This is an automated email from the ASF dual-hosted git repository.
jackie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git
The following commit(s) were added to refs/heads/master by this push:
new 02dc4704b1 Add the missing Authorize annotation to broker instance
resource (#11302)
02dc4704b1 is described below
commit 02dc4704b1e94f29f8e6f23e473fa19d9f37e5c3
Author: Xiaotian (Jackie) Jiang <[email protected]>
AuthorDate: Wed Aug 9 13:47:30 2023 -0700
Add the missing Authorize annotation to broker instance resource (#11302)
---
.../pinot/broker/api/resources/InstanceResource.java | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git
a/pinot-broker/src/main/java/org/apache/pinot/broker/api/resources/InstanceResource.java
b/pinot-broker/src/main/java/org/apache/pinot/broker/api/resources/InstanceResource.java
index 3b6a80f6d6..750e523d50 100644
---
a/pinot-broker/src/main/java/org/apache/pinot/broker/api/resources/InstanceResource.java
+++
b/pinot-broker/src/main/java/org/apache/pinot/broker/api/resources/InstanceResource.java
@@ -39,26 +39,32 @@ import org.apache.helix.HelixManager;
import org.apache.helix.model.InstanceConfig;
import org.apache.pinot.broker.broker.BrokerAdminApiApplication;
import org.apache.pinot.common.utils.helix.HelixHelper;
+import org.apache.pinot.core.auth.Actions;
+import org.apache.pinot.core.auth.Authorize;
+import org.apache.pinot.core.auth.TargetType;
import static
org.apache.pinot.spi.utils.CommonConstants.SWAGGER_AUTHORIZATION_KEY;
+
/**
* This resource API can be used to retrieve instance level information like
instance tags.
*/
-@Api(description = "Metadata for this instance (like tenant tags)", tags =
"instance",
- authorizations = {@Authorization(value = SWAGGER_AUTHORIZATION_KEY)})
+@Api(tags = "Instance", authorizations = {@Authorization(value =
SWAGGER_AUTHORIZATION_KEY)})
@SwaggerDefinition(securityDefinition =
@SecurityDefinition(apiKeyAuthDefinitions = @ApiKeyAuthDefinition(name =
HttpHeaders.AUTHORIZATION, in =
ApiKeyAuthDefinition.ApiKeyLocation.HEADER, key = SWAGGER_AUTHORIZATION_KEY)))
-@Path("instance")
+@Path("/")
public class InstanceResource {
+
@Inject
@Named(BrokerAdminApiApplication.BROKER_INSTANCE_ID)
private String _instanceId;
+
@Inject
private HelixManager _helixManager;
@GET
- @Path("tags")
+ @Path("/instance/tags")
+ @Authorize(targetType = TargetType.CLUSTER, action =
Actions.Cluster.GET_INSTANCE)
@ApiOperation(value = "Tenant tags for current instance")
@ApiResponses(value = {
@ApiResponse(code = 200, message = "Success"),
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
