Package org.apache.pulsar.broker.web

Class PulsarWebResource

java.lang.Object
org.apache.pulsar.broker.web.PulsarWebResource
Direct Known Subclasses:
AdminResource, TenantsBase, TopicLookupBase
public abstract class PulsarWebResource extends Object
Base class for Web resources in Pulsar. It provides basic authorization functions.

  • Field Details

    • servletContext

      @Context protected javax.servlet.ServletContext servletContext

    • httpRequest

      @Context protected javax.servlet.http.HttpServletRequest httpRequest

    • uri

      @Context protected javax.ws.rs.core.UriInfo uri

  • Constructor Details

    • PulsarWebResource

      public PulsarWebResource()

  • Method Details

    • pulsar

      protected PulsarService pulsar()

    • config

      protected org.apache.pulsar.broker.ServiceConfiguration config()

    • splitPath

      public static String splitPath(String source, int slice)

    • clientAppId

      public String clientAppId()
      Gets a caller id (IP + role).
      Returns:
      the web service caller identification

    • originalPrincipal

      public String originalPrincipal()

    • clientAuthData

      public org.apache.pulsar.broker.authentication.AuthenticationDataSource clientAuthData()

    • isRequestHttps

      public boolean isRequestHttps()

    • isClientAuthenticated

      public static boolean isClientAuthenticated(String appId)

    • hasSuperUserAccess

      protected boolean hasSuperUserAccess()

    • validateSuperUserAccessAsync

      public CompletableFuture<Void> validateSuperUserAccessAsync()

    • validateSuperUserAccess

      public void validateSuperUserAccess()
      Checks whether the user has Pulsar Super-User access to the system.
      Throws:
      javax.ws.rs.WebApplicationException - if not authorized

    • validateAdminAccessForTenant

      protected void validateAdminAccessForTenant(String tenant)
      Checks that the http client role has admin access to the specified tenant.
      Parameters:
      tenant - the tenant id
      Throws:
      javax.ws.rs.WebApplicationException - if not authorized

    • validateAdminAccessForTenant

      protected void validateAdminAccessForTenant(PulsarService pulsar, String clientAppId, String originalPrincipal, String tenant, org.apache.pulsar.broker.authentication.AuthenticationDataSource authenticationData, long timeout, TimeUnit unit)

    • validateAdminAccessForTenantAsync

      protected CompletableFuture<Void> validateAdminAccessForTenantAsync(String tenant)
      Checks that the http client role has admin access to the specified tenant async.
      Parameters:
      tenant - the tenant id

    • validateAdminAccessForTenantAsync

      protected CompletableFuture<Void> validateAdminAccessForTenantAsync(PulsarService pulsar, String clientAppId, String originalPrincipal, String tenant, org.apache.pulsar.broker.authentication.AuthenticationDataSource authenticationData)

    • validatePeerClusterConflict

      protected void validatePeerClusterConflict(String clusterName, Set<String> replicationClusters)
      It validates that peer-clusters can't coexist in replication-clusters.

    • validatePeerClusterConflictAsync

      protected CompletableFuture<Void> validatePeerClusterConflictAsync(String clusterName, Set<String> replicationClusters)

    • validateClusterForTenant

      protected void validateClusterForTenant(String tenant, String cluster)

    • validateClusterForTenantAsync

      protected CompletableFuture<Void> validateClusterForTenantAsync(String tenant, String cluster)

    • validateClusterOwnershipAsync

      protected CompletableFuture<Void> validateClusterOwnershipAsync(String cluster)

    • validateClusterOwnership

      protected void validateClusterOwnership(String cluster) throws javax.ws.rs.WebApplicationException
      Check if the cluster exists and redirect the call to the owning cluster.
      Parameters:
      cluster - Cluster name
      Throws:
      Exception - In case the redirect happens
      javax.ws.rs.WebApplicationException

    • getClusterDataIfDifferentCluster

      protected static CompletableFuture<org.apache.pulsar.common.policies.data.ClusterData> getClusterDataIfDifferentCluster(PulsarService pulsar, String cluster, String clientAppId)

    • validateBundleOwnership

      protected void validateBundleOwnership(String tenant, String cluster, String namespace, boolean authoritative, boolean readOnly, NamespaceBundle bundle)

    • validateNamespaceBundleRange

      protected NamespaceBundle validateNamespaceBundleRange(org.apache.pulsar.common.naming.NamespaceName fqnn, org.apache.pulsar.common.policies.data.BundlesData bundles, String bundleRange)

    • isBundleOwnedByAnyBroker

      protected CompletableFuture<Boolean> isBundleOwnedByAnyBroker(org.apache.pulsar.common.naming.NamespaceName fqnn, org.apache.pulsar.common.policies.data.BundlesData bundles, String bundleRange)
      Checks whether a given bundle is currently loaded by any broker.

    • validateNamespaceBundleOwnership

      protected NamespaceBundle validateNamespaceBundleOwnership(org.apache.pulsar.common.naming.NamespaceName fqnn, org.apache.pulsar.common.policies.data.BundlesData bundles, String bundleRange, boolean authoritative, boolean readOnly)

    • validateNamespaceBundleOwnershipAsync

      protected CompletableFuture<NamespaceBundle> validateNamespaceBundleOwnershipAsync(org.apache.pulsar.common.naming.NamespaceName fqnn, org.apache.pulsar.common.policies.data.BundlesData bundles, String bundleRange, boolean authoritative, boolean readOnly)

    • validateBundleOwnership

      public void validateBundleOwnership(NamespaceBundle bundle, boolean authoritative, boolean readOnly) throws Exception
      Throws:
      Exception

    • validateBundleOwnershipAsync

      public CompletableFuture<Void> validateBundleOwnershipAsync(NamespaceBundle bundle, boolean authoritative, boolean readOnly)

    • validateTopicOwnership

      protected void validateTopicOwnership(org.apache.pulsar.common.naming.TopicName topicName, boolean authoritative)
      Checks whether the broker is the owner of the namespace. Otherwise it will raise an exception to redirect the client to the appropriate broker. If no broker owns the namespace yet, this function will try to acquire the ownership by default.
      Parameters:
      topicName - topic name
      authoritative -

    • validateTopicOwnershipAsync

      protected CompletableFuture<Void> validateTopicOwnershipAsync(org.apache.pulsar.common.naming.TopicName topicName, boolean authoritative)

    • validateGlobalNamespaceOwnership

      protected void validateGlobalNamespaceOwnership(org.apache.pulsar.common.naming.NamespaceName namespace)
      If the namespace is global, validate the following - 1. If replicated clusters are configured for this global namespace 2. If local cluster belonging to this namespace is replicated 3. If replication is enabled for this namespace
      It validates if local cluster is part of replication-cluster. If local cluster is not part of the replication cluster then it redirects request to peer-cluster if any of the peer-cluster is part of replication-cluster of this namespace. If none of the cluster is part of the replication cluster then it fails the validation.
      Parameters:
      namespace -
      Throws:
      Exception

    • validateGlobalNamespaceOwnershipAsync

      protected CompletableFuture<Void> validateGlobalNamespaceOwnershipAsync(org.apache.pulsar.common.naming.NamespaceName namespace)

    • checkLocalOrGetPeerReplicationCluster

      public static CompletableFuture<org.apache.pulsar.common.policies.data.ClusterDataImpl> checkLocalOrGetPeerReplicationCluster(PulsarService pulsarService, org.apache.pulsar.common.naming.NamespaceName namespace)

    • checkLocalOrGetPeerReplicationCluster

      public static CompletableFuture<org.apache.pulsar.common.policies.data.ClusterDataImpl> checkLocalOrGetPeerReplicationCluster(PulsarService pulsarService, org.apache.pulsar.common.naming.NamespaceName namespace, boolean allowDeletedNamespace)

    • checkAuthorizationAsync

      protected static CompletableFuture<Void> checkAuthorizationAsync(PulsarService pulsarService, org.apache.pulsar.common.naming.TopicName topicName, String role, org.apache.pulsar.broker.authentication.AuthenticationDataSource authenticationData)

    • setPulsar

      public void setPulsar(PulsarService pulsar)

    • isLeaderBroker

      protected boolean isLeaderBroker()

    • isLeaderBroker

      protected static boolean isLeaderBroker(PulsarService pulsar)

    • validateTenantOperation

      public void validateTenantOperation(String tenant, org.apache.pulsar.common.policies.data.TenantOperation operation)

    • validateTenantOperationAsync

      public CompletableFuture<Void> validateTenantOperationAsync(String tenant, org.apache.pulsar.common.policies.data.TenantOperation operation)

    • validateNamespaceOperation

      public void validateNamespaceOperation(org.apache.pulsar.common.naming.NamespaceName namespaceName, org.apache.pulsar.common.policies.data.NamespaceOperation operation)

    • validateNamespaceOperationAsync

      public CompletableFuture<Void> validateNamespaceOperationAsync(org.apache.pulsar.common.naming.NamespaceName namespaceName, org.apache.pulsar.common.policies.data.NamespaceOperation operation)

    • validateNamespacePolicyOperation

      public void validateNamespacePolicyOperation(org.apache.pulsar.common.naming.NamespaceName namespaceName, org.apache.pulsar.common.policies.data.PolicyName policy, org.apache.pulsar.common.policies.data.PolicyOperation operation)

    • validateNamespacePolicyOperationAsync

      public CompletableFuture<Void> validateNamespacePolicyOperationAsync(org.apache.pulsar.common.naming.NamespaceName namespaceName, org.apache.pulsar.common.policies.data.PolicyName policy, org.apache.pulsar.common.policies.data.PolicyOperation operation)

    • getPulsarResources

      protected org.apache.pulsar.broker.resources.PulsarResources getPulsarResources()

    • tenantResources

      protected org.apache.pulsar.broker.resources.TenantResources tenantResources()

    • clusterResources

      protected org.apache.pulsar.broker.resources.ClusterResources clusterResources()

    • bookieResources

      protected org.apache.pulsar.broker.resources.BookieResources bookieResources()

    • topicResources

      protected org.apache.pulsar.broker.resources.TopicResources topicResources()

    • namespaceResources

      protected org.apache.pulsar.broker.resources.NamespaceResources namespaceResources()

    • resourceGroupResources

      protected org.apache.pulsar.broker.resources.ResourceGroupResources resourceGroupResources()

    • getLocalPolicies

      protected org.apache.pulsar.broker.resources.LocalPoliciesResources getLocalPolicies()

    • namespaceIsolationPolicies

      protected org.apache.pulsar.broker.resources.NamespaceResources.IsolationPolicyResources namespaceIsolationPolicies()

    • dynamicConfigurationResources

      protected org.apache.pulsar.broker.resources.DynamicConfigurationResources dynamicConfigurationResources()

    • jsonMapper

      public static com.fasterxml.jackson.databind.ObjectMapper jsonMapper()

    • validatePoliciesReadOnlyAccess

      public void validatePoliciesReadOnlyAccess()

    • validatePoliciesReadOnlyAccessAsync

      public CompletableFuture<Void> validatePoliciesReadOnlyAccessAsync()

    • hasActiveNamespace

      protected CompletableFuture<Void> hasActiveNamespace(String tenant)

    • validateClusterExists

      protected void validateClusterExists(String cluster)

    • canUpdateCluster

      protected CompletableFuture<Void> canUpdateCluster(String tenant, Set<String> oldClusters, Set<String> newClusters)

    • validateBrokerName

      protected void validateBrokerName(String broker)
      Redirect the call to the specified broker.
      Parameters:
      broker - Broker name

    • validateTopicPolicyOperation

      public void validateTopicPolicyOperation(org.apache.pulsar.common.naming.TopicName topicName, org.apache.pulsar.common.policies.data.PolicyName policy, org.apache.pulsar.common.policies.data.PolicyOperation operation)

    • validateTopicPolicyOperationAsync

      public CompletableFuture<Void> validateTopicPolicyOperationAsync(org.apache.pulsar.common.naming.TopicName topicName, org.apache.pulsar.common.policies.data.PolicyName policy, org.apache.pulsar.common.policies.data.PolicyOperation operation)

    • validateTopicOperation

      public void validateTopicOperation(org.apache.pulsar.common.naming.TopicName topicName, org.apache.pulsar.common.policies.data.TopicOperation operation)

    • validateTopicOperation

      public void validateTopicOperation(org.apache.pulsar.common.naming.TopicName topicName, org.apache.pulsar.common.policies.data.TopicOperation operation, String subscription)

    • validateTopicOperationAsync

      public CompletableFuture<Void> validateTopicOperationAsync(org.apache.pulsar.common.naming.TopicName topicName, org.apache.pulsar.common.policies.data.TopicOperation operation)

    • validateTopicOperationAsync

      public CompletableFuture<Void> validateTopicOperationAsync(org.apache.pulsar.common.naming.TopicName topicName, org.apache.pulsar.common.policies.data.TopicOperation operation, String subscription)

    • sync

      public <T> T sync(Supplier<CompletableFuture<T>> supplier)

    • resumeAsyncResponseExceptionally

      protected static void resumeAsyncResponseExceptionally(javax.ws.rs.container.AsyncResponse asyncResponse, Throwable exception)