Java Code Examples for org.apache.kafka.common.resource.ResourceType#TOPIC
The following examples show how to use
org.apache.kafka.common.resource.ResourceType#TOPIC .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AccessControlManagerIT.java From kafka-topology-builder with MIT License | 6 votes |
|
private void verifyControlCenterAcls(Platform platform)
throws ExecutionException, InterruptedException {
List<ControlCenter> c3List = platform.getControlCenter();
for (ControlCenter c3 : c3List) {
ResourcePatternFilter resourceFilter =
new ResourcePatternFilter(ResourceType.TOPIC, null, PatternType.ANY);
AccessControlEntryFilter entryFilter =
new AccessControlEntryFilter(
c3.getPrincipal(), null, AclOperation.ANY, AclPermissionType.ALLOW);
AclBindingFilter filter = new AclBindingFilter(resourceFilter, entryFilter);
Collection<AclBinding> acls = kafkaAdminClient.describeAcls(filter).values().get();
Assert.assertEquals(16, acls.size());
}
}
Example 2
| Source File: SimpleAclRuleResourceTest.java From strimzi-kafka-operator with Apache License 2.0 | 6 votes |
|
@Test
public void testFromCrdToKafkaResourcePatternForTopicResource() {
// Regular group
AclRuleResource resource = new AclRuleTopicResourceBuilder()
.withName("my-topic")
.withPatternType(AclResourcePatternType.LITERAL)
.build();
ResourcePattern expectedKafkaTopicResourcePattern = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
assertThat(SimpleAclRuleResource.fromCrd(resource).toKafkaResourcePattern(), is(expectedKafkaTopicResourcePattern));
// Prefixed topic
resource = new AclRuleTopicResourceBuilder()
.withName("my-")
.withPatternType(AclResourcePatternType.PREFIX)
.build();
expectedKafkaTopicResourcePattern = new ResourcePattern(ResourceType.TOPIC, "my-", PatternType.PREFIXED);
assertThat(SimpleAclRuleResource.fromCrd(resource).toKafkaResourcePattern(), is(expectedKafkaTopicResourcePattern));
}
Example 3
| Source File: SimpleAclOperatorTest.java From strimzi-kafka-operator with Apache License 2.0 | 5 votes |
|
@Test
public void testGetUsersFromAcls(VertxTestContext context) {
Admin mockAdminClient = mock(AdminClient.class);
SimpleAclOperator aclOp = new SimpleAclOperator(vertx, mockAdminClient);
ResourcePattern res1 = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
ResourcePattern res2 = new ResourcePattern(ResourceType.GROUP, "my-group", PatternType.LITERAL);
KafkaPrincipal foo = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "CN=foo");
AclBinding fooAclBinding = new AclBinding(res1, new AccessControlEntry(foo.toString(), "*",
org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
KafkaPrincipal bar = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "CN=bar");
AclBinding barAclBinding = new AclBinding(res1, new AccessControlEntry(bar.toString(), "*",
org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
KafkaPrincipal baz = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "baz");
AclBinding bazAclBinding = new AclBinding(res2, new AccessControlEntry(baz.toString(), "*",
org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
KafkaPrincipal all = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "*");
AclBinding allAclBinding = new AclBinding(res1, new AccessControlEntry(all.toString(), "*",
org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
KafkaPrincipal anonymous = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "ANONYMOUS");
AclBinding anonymousAclBinding = new AclBinding(res2, new AccessControlEntry(anonymous.toString(), "*",
org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
Collection<AclBinding> aclBindings =
asList(fooAclBinding, barAclBinding, bazAclBinding, allAclBinding, anonymousAclBinding);
assertDoesNotThrow(() -> mockDescribeAcls(mockAdminClient, AclBindingFilter.ANY, aclBindings));
assertThat(aclOp.getUsersWithAcls(), is(new HashSet<>(asList("foo", "bar", "baz"))));
context.completeNow();
}
Example 4
| Source File: SimpleAclOperatorTest.java From strimzi-kafka-operator with Apache License 2.0 | 5 votes |
|
@Test
public void testReconcileInternalDelete(VertxTestContext context) {
Admin mockAdminClient = mock(AdminClient.class);
SimpleAclOperator aclOp = new SimpleAclOperator(vertx, mockAdminClient);
ResourcePattern resource = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
KafkaPrincipal foo = new KafkaPrincipal("User", "CN=foo");
AclBinding readAclBinding = new AclBinding(resource, new AccessControlEntry(foo.toString(), "*", org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
ArgumentCaptor<Collection<AclBindingFilter>> aclBindingFiltersCaptor = ArgumentCaptor.forClass(Collection.class);
assertDoesNotThrow(() -> {
mockDescribeAcls(mockAdminClient, null, Collections.singleton(readAclBinding));
mockDeleteAcls(mockAdminClient, Collections.singleton(readAclBinding), aclBindingFiltersCaptor);
});
Checkpoint async = context.checkpoint();
aclOp.reconcile("CN=foo", null)
.onComplete(context.succeeding(rr -> context.verify(() -> {
Collection<AclBindingFilter> capturedAclBindingFilters = aclBindingFiltersCaptor.getValue();
assertThat(capturedAclBindingFilters, hasSize(1));
assertThat(capturedAclBindingFilters, hasItem(readAclBinding.toFilter()));
Set<ResourcePatternFilter> capturedResourcePatternFilters =
capturedAclBindingFilters.stream().map(AclBindingFilter::patternFilter).collect(Collectors.toSet());
assertThat(capturedResourcePatternFilters, hasSize(1));
assertThat(capturedResourcePatternFilters, hasItem(resource.toFilter()));
async.flag();
})));
}
Example 5
| Source File: SimpleAclRuleResourceTest.java From strimzi-kafka-operator with Apache License 2.0 | 5 votes |
|
@Test
public void testToKafkaResourcePatternForTopicResource() {
// Regular topic
SimpleAclRuleResource topicResourceRules = new SimpleAclRuleResource("my-topic", SimpleAclRuleResourceType.TOPIC, AclResourcePatternType.LITERAL);
ResourcePattern expectedKafkaResourcePattern = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
assertThat(topicResourceRules.toKafkaResourcePattern(), is(expectedKafkaResourcePattern));
// Prefixed topic
topicResourceRules = new SimpleAclRuleResource("my-", SimpleAclRuleResourceType.TOPIC, AclResourcePatternType.PREFIX);
expectedKafkaResourcePattern = new ResourcePattern(ResourceType.TOPIC, "my-", PatternType.PREFIXED);
assertThat(topicResourceRules.toKafkaResourcePattern(), is(expectedKafkaResourcePattern));
}
Example 6
| Source File: SimpleAclRuleResourceTest.java From strimzi-kafka-operator with Apache License 2.0 | 5 votes |
|
@Test
public void testFromKafkaResourcePatternWithTopicResource() {
// Regular topic
ResourcePattern kafkaTopicResourcePattern = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
SimpleAclRuleResource expectedTopicResourceRules = new SimpleAclRuleResource("my-topic", SimpleAclRuleResourceType.TOPIC, AclResourcePatternType.LITERAL);
assertThat(SimpleAclRuleResource.fromKafkaResourcePattern(kafkaTopicResourcePattern), is(expectedTopicResourceRules));
// Prefixed topic
kafkaTopicResourcePattern = new ResourcePattern(ResourceType.TOPIC, "my-", PatternType.PREFIXED);
expectedTopicResourceRules = new SimpleAclRuleResource("my-", SimpleAclRuleResourceType.TOPIC, AclResourcePatternType.PREFIX);
assertThat(SimpleAclRuleResource.fromKafkaResourcePattern(kafkaTopicResourcePattern), is(expectedTopicResourceRules));
}
Example 7
| Source File: SimpleAclRuleResourceTest.java From strimzi-kafka-operator with Apache License 2.0 | 5 votes |
|
@Test
public void testFromKafkaResourcePatternToKafkaResourcePatternRoundTripForTopicResource() {
// Regular topic
ResourcePattern kafka = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
assertThat(SimpleAclRuleResource.fromKafkaResourcePattern(kafka).toKafkaResourcePattern(), is(kafka));
// Prefixed topic
kafka = new ResourcePattern(ResourceType.TOPIC, "my-", PatternType.PREFIXED);
assertThat(SimpleAclRuleResource.fromKafkaResourcePattern(kafka).toKafkaResourcePattern(), is(kafka));
}
Example 8
| Source File: AccessControlManagerIT.java From kafka-topology-builder with MIT License | 4 votes |
|
private void verifySchemaRegistryAcls(Platform platform)
throws ExecutionException, InterruptedException {
List<SchemaRegistry> srs = platform.getSchemaRegistry();
for (SchemaRegistry sr : srs) {
ResourcePatternFilter resourceFilter =
new ResourcePatternFilter(ResourceType.TOPIC, null, PatternType.ANY);
AccessControlEntryFilter entryFilter =
new AccessControlEntryFilter(
sr.getPrincipal(), null, AclOperation.ANY, AclPermissionType.ALLOW);
AclBindingFilter filter = new AclBindingFilter(resourceFilter, entryFilter);
Collection<AclBinding> acls = kafkaAdminClient.describeAcls(filter).values().get();
Assert.assertEquals(3, acls.size());
}
}
Example 9
| Source File: SimpleAclOperatorTest.java From strimzi-kafka-operator with Apache License 2.0 | 4 votes |
|
@Test
public void testReconcileInternalCreateAddsAclsToAuthorizer(VertxTestContext context) {
Admin mockAdminClient = mock(AdminClient.class);
SimpleAclOperator aclOp = new SimpleAclOperator(vertx, mockAdminClient);
ResourcePattern resource1 = new ResourcePattern(ResourceType.CLUSTER, "kafka-cluster", PatternType.LITERAL);
ResourcePattern resource2 = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
KafkaPrincipal foo = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "CN=foo");
AclBinding describeAclBinding = new AclBinding(resource1, new AccessControlEntry(foo.toString(), "*",
org.apache.kafka.common.acl.AclOperation.DESCRIBE, AclPermissionType.ALLOW));
AclBinding readAclBinding = new AclBinding(resource2, new AccessControlEntry(foo.toString(), "*",
org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
AclBinding writeAclBinding = new AclBinding(resource2, new AccessControlEntry(foo.toString(), "*",
org.apache.kafka.common.acl.AclOperation.WRITE, AclPermissionType.ALLOW));
SimpleAclRuleResource ruleResource1 = new SimpleAclRuleResource("kafka-cluster", SimpleAclRuleResourceType.CLUSTER, AclResourcePatternType.LITERAL);
SimpleAclRuleResource ruleResource2 = new SimpleAclRuleResource("my-topic", SimpleAclRuleResourceType.TOPIC, AclResourcePatternType.LITERAL);
SimpleAclRule resource1DescribeRule = new SimpleAclRule(AclRuleType.ALLOW, ruleResource1, "*", AclOperation.DESCRIBE);
SimpleAclRule resource2ReadRule = new SimpleAclRule(AclRuleType.ALLOW, ruleResource2, "*", AclOperation.READ);
SimpleAclRule resource2WriteRule = new SimpleAclRule(AclRuleType.ALLOW, ruleResource2, "*", AclOperation.WRITE);
ArgumentCaptor<Collection<AclBinding>> aclBindingsCaptor = ArgumentCaptor.forClass(Collection.class);
assertDoesNotThrow(() -> {
mockDescribeAcls(mockAdminClient, null, emptyList());
mockCreateAcls(mockAdminClient, aclBindingsCaptor);
});
Checkpoint async = context.checkpoint();
aclOp.reconcile("CN=foo", new LinkedHashSet<>(asList(resource2ReadRule, resource2WriteRule, resource1DescribeRule)))
.onComplete(context.succeeding(rr -> context.verify(() -> {
Collection<AclBinding> capturedAclBindings = aclBindingsCaptor.getValue();
assertThat(capturedAclBindings, hasSize(3));
assertThat(capturedAclBindings, hasItems(describeAclBinding, readAclBinding, writeAclBinding));
Set<ResourcePattern> capturedResourcePatterns =
capturedAclBindings.stream().map(AclBinding::pattern).collect(Collectors.toSet());
assertThat(capturedResourcePatterns, hasSize(2));
assertThat(capturedResourcePatterns, hasItems(resource1, resource2));
async.flag();
})));
}
Example 10
| Source File: SimpleAclOperatorTest.java From strimzi-kafka-operator with Apache License 2.0 | 4 votes |
|
@Test
public void testReconcileInternalUpdateCreatesNewAclsAndDeletesOldAcls(VertxTestContext context) {
Admin mockAdminClient = mock(AdminClient.class);
SimpleAclOperator aclOp = new SimpleAclOperator(vertx, mockAdminClient);
ResourcePattern resource1 = new ResourcePattern(ResourceType.TOPIC, "my-topic", PatternType.LITERAL);
ResourcePattern resource2 = new ResourcePattern(ResourceType.TOPIC, "my-topic2", PatternType.LITERAL);
KafkaPrincipal foo = new KafkaPrincipal(KafkaPrincipal.USER_TYPE, "CN=foo");
AclBinding readAclBinding = new AclBinding(resource1, new AccessControlEntry(foo.toString(), "*", org.apache.kafka.common.acl.AclOperation.READ, AclPermissionType.ALLOW));
AclBinding writeAclBinding = new AclBinding(resource2, new AccessControlEntry(foo.toString(), "*", org.apache.kafka.common.acl.AclOperation.WRITE, AclPermissionType.ALLOW));
SimpleAclRuleResource resource = new SimpleAclRuleResource("my-topic2", SimpleAclRuleResourceType.TOPIC, AclResourcePatternType.LITERAL);
SimpleAclRule rule1 = new SimpleAclRule(AclRuleType.ALLOW, resource, "*", AclOperation.WRITE);
ArgumentCaptor<Collection<AclBinding>> aclBindingsCaptor = ArgumentCaptor.forClass(Collection.class);
ArgumentCaptor<Collection<AclBindingFilter>> aclBindingFiltersCaptor = ArgumentCaptor.forClass(Collection.class);
assertDoesNotThrow(() -> {
mockDescribeAcls(mockAdminClient, null, Collections.singleton(readAclBinding));
mockCreateAcls(mockAdminClient, aclBindingsCaptor);
mockDeleteAcls(mockAdminClient, Collections.singleton(readAclBinding), aclBindingFiltersCaptor);
});
Checkpoint async = context.checkpoint();
aclOp.reconcile("CN=foo", new LinkedHashSet(asList(rule1)))
.onComplete(context.succeeding(rr -> context.verify(() -> {
// Create Write rule for resource 2
Collection<AclBinding> capturedAclBindings = aclBindingsCaptor.getValue();
assertThat(capturedAclBindings, hasSize(1));
assertThat(capturedAclBindings, hasItem(writeAclBinding));
Set<ResourcePattern> capturedResourcePatterns =
capturedAclBindings.stream().map(AclBinding::pattern).collect(Collectors.toSet());
assertThat(capturedResourcePatterns, hasSize(1));
assertThat(capturedResourcePatterns, hasItem(resource2));
// Delete read rule for resource 1
Collection<AclBindingFilter> capturedAclBindingFilters = aclBindingFiltersCaptor.getValue();
assertThat(capturedAclBindingFilters, hasSize(1));
assertThat(capturedAclBindingFilters, hasItem(readAclBinding.toFilter()));
Set<ResourcePatternFilter> capturedResourcePatternFilters =
capturedAclBindingFilters.stream().map(AclBindingFilter::patternFilter).collect(Collectors.toSet());
assertThat(capturedResourcePatternFilters, hasSize(1));
assertThat(capturedResourcePatternFilters, hasItem(resource1.toFilter()));
async.flag();
})));
}
