rdhabalia commented on a change in pull request #1002: Making Pulsar Proxy more secure URL: https://github.com/apache/incubator-pulsar/pull/1002#discussion_r164199836
########## File path: pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authorization/AuthorizationManager.java ########## @@ -150,8 +153,60 @@ public boolean canLookup(DestinationName destination, String role) throws Except return canProduce(destination, role) || canConsume(destination, role, null); } - private CompletableFuture<Boolean> checkAuthorization(DestinationName destination, String role, - AuthAction action) { + /** + * Check whether the specified role can perform a lookup for the specified destination. + * + * For that the caller needs to have producer or consumer permission. + * + * @param destination + * @param role + * @return + * @throws Exception + */ + public CompletableFuture<Boolean> canLookupAsync(DestinationName destination, String role) { + CompletableFuture<Boolean> produceFuture = canProduceAsync(destination, role); + CompletableFuture<Boolean> consumeFuture = canConsumeAsync(destination, role, null); + CompletableFuture<Boolean> finalResult = new CompletableFuture<Boolean>(); + AtomicBoolean futureCompleted = new AtomicBoolean(false); + produceFuture.whenComplete((authorized, ex) -> { + synchronized (this) { + if (ex == null) { + if (authorized) { + finalResult.complete(authorized); + return; + } + } else { + log.debug("Destination [{}] Role [{}] exception occured while trying to check Produce permissions", Review comment: `if (log.isDebugEnabled()){}` ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services