PR updated

kafka-ui-api/src/main/java/com/provectus/kafka/ui/mapper/ClusterMapper.java

@@ -117,8 +117,35 @@ public interface ClusterMapper {
     return brokerDiskUsage;
   }
 
-  default DataMasking map(List<ClustersProperties.Masking> maskingProperties) {
+  static KafkaAclDTO.OperationEnum mapAclOperation(AclOperation operation) {
-    return DataMasking.create(maskingProperties);
+    return switch (operation) {
+      case ALL -> KafkaAclDTO.OperationEnum.ALL;
+      case READ -> KafkaAclDTO.OperationEnum.READ;
+      case WRITE -> KafkaAclDTO.OperationEnum.WRITE;
+      case CREATE -> KafkaAclDTO.OperationEnum.CREATE;
+      case DELETE -> KafkaAclDTO.OperationEnum.DELETE;
+      case ALTER -> KafkaAclDTO.OperationEnum.ALTER;
+      case DESCRIBE -> KafkaAclDTO.OperationEnum.DESCRIBE;
+      case CLUSTER_ACTION -> KafkaAclDTO.OperationEnum.CLUSTER_ACTION;
+      case DESCRIBE_CONFIGS -> KafkaAclDTO.OperationEnum.DESCRIBE_CONFIGS;
+      case ALTER_CONFIGS -> KafkaAclDTO.OperationEnum.ALTER_CONFIGS;
+      case IDEMPOTENT_WRITE -> KafkaAclDTO.OperationEnum.IDEMPOTENT_WRITE;
+      case CREATE_TOKENS -> KafkaAclDTO.OperationEnum.CREATE_TOKENS;
+      case DESCRIBE_TOKENS -> KafkaAclDTO.OperationEnum.DESCRIBE_TOKENS;
+      case ANY, UNKNOWN -> KafkaAclDTO.OperationEnum.UNKNOWN;
+    };
+  }
+
+  static KafkaAclDTO.ResourceTypeEnum mapAclResourceType(ResourceType resourceType) {
+    return switch (resourceType) {
+      case CLUSTER -> KafkaAclDTO.ResourceTypeEnum.CLUSTER;
+      case TOPIC -> KafkaAclDTO.ResourceTypeEnum.TOPIC;
+      case GROUP -> KafkaAclDTO.ResourceTypeEnum.GROUP;
+      case DELEGATION_TOKEN -> KafkaAclDTO.ResourceTypeEnum.DELEGATION_TOKEN;
+      case TRANSACTIONAL_ID -> KafkaAclDTO.ResourceTypeEnum.TRANSACTIONAL_ID;
+      case USER -> KafkaAclDTO.ResourceTypeEnum.USER;
+      case ANY, UNKNOWN -> KafkaAclDTO.ResourceTypeEnum.UNKNOWN;
+    };
   }
 
   static AclBinding toAclBinding(KafkaAclDTO dto) {
@@ -141,12 +168,12 @@ public interface ClusterMapper {
     var pattern = binding.pattern();
     var filter = binding.toFilter().entryFilter();
     return new KafkaAclDTO()
-        .resourceType(KafkaAclDTO.ResourceTypeEnum.fromValue(pattern.resourceType().name()))
+        .resourceType(mapAclResourceType(pattern.resourceType()))
         .resourceName(pattern.name())
         .namePatternType(KafkaAclDTO.NamePatternTypeEnum.fromValue(pattern.patternType().name()))
         .principal(filter.principal())
         .host(filter.host())
-        .operation(KafkaAclDTO.OperationEnum.fromValue(filter.operation().name()))
+        .operation(mapAclOperation(filter.operation()))
         .permission(KafkaAclDTO.PermissionEnum.fromValue(filter.permissionType().name()));
   }
 

kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/AccessContext.java

@@ -1,7 +1,7 @@
 package com.provectus.kafka.ui.model.rbac;
 
-import com.provectus.kafka.ui.model.rbac.permission.ApplicationConfigAction;
 import com.provectus.kafka.ui.model.rbac.permission.AclAction;
+import com.provectus.kafka.ui.model.rbac.permission.ApplicationConfigAction;
 import com.provectus.kafka.ui.model.rbac.permission.ClusterConfigAction;
 import com.provectus.kafka.ui.model.rbac.permission.ConnectAction;
 import com.provectus.kafka.ui.model.rbac.permission.ConsumerGroupAction;

kafka-ui-api/src/main/java/com/provectus/kafka/ui/model/rbac/Permission.java

@@ -3,6 +3,7 @@ package com.provectus.kafka.ui.model.rbac;
 import static com.provectus.kafka.ui.model.rbac.Resource.CLUSTERCONFIG;
 import static com.provectus.kafka.ui.model.rbac.Resource.KSQL;
 
+import com.provectus.kafka.ui.model.rbac.permission.AclAction;
 import com.provectus.kafka.ui.model.rbac.permission.ApplicationConfigAction;
 import com.provectus.kafka.ui.model.rbac.permission.ClusterConfigAction;
 import com.provectus.kafka.ui.model.rbac.permission.ConnectAction;
@@ -73,6 +74,7 @@ public class Permission {
       case SCHEMA -> Arrays.stream(SchemaAction.values()).map(Enum::toString).toList();
       case CONNECT -> Arrays.stream(ConnectAction.values()).map(Enum::toString).toList();
       case KSQL -> Arrays.stream(KsqlAction.values()).map(Enum::toString).toList();
+      case ACL -> Arrays.stream(AclAction.values()).map(Enum::toString).toList();
     };
   }
 

kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/FeatureService.java

@@ -68,7 +68,7 @@ public class FeatureService {
 
   private Mono<ClusterFeature> acl(KafkaCluster cluster) {
     return adminClientService.get(cluster).flatMap(
-        ac -> ac.getClusterFeatures().contains(SupportedFeature.AUTHORIZED_SECURITY_ENABLED)
+        ac -> ac.getClusterFeatures().contains(ReactiveAdminClient.SupportedFeature.AUTHORIZED_SECURITY_ENABLED)
             ? Mono.just(ClusterFeature.KAFKA_ACL)
             : Mono.empty()
     );

kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/ReactiveAdminClient.java

@@ -107,10 +107,6 @@ public class ReactiveAdminClient implements Closeable {
           .map(Tuple2::getT1)
           .collect(Collectors.toSet());
     }
-
-    static Set<SupportedFeature> defaultFeatures() {
-      return Set.of();
-    }
   }
 
   @Value
@@ -131,13 +127,7 @@ public class ReactiveAdminClient implements Closeable {
   }
 
   private static Mono<Set<SupportedFeature>> getSupportedUpdateFeaturesForVersion(AdminClient ac, String versionStr) {
-    Float kafkaVersion = null;
+    @Nullable Float kafkaVersion = KafkaVersion.parse(versionStr).orElse(null);
-    try {
-      float version = KafkaVersion.parse(versionStr);
-      return SupportedFeature.forVersion(version);
-    } catch (NumberFormatException e) {
-      return SupportedFeature.defaultFeatures();
-    }
     return SupportedFeature.forVersion(ac, kafkaVersion);
   }
 

kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/KafkaVersion.java

@@ -1,23 +1,20 @@
 package com.provectus.kafka.ui.util;
 
-import lombok.experimental.UtilityClass;
+import java.util.Optional;
 import lombok.extern.slf4j.Slf4j;
 
-@UtilityClass
 @Slf4j
 public class KafkaVersion {
 
-  public static float parse(String version) throws NumberFormatException {
+  public static Optional<Float> parse(String version) throws NumberFormatException {
-    log.trace("Parsing cluster version [{}]", version);
     try {
       final String[] parts = version.split("\\.");
       if (parts.length > 2) {
         version = parts[0] + "." + parts[1];
       }
-      return Float.parseFloat(version.split("-")[0]);
+      return Optional.of(Float.parseFloat(version.split("-")[0]));
     } catch (Exception e) {
-      log.error("Conversion clusterVersion [{}] to float value failed", version, e);
+      return Optional.empty();
-      throw e;
     }
   }
 }

kafka-ui-contract/src/main/resources/swagger/kafka-ui-api.yaml

@@ -3420,11 +3420,13 @@ components:
         resourceType:
           type: string
           enum:
+            - UNKNOWN # Unknown operation, need to update mapping code on BE
             - TOPIC
             - GROUP
             - CLUSTER
             - TRANSACTIONAL_ID
-            - DELEGATION_TOPIC
+            - DELEGATION_TOKEN
+            - USER
         resourceName:
           type: string # "*" if acl can be applied to any resource of given type
         namePatternType:
@@ -3439,6 +3441,7 @@ components:
         operation:
           type: string
           enum:
+            - UNKNOWN # Unknown operation, need to update mapping code on BE
             - ALL # Cluster, Topic, Group
             - READ  # Topic, Group
             - WRITE # Topic, TransactionalId
@@ -3449,7 +3452,9 @@ components:
             - CLUSTER_ACTION # Cluster
             - DESCRIBE_CONFIGS # Cluster, Topic
             - ALTER_CONFIGS   # Cluster, Topic
-            - IDEMPOTENT_WRITE # -
+            - IDEMPOTENT_WRITE # Cluster
+            - CREATE_TOKENS
+            - DESCRIBE_TOKENS
         permission:
           type: string
           enum: