[ISSUE #8102]🐛Preserve ACL permission denied semantics#8103
Conversation
|
🔊@mxsm 🚀Thanks for your contribution🎉! 💡CodeRabbit(AI) will review your code first🔥! Note 🚨The code review suggestions from CodeRabbit are to be used as a reference only, and the PR submitter can decide whether to make changes based on their own judgment. Ultimately, the project management personnel will conduct the final code review💥. |
|
Important Review skippedAuto incremental reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
WalkthroughThe conversion of ChangesError mapping fix
Estimated code review effort: 1 (Trivial) | ~3 minutes Possibly related PRs
Suggested reviewers: Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #8103 +/- ##
==========================================
+ Coverage 70.15% 70.44% +0.29%
==========================================
Files 1259 1261 +2
Lines 280708 282344 +1636
==========================================
+ Hits 196923 198903 +1980
+ Misses 83785 83441 -344 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
rocketmq-rust-bot
left a comment
There was a problem hiding this comment.
LGTM - All CI checks passed ✅
Which Issue(s) This PR Fixes(Closes)
Brief Description
Map
AuthorizationError::PermissionDeniedtoRocketMQError::BrokerPermissionDeniedinstead of an authentication authorization failure. This preserves ACL denial semantics for proxy auth, remoting auth, and gRPC status mapping so authenticated users without permissions receive forbidden responses.The auth unit test expectation was updated to match the central error category used by the proxy regression tests.
How Did You Test This Change?
cargo test -p rocketmq-auth --lib test_authorization_error_rocketmq_mapping_categories -- --nocapturecargo test -p rocketmq-proxy --lib -- --nocapturecargo fmt --allcargo clippy --workspace --no-deps --all-targets --all-features -- -D warningscargo fmt --all --checkgit diff --checkSummary by CodeRabbit