the return value of canConsumeAsync (#19412)
542a98a 
Signed-off-by: Zixuan Liu <nodeces@gmail.com>
liangyepianzhou pushed a commit that referenced this pull request Feb 10, 2023
@nodece @liangyepianzhou
[fix][authorization] Fix the return value of canConsumeAsync (#19412)
b28d796 
Signed-off-by: Zixuan Liu <nodeces@gmail.com>
(cherry picked from commit 016e7f0)
nicoloboschi pushed a commit to datastax/pulsar that referenced this pull request Feb 28, 2023
@nodece @nicoloboschi
[fix][authorization] Fix the return value of canConsumeAsync (apache#…
d26add6 
…19412)

Signed-off-by: Zixuan Liu <nodeces@gmail.com>
(cherry picked from commit 016e7f0)
(cherry picked from commit b28d796)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lhotari lhotari lhotari approved these changes

@coderzc coderzc coderzc approved these changes

@michaeljmarshall michaeljmarshall michaeljmarshall approved these changes

@codelipenghui codelipenghui Awaiting requested review from codelipenghui

@mattisonchao mattisonchao Awaiting requested review from mattisonchao

@Technoboy- Technoboy- Awaiting requested review from Technoboy-

Assignees

@nodece nodece

Labels

cherry-picked/branch-2.10 cherry-picked/branch-2.11 doc-not-needed Your PR changes do not impact docs ready-to-test release/2.10.4 release/2.11.1

Projects

None yet

Milestone

3.0.0

Development

Successfully merging this pull request may close these issues.

7 participants

@nodece @codecov-commenter @lhotari @coderzc @michaeljmarshall @Technoboy- @liangyepianzhou