isApiAllowed
public boolean isApiAllowed(org.apache.kafka.common.protocol.ApiKeys api)
Check whether an API is supported. Internal broker and ACL APIs are not allowed through the
interceptor. There is no reason to expose the former and the latter requires finer-grained
authorization handling than is currently possible. In particular, we need to restrict the
resource types that the user is allowed to modify, but this cannot be done through an ACL
(the CreateAcl API is only authorized by Alter(Cluster)), and cannot be done through the
interceptor itself unless we're willing to fail the full request.