[GitHub] [solr] gerlowskija commented on a change in pull request #427: SOLR-11623 Every request handler - PermissionNameProvider (Take 2)

Sun, 28 Nov 2021 04:38:31 -0800 


gerlowskija commented on a change in pull request #427:
URL: https://github.com/apache/solr/pull/427#discussion_r757890304



##########
File path: 
solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
##########
@@ -213,14 +212,14 @@ public void testBasicPermissions() {
         "userPrincipal", "tim",
         "handler", new ReplicationHandler(),
         "collectionRequests", singletonList(new CollectionRequest("mycoll")) )
-        , FORBIDDEN);
+        , STATUS_OK); // Replication requires "READ" permission, which Tim has

Review comment:
       Thanks for these helpful explanations.  Makes reviewing very easy.

##########
File path: 
solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
##########
@@ -173,6 +173,7 @@ private boolean 
predefinedPermissionAppliesToRequest(Permission predefinedPermis
       log.trace("'ALL' perm applies to all requests; perm applies.");
       return true; //'ALL' applies to everything!
     } else if (! (context.getHandler() instanceof PermissionNameProvider)) {
+      // TODO: Is this code path needed anymore, now that all handlers 
implement the interface? context.getHandler returns Object and is not documented

Review comment:
       I'm fine leaving this in for the sake of caution.
   
   That said, if we wanted to try removal, I guess we could rely on our tests a 
bit here - add temporary `throw new RuntimeException("blah")` here and see if 
any tests trigger it in local runs.
   
   But maybe its not worth the hassle.

##########
File path: 
solr/core/src/java/org/apache/solr/handler/admin/ZookeeperStatusHandler.java
##########
@@ -329,4 +330,9 @@ protected boolean validateZkRawResponse(List<String> 
response, String zkHostPort
     }
     return true;
   }
+
+  @Override
+  public Name getPermissionName(AuthorizationContext request) {
+    return Name.CONFIG_READ_PERM;

Review comment:
       ditto, re: tweaking "CONFIG_READ" ref-guide docs to match this wider 
definition

##########
File path: solr/core/src/java/org/apache/solr/handler/admin/InfoHandler.java
##########
@@ -157,4 +158,17 @@ public SolrRequestHandler getSubHandler(String subPath) {
   public Boolean registerV2() {
     return Boolean.TRUE;
   }
+
+  @Override
+  public Name getPermissionName(AuthorizationContext request) {
+    // Delegate permission to the actual handler
+    String path = request.getResource();
+    String lastPath = path.substring(path.lastIndexOf("/") +1 );
+    RequestHandlerBase handler = 
handlers.get(lastPath.toLowerCase(Locale.ROOT));
+    if (handler != null) {
+      return handler.getPermissionName(request);
+    } else {
+      return null;

Review comment:
       [Q] What does 'null' mean as a return value from 
`PermissionNameProvider.getPermissionName`?

##########
File path: solr/solr-ref-guide/src/major-changes-in-solr-9.adoc
##########
@@ -80,6 +80,8 @@ All the usages are replaced by 
BaseHttpSolrClient.RemoteSolrException and BaseHt
 
 * SOLR-15409: Zookeeper client libraries upgraded to 3.7.0, which may not be 
compatible with your existing server installations
 
+* SOLR-11623: Every request handler in Solr now implements 
PermissionNameProvider. Any custom or 3rd party request handler must also do 
this

Review comment:
       +1.  This should be implied, as users shouldn't be dragging any config 
across major versions, but many will regardless so it's worth calling out IMO.

##########
File path: 
solr/core/src/java/org/apache/solr/handler/admin/SystemInfoHandler.java
##########
@@ -420,7 +421,11 @@ private static String humanReadableUnits(long bytes, 
DecimalFormat df) {
     }
     return list;
   }
-  
+
+  @Override
+  public Name getPermissionName(AuthorizationContext request) {
+    return Name.CONFIG_READ_PERM;

Review comment:
       ditto, re: tweaking "CONFIG_READ" ref-guide docs to match this wider 
definition

##########
File path: 
solr/core/src/java/org/apache/solr/handler/admin/PropertiesRequestHandler.java
##########
@@ -75,4 +76,9 @@ public String getDescription() {
   public Category getCategory() {
     return Category.ADMIN;
   }
+
+  @Override
+  public Name getPermissionName(AuthorizationContext request) {
+    return Name.CONFIG_READ_PERM;

Review comment:
       [-1] The ref-guide describes CONFIG_READ as being scoped mostly to 
collection level config. (see snippet from the 'Rule Based Authorization 
Plugin' page below
   
   > this permission is allowed to read a collection’s configuration using the 
Config API, the Request Parameters API, and other APIs which modify 
configoverlay.json
   
   IMO widening this definition is totally OK if we don't want to create a new 
system-level-config perm, but if we're going this route the ref-guide docs 
should be updated to match.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

Reply via email to