THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
We will add a new method getMatchingAcls(resource) to the Authorizer interface.
- The behavior of getAcls(resource) method today is to return ACLs matching only the resource literal.
- authorize(...) method calls getAcls(resource) and getAcls('*') to get all the matching ACLs today.
- It’s possible to make this change without introducing a new API but new API is required for inspection.
- For example: If I want to fetch all ACLs that match ’topicA*’, it’s not possible without introducing new API AND maintaining backwards compatibility.
Code Block language scala title Authorizer /** * Get set of all acls that match this resource. * @param resource regular or wildcard-suffixed resource name. * @return empty set if no acls are found, otherwise the acls for the matching resources. */ def getMatchingAcls(resource: Resource): Set[Acl]
OR
- Enhance getAcls(resource) to return all matching wildcard-suffixed ACLs (breaking change and lot of unit tests need to be modified)
- Changes to command line tool class https://github.com/apache/kafka/blob/trunk/core/src/main/scala/kafka/admin/AclCommand.scala to expose the above new API.
- Changes to AdminClient
- Add a new method that will allow users to escape resource names for using special characters (@, #, $, %, ^, &, *, /, +)
- (Question) Should we deprecate older getAcls(resource) method? Not at this point?
- Update the public documentation with the details of the new feature.
...