add auth

2021-09-03 19:20:02 +08:00
parent b347566dad
commit 4d26a97b63
8 changed files with 240 additions and 8 deletions
--- a/src/main/java/com/xuxd/kafka/console/beans/dto/AddAuthDTO.java
+++ b/src/main/java/com/xuxd/kafka/console/beans/dto/AddAuthDTO.java
@@ -0,0 +1,37 @@
+package com.xuxd.kafka.console.beans.dto;
+
+import com.xuxd.kafka.console.beans.AclEntry;
+import lombok.Data;
+
+/**
+ * kafka-console-ui.
+ *
+ * @author xuxd
+ * @date 2021-09-03 19:07:11
+ **/
+@Data
+public class AddAuthDTO {
+
+    private String resourceType;
+
+    private String resourceName = null;
+
+    private String username = null;
+
+    private String host;
+
+    private String operation;
+
+    private String permissionType;
+
+    public AclEntry toAclEntry() {
+        AclEntry entry = new AclEntry();
+        entry.setResourceType(resourceType);
+        entry.setName(resourceName);
+        entry.setPrincipal(username);
+        entry.setHost(host);
+        entry.setOperation(operation);
+        entry.setPermissionType(permissionType);
+        return entry;
+    }
+}
--- a/src/main/java/com/xuxd/kafka/console/controller/AclAuthController.java
+++ b/src/main/java/com/xuxd/kafka/console/controller/AclAuthController.java
@@ -1,6 +1,7 @@
 package com.xuxd.kafka.console.controller;

 import com.xuxd.kafka.console.beans.AclEntry;
+import com.xuxd.kafka.console.beans.dto.AddAuthDTO;
 import com.xuxd.kafka.console.beans.dto.ConsumerAuthDTO;
 import com.xuxd.kafka.console.beans.dto.DeleteAclDTO;
 import com.xuxd.kafka.console.beans.dto.ProducerAuthDTO;
@@ -32,14 +33,19 @@ public class AclAuthController {
        return aclService.getAclList();
    }

+    @GetMapping("/operation/list")
+    public Object getAclOperationList() {
+        return aclService.getOperationList();
+    }
+
    @PostMapping("/list")
    public Object getAclList(@RequestBody QueryAclDTO param) {
        return aclService.getAclList(param.toEntry());
    }

    @PostMapping
-    public Object addAcl(@RequestBody AclEntry entry) {
-        return aclService.addAcl(entry);
+    public Object addAcl(@RequestBody AddAuthDTO param) {
+        return aclService.addAcl(param.toAclEntry());
    }

    /**
--- a/src/main/java/com/xuxd/kafka/console/service/AclService.java
+++ b/src/main/java/com/xuxd/kafka/console/service/AclService.java
@@ -38,4 +38,6 @@ public interface AclService {

    ResponseData deleteUserAcl(AclEntry entry);

+    ResponseData getOperationList();
+
 }
--- a/src/main/java/com/xuxd/kafka/console/service/impl/AclServiceImpl.java
+++ b/src/main/java/com/xuxd/kafka/console/service/impl/AclServiceImpl.java
@@ -6,6 +6,7 @@ import com.xuxd.kafka.console.beans.CounterMap;
 import com.xuxd.kafka.console.beans.ResponseData;
 import com.xuxd.kafka.console.config.KafkaConfig;
 import com.xuxd.kafka.console.service.AclService;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -18,6 +19,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.kafka.clients.admin.UserScramCredentialsDescription;
 import org.apache.kafka.common.acl.AclBinding;
+import org.apache.kafka.common.acl.AclOperation;
 import org.springframework.beans.factory.SmartInitializingSingleton;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -59,16 +61,16 @@ public class AclServiceImpl implements AclService, SmartInitializingSingleton {
    @Override public ResponseData deleteUser(String name) {
        log.info("delete user: {}", name);
        Tuple2<Object, String> tuple2 = configConsole.deleteUser(name);
-        return (boolean)tuple2._1() ? ResponseData.create().success() : ResponseData.create().failed(tuple2._2());
+        return (boolean) tuple2._1() ? ResponseData.create().success() : ResponseData.create().failed(tuple2._2());
    }

    @Override public ResponseData deleteUserAndAuth(String name) {
        log.info("delete user and authority: {}", name);
        AclEntry entry = new AclEntry();
        entry.setPrincipal(name);
-        if ( aclConsole.deleteUserAcl(entry)) {
+        if (aclConsole.deleteUserAcl(entry)) {
            Tuple2<Object, String> delUR = configConsole.deleteUser(name);
-            if (!((boolean)delUR._1())) {
+            if (!((boolean) delUR._1())) {
                return ResponseData.create().failed("用户权限删除成功，但是用户信息删除失败: " + delUR._2());
            }
        } else {
@@ -148,6 +150,11 @@ public class AclServiceImpl implements AclService, SmartInitializingSingleton {
        return aclConsole.deleteUserAcl(entry) ? ResponseData.create().success() : ResponseData.create().failed();
    }

+    @Override public ResponseData getOperationList() {
+        Set<String> operations = Arrays.stream(AclOperation.values()).filter(o -> o != AclOperation.ANY && o != AclOperation.UNKNOWN).map(AclOperation::name).collect(Collectors.toSet());
+        return ResponseData.create().data(operations).success();
+    }
+
    @Override public void afterSingletonsInstantiated() {
        if (kafkaConfig.isAdminCreate()) {
            log.info("Start create admin user, username: {}, password: {}", kafkaConfig.getAdminUsername(), kafkaConfig.getAdminPassword());