jolshan commented on code in PR #19364:
URL: https://github.com/apache/kafka/pull/19364#discussion_r2043095261
##########
core/src/main/scala/kafka/server/KafkaApis.scala:
##########
@@ -1520,6 +1520,10 @@ class KafkaApis(val requestChannel: RequestChannel,
requestHelper.sendErrorResponseMaybeThrottle(request,
Errors.TRANSACTIONAL_ID_AUTHORIZATION_FAILED.exception)
return
}
+ if (initProducerIdRequest.enable2Pc() &&
!authHelper.authorize(request.context, TWO_PHASE_COMMIT, TRANSACTIONAL_ID,
transactionalId)) {
+ requestHelper.sendErrorResponseMaybeThrottle(request,
Errors.TRANSACTIONAL_ID_AUTHORIZATION_FAILED.exception)
Review Comment:
I guess what @FrankYang0529 was saying is that for some other ACLs there is
a single error code. (Ie, before this change
`TRANSACTIONAL_ID_AUTHORIZATION_FAILED` was the only error for write on
transactional ID. I think though that since the resource type is the same, it
is ok to reuse the error code. (For group, both describe and read return
group_authorization_failed)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
