Closed damien-malescot closed 2 years ago
This makes complete sense @damien-malescot, thanks a lot for your issue. This should be now fixed with the introduction of #515, this will be released in the next release. Thanks again for your contribution.
This makes complete sense @damien-malescot, thanks a lot for your issue. This should be now fixed with the introduction of #515, this will be released in the next release. Thanks again for your contribution.
Thanks, you are very reactive 😉
Describe the bug When we configure topology.acls.optimized=true RBAC bindings are set in mode PREFIXED like this : **context.source.projectName***
In some contexts, bindings can be too permissive, for example if with have 2 projects with the same starting name :
In this example, consumer's in first project (context.source.foo) can read topics in the seconds (context.source.foobar)
To Reproduce Create 2 topologies with a same project's starting name. Apply topology
Expected behavior Authorizations of each projects are separated
Additional context Quick correction could be to add a dot at the end of bindings :