[
https://issues.apache.org/jira/browse/KAFKA-5292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16037938#comment-16037938
]
Colin P. McCabe commented on KAFKA-5292:
----------------------------------------
* NetworkClient.java: when trace logging is enabled, show AbstractResponse
Struct objects, rather than just a memory address of the AbstractResponse.
* AclOperation.java: add documentation of what ACLs imply other ACLs.
* Resource.java: add CLUSTER, CLUSTER_NAME constants.
* Reconcile the Java and Scala classes for ResourceType, OperationType, etc.
Add unit tests to ensure they can be converted to each other.
* AclCommand.scala: we should be able to apply ACLs containing Alter and
Describe operations to Cluster resources.
* SimpleAclAuthorizer: update the authorizer to handle the ACL inheritance
rules described in AclOperation.java.
* KafkaApis.scala: update createAcls and deleteAcls to use ALTER on CLUSTER, as
described in the KIP. describeAcls should use DESCRIBE on CLUSTER. Use
fromJava methods instead of fromString methods to convert from Java objects to
Scala ones.
* SaslSslAdminClientIntegrationTest.scala: do not use
AllowEveryoneIfNoAclIsFound. Add a configureSecurityBeforeServerStart hook
which installs the ACLs necessary for the tests. Add a test of ACL
authorization ALLOW and DENY functionality.
> Fix authorization checks in AdminClient
> ---------------------------------------
>
> Key: KAFKA-5292
> URL: https://issues.apache.org/jira/browse/KAFKA-5292
> Project: Kafka
> Issue Type: Sub-task
> Reporter: Ismael Juma
> Assignee: Colin P. McCabe
> Priority: Critical
> Fix For: 0.11.0.0
>
>
> Fix authorization checks in AdminClient.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
