[
https://issues.apache.org/jira/browse/KAFKA-4585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16124016#comment-16124016
]
ASF GitHub Bot commented on KAFKA-4585:
---------------------------------------
GitHub user vahidhashemian opened a pull request:
https://github.com/apache/kafka/pull/3661
KAFKA-4585: Lower the Minimum Required ACL Permission of OffsetFetch
(KIP-163)
Details can be found in the
[KIP](https://cwiki.apache.org/confluence/display/KAFKA/KIP-163%3A+Lower+the+Minimum+Required+ACL+Permission+of+OffsetFetch).
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/vahidhashemian/kafka KAFKA-4585
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/kafka/pull/3661.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #3661
----
commit be9e43db15952122836618520b7a166641c9914d
Author: Vahid Hashemian <vahidhashem...@us.ibm.com>
Date: 2017-08-11T20:32:56Z
KAFKA-4585: Lower the Minimum Required ACL Permission of OffsetFetch
(KIP-163)
Details can be found in the
[KIP](https://cwiki.apache.org/confluence/display/KAFKA/KIP-163%3A+Lower+the+Minimum+Required+ACL+Permission+of+OffsetFetch).
----
> KIP-163: Offset fetch and commit requests use the same permissions
> ------------------------------------------------------------------
>
> Key: KAFKA-4585
> URL: https://issues.apache.org/jira/browse/KAFKA-4585
> Project: Kafka
> Issue Type: Bug
> Components: consumer
> Affects Versions: 0.10.1.1
> Reporter: Ewen Cheslack-Postava
> Assignee: Vahid Hashemian
> Labels: kip
>
> Currently the handling of permissions for consumer groups seems a bit odd
> because most of the requests use the Read permission on the Group (join,
> sync, heartbeat, leave, offset commit, and offset fetch). This means you
> cannot lock down certain functionality for certain users. For this issue I'll
> highlight a realistic issue since conflating the ability to perform most of
> these operations may not be a serious issue.
> In particular, if you want tooling for monitoring offsets (i.e. you want to
> be able to read from all groups) but don't want that tool to be able to write
> offsets, you currently cannot achieve this. Part of the reason this seems odd
> to me is that any operation which can mutate state seems like it should be a
> Write operation (i.e. joining, syncing, leaving, and committing; maybe
> heartbeat as well). However, [~hachikuji] has mentioned that the use of Read
> may have been intentional. If that is the case, changing at least offset
> fetch to be a Describe operation instead would allow isolating the mutating
> vs non-mutating request types.
> Note that this would require a KIP and would potentially have some
> compatibility implications. Note however, that if we went with the Describe
> option, Describe is allowed by default when Read, Write, or Delete are
> allowed, so this may not have to have any compatibility issues (if the user
> previously allowed Read, they'd still have all the same capabilities as
> before).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
