没有编辑权限，隐藏集群属性;打印全部操作日志.

2023-08-20 20:04:47 +08:00
parent b529dc313e
commit f5b27d9b40
18 changed files with 159 additions and 19 deletions
--- a/src/main/java/com/xuxd/kafka/console/service/impl/ClusterServiceImpl.java
+++ b/src/main/java/com/xuxd/kafka/console/service/impl/ClusterServiceImpl.java
@@ -3,15 +3,14 @@ package com.xuxd.kafka.console.service.impl;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.xuxd.kafka.console.beans.BrokerNode;
 import com.xuxd.kafka.console.beans.ClusterInfo;
+import com.xuxd.kafka.console.beans.Credentials;
 import com.xuxd.kafka.console.beans.ResponseData;
 import com.xuxd.kafka.console.beans.dos.ClusterInfoDO;
 import com.xuxd.kafka.console.beans.vo.BrokerApiVersionVO;
 import com.xuxd.kafka.console.beans.vo.ClusterInfoVO;
 import com.xuxd.kafka.console.dao.ClusterInfoMapper;
+import com.xuxd.kafka.console.filter.CredentialsContext;
 import com.xuxd.kafka.console.service.ClusterService;
-
-import java.util.*;
-import java.util.stream.Collectors;
 import kafka.console.ClusterConsole;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections.CollectionUtils;
@@ -21,6 +20,9 @@ import org.apache.kafka.common.Node;
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.stereotype.Service;

+import java.util.*;
+import java.util.stream.Collectors;
+
 /**
 * kafka-console-ui.
 *
@@ -36,12 +38,13 @@ public class ClusterServiceImpl implements ClusterService {
    private final ClusterInfoMapper clusterInfoMapper;

    public ClusterServiceImpl(ObjectProvider<ClusterConsole> clusterConsole,
-        ObjectProvider<ClusterInfoMapper> clusterInfoMapper) {
+                              ObjectProvider<ClusterInfoMapper> clusterInfoMapper) {
        this.clusterConsole = clusterConsole.getIfAvailable();
        this.clusterInfoMapper = clusterInfoMapper.getIfAvailable();
    }

-    @Override public ResponseData getClusterInfo() {
+    @Override
+    public ResponseData getClusterInfo() {
        ClusterInfo clusterInfo = clusterConsole.clusterInfo();
        Set<BrokerNode> nodes = clusterInfo.getNodes();
        if (nodes == null) {
@@ -52,12 +55,22 @@ public class ClusterServiceImpl implements ClusterService {
        return ResponseData.create().data(clusterInfo).success();
    }

-    @Override public ResponseData getClusterInfoList() {
+    @Override
+    public ResponseData getClusterInfoList() {
+        // 如果开启权限管理，当前用户没有集群切换->集群信息的编辑权限，隐藏集群的属性信息，避免ACL属性暴露出来
+        Credentials credentials = CredentialsContext.get();
        return ResponseData.create().data(clusterInfoMapper.selectList(null)
-            .stream().map(ClusterInfoVO::from).collect(Collectors.toList())).success();
+                .stream().map(e -> {
+                    ClusterInfoVO vo = ClusterInfoVO.from(e);
+                    if (credentials != null && credentials.isHideClusterProperty()) {
+                        vo.setProperties(Collections.emptyList());
+                    }
+                    return vo;
+                }).collect(Collectors.toList())).success();
    }

-    @Override public ResponseData addClusterInfo(ClusterInfoDO infoDO) {
+    @Override
+    public ResponseData addClusterInfo(ClusterInfoDO infoDO) {
        QueryWrapper<ClusterInfoDO> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("cluster_name", infoDO.getClusterName());
        if (clusterInfoMapper.selectCount(queryWrapper) > 0) {
@@ -67,12 +80,14 @@ public class ClusterServiceImpl implements ClusterService {
        return ResponseData.create().success();
    }

-    @Override public ResponseData deleteClusterInfo(Long id) {
+    @Override
+    public ResponseData deleteClusterInfo(Long id) {
        clusterInfoMapper.deleteById(id);
        return ResponseData.create().success();
    }

-    @Override public ResponseData updateClusterInfo(ClusterInfoDO infoDO) {
+    @Override
+    public ResponseData updateClusterInfo(ClusterInfoDO infoDO) {
        if (infoDO.getProperties() == null) {
            // null 的话不更新，这个是bug，设置为空字符串解决
            infoDO.setProperties("");
@@ -81,7 +96,8 @@ public class ClusterServiceImpl implements ClusterService {
        return ResponseData.create().success();
    }

-    @Override public ResponseData peekClusterInfo() {
+    @Override
+    public ResponseData peekClusterInfo() {
        List<ClusterInfoDO> dos = clusterInfoMapper.selectList(null);
        if (CollectionUtils.isEmpty(dos)) {
            return ResponseData.create().failed("No Cluster Info.");
@@ -89,7 +105,8 @@ public class ClusterServiceImpl implements ClusterService {
        return ResponseData.create().data(dos.stream().findFirst().map(ClusterInfoVO::from)).success();
    }

-    @Override public ResponseData getBrokerApiVersionInfo() {
+    @Override
+    public ResponseData getBrokerApiVersionInfo() {
        HashMap<Node, NodeApiVersions> map = clusterConsole.listBrokerVersionInfo();
        List<BrokerApiVersionVO> list = new ArrayList<>(map.size());
        map.forEach(((node, versions) -> {