From ffff9640073fc5a09a51da96b76b785f555859f6 Mon Sep 17 00:00:00 2001 From: iliax Date: Tue, 14 Mar 2023 00:04:29 +0400 Subject: [PATCH] PR updated --- .../kafka/ui/mapper/ClusterMapper.java | 35 ++++++++++++++++--- .../kafka/ui/model/rbac/AccessContext.java | 2 +- .../kafka/ui/model/rbac/Permission.java | 2 ++ .../kafka/ui/service/FeatureService.java | 2 +- .../kafka/ui/service/ReactiveAdminClient.java | 12 +------ .../provectus/kafka/ui/util/KafkaVersion.java | 11 +++--- .../main/resources/swagger/kafka-ui-api.yaml | 9 +++-- 7 files changed, 47 insertions(+), 26 deletions(-) diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/mapper/ClusterMapper.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/mapper/ClusterMapper.java index b8721f6332..5bd817ee40 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/mapper/ClusterMapper.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/mapper/ClusterMapper.java @@ -117,8 +117,35 @@ public interface ClusterMapper { return brokerDiskUsage; } - default DataMasking map(List maskingProperties) { - return DataMasking.create(maskingProperties); + static KafkaAclDTO.OperationEnum mapAclOperation(AclOperation operation) { + return switch (operation) { + case ALL -> KafkaAclDTO.OperationEnum.ALL; + case READ -> KafkaAclDTO.OperationEnum.READ; + case WRITE -> KafkaAclDTO.OperationEnum.WRITE; + case CREATE -> KafkaAclDTO.OperationEnum.CREATE; + case DELETE -> KafkaAclDTO.OperationEnum.DELETE; + case ALTER -> KafkaAclDTO.OperationEnum.ALTER; + case DESCRIBE -> KafkaAclDTO.OperationEnum.DESCRIBE; + case CLUSTER_ACTION -> KafkaAclDTO.OperationEnum.CLUSTER_ACTION; + case DESCRIBE_CONFIGS -> KafkaAclDTO.OperationEnum.DESCRIBE_CONFIGS; + case ALTER_CONFIGS -> KafkaAclDTO.OperationEnum.ALTER_CONFIGS; + case IDEMPOTENT_WRITE -> KafkaAclDTO.OperationEnum.IDEMPOTENT_WRITE; + case CREATE_TOKENS -> KafkaAclDTO.OperationEnum.CREATE_TOKENS; + case DESCRIBE_TOKENS -> KafkaAclDTO.OperationEnum.DESCRIBE_TOKENS; + case ANY, UNKNOWN -> KafkaAclDTO.OperationEnum.UNKNOWN; + }; + } + + static KafkaAclDTO.ResourceTypeEnum mapAclResourceType(ResourceType resourceType) { + return switch (resourceType) { + case CLUSTER -> KafkaAclDTO.ResourceTypeEnum.CLUSTER; + case TOPIC -> KafkaAclDTO.ResourceTypeEnum.TOPIC; + case GROUP -> KafkaAclDTO.ResourceTypeEnum.GROUP; + case DELEGATION_TOKEN -> KafkaAclDTO.ResourceTypeEnum.DELEGATION_TOKEN; + case TRANSACTIONAL_ID -> KafkaAclDTO.ResourceTypeEnum.TRANSACTIONAL_ID; + case USER -> KafkaAclDTO.ResourceTypeEnum.USER; + case ANY, UNKNOWN -> KafkaAclDTO.ResourceTypeEnum.UNKNOWN; + }; } static AclBinding toAclBinding(KafkaAclDTO dto) { @@ -141,12 +168,12 @@ public interface ClusterMapper { var pattern = binding.pattern(); var filter = binding.toFilter().entryFilter(); return new KafkaAclDTO() - .resourceType(KafkaAclDTO.ResourceTypeEnum.fromValue(pattern.resourceType().name())) + .resourceType(mapAclResourceType(pattern.resourceType())) .resourceName(pattern.name()) .namePatternType(KafkaAclDTO.NamePatternTypeEnum.fromValue(pattern.patternType().name())) .principal(filter.principal()) .host(filter.host()) - .operation(KafkaAclDTO.OperationEnum.fromValue(filter.operation().name())) + .operation(mapAclOperation(filter.operation())) .permission(KafkaAclDTO.PermissionEnum.fromValue(filter.permissionType().name())); } diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/AccessContext.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/AccessContext.java index ff2f3f1e97..45858093a7 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/AccessContext.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/AccessContext.java @@ -1,7 +1,7 @@ package com.provectus.kafka.ui.model.rbac; -import com.provectus.kafka.ui.model.rbac.permission.ApplicationConfigAction; import com.provectus.kafka.ui.model.rbac.permission.AclAction; +import com.provectus.kafka.ui.model.rbac.permission.ApplicationConfigAction; import com.provectus.kafka.ui.model.rbac.permission.ClusterConfigAction; import com.provectus.kafka.ui.model.rbac.permission.ConnectAction; import com.provectus.kafka.ui.model.rbac.permission.ConsumerGroupAction; diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/Permission.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/Permission.java index 837f9008f3..9b0b4c163e 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/Permission.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/Permission.java @@ -3,6 +3,7 @@ package com.provectus.kafka.ui.model.rbac; import static com.provectus.kafka.ui.model.rbac.Resource.CLUSTERCONFIG; import static com.provectus.kafka.ui.model.rbac.Resource.KSQL; +import com.provectus.kafka.ui.model.rbac.permission.AclAction; import com.provectus.kafka.ui.model.rbac.permission.ApplicationConfigAction; import com.provectus.kafka.ui.model.rbac.permission.ClusterConfigAction; import com.provectus.kafka.ui.model.rbac.permission.ConnectAction; @@ -73,6 +74,7 @@ public class Permission { case SCHEMA -> Arrays.stream(SchemaAction.values()).map(Enum::toString).toList(); case CONNECT -> Arrays.stream(ConnectAction.values()).map(Enum::toString).toList(); case KSQL -> Arrays.stream(KsqlAction.values()).map(Enum::toString).toList(); + case ACL -> Arrays.stream(AclAction.values()).map(Enum::toString).toList(); }; } diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/FeatureService.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/FeatureService.java index e08b5a746a..c3d77eb87a 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/FeatureService.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/FeatureService.java @@ -68,7 +68,7 @@ public class FeatureService { private Mono acl(KafkaCluster cluster) { return adminClientService.get(cluster).flatMap( - ac -> ac.getClusterFeatures().contains(SupportedFeature.AUTHORIZED_SECURITY_ENABLED) + ac -> ac.getClusterFeatures().contains(ReactiveAdminClient.SupportedFeature.AUTHORIZED_SECURITY_ENABLED) ? Mono.just(ClusterFeature.KAFKA_ACL) : Mono.empty() ); diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/ReactiveAdminClient.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/ReactiveAdminClient.java index e8bca34807..ce08f9062e 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/ReactiveAdminClient.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/ReactiveAdminClient.java @@ -107,10 +107,6 @@ public class ReactiveAdminClient implements Closeable { .map(Tuple2::getT1) .collect(Collectors.toSet()); } - - static Set defaultFeatures() { - return Set.of(); - } } @Value @@ -131,13 +127,7 @@ public class ReactiveAdminClient implements Closeable { } private static Mono> getSupportedUpdateFeaturesForVersion(AdminClient ac, String versionStr) { - Float kafkaVersion = null; - try { - float version = KafkaVersion.parse(versionStr); - return SupportedFeature.forVersion(version); - } catch (NumberFormatException e) { - return SupportedFeature.defaultFeatures(); - } + @Nullable Float kafkaVersion = KafkaVersion.parse(versionStr).orElse(null); return SupportedFeature.forVersion(ac, kafkaVersion); } diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaVersion.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaVersion.java index 48ff7ff121..fdbe96e88f 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaVersion.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaVersion.java @@ -1,23 +1,20 @@ package com.provectus.kafka.ui.util; -import lombok.experimental.UtilityClass; +import java.util.Optional; import lombok.extern.slf4j.Slf4j; -@UtilityClass @Slf4j public class KafkaVersion { - public static float parse(String version) throws NumberFormatException { - log.trace("Parsing cluster version [{}]", version); + public static Optional parse(String version) throws NumberFormatException { try { final String[] parts = version.split("\\."); if (parts.length > 2) { version = parts[0] + "." + parts[1]; } - return Float.parseFloat(version.split("-")[0]); + return Optional.of(Float.parseFloat(version.split("-")[0])); } catch (Exception e) { - log.error("Conversion clusterVersion [{}] to float value failed", version, e); - throw e; + return Optional.empty(); } } } diff --git a/kafka-ui-contract/src/main/resources/swagger/kafka-ui-api.yaml b/kafka-ui-contract/src/main/resources/swagger/kafka-ui-api.yaml index 1f994b0aff..e5bf7a3e2c 100644 --- a/kafka-ui-contract/src/main/resources/swagger/kafka-ui-api.yaml +++ b/kafka-ui-contract/src/main/resources/swagger/kafka-ui-api.yaml @@ -3420,11 +3420,13 @@ components: resourceType: type: string enum: + - UNKNOWN # Unknown operation, need to update mapping code on BE - TOPIC - GROUP - CLUSTER - TRANSACTIONAL_ID - - DELEGATION_TOPIC + - DELEGATION_TOKEN + - USER resourceName: type: string # "*" if acl can be applied to any resource of given type namePatternType: @@ -3439,6 +3441,7 @@ components: operation: type: string enum: + - UNKNOWN # Unknown operation, need to update mapping code on BE - ALL # Cluster, Topic, Group - READ # Topic, Group - WRITE # Topic, TransactionalId @@ -3449,7 +3452,9 @@ components: - CLUSTER_ACTION # Cluster - DESCRIBE_CONFIGS # Cluster, Topic - ALTER_CONFIGS # Cluster, Topic - - IDEMPOTENT_WRITE # - + - IDEMPOTENT_WRITE # Cluster + - CREATE_TOKENS + - DESCRIBE_TOKENS permission: type: string enum: