Re: [PR] KAFKA-16865: Add IncludeTopicAuthorizedOperations option for DescribeTopicPartitionsRequest [kafka]

Tue, 11 Jun 2024 11:11:35 -0700 


chia7712 commented on code in PR #16136:
URL: https://github.com/apache/kafka/pull/16136#discussion_r1635282686


##########
clients/src/main/java/org/apache/kafka/clients/admin/KafkaAdminClient.java:
##########
@@ -2404,14 +2404,16 @@ void handleFailure(Throwable throwable) {
 
     private TopicDescription 
getTopicDescriptionFromDescribeTopicsResponseTopic(
         DescribeTopicPartitionsResponseTopic topic,
-        Map<Integer, Node> nodes
+        Map<Integer, Node> nodes,
+        boolean includeAuthorizedOperations
     ) {
         List<DescribeTopicPartitionsResponsePartition> partitionInfos = 
topic.partitions();
         List<TopicPartitionInfo> partitions = new 
ArrayList<>(partitionInfos.size());
         for (DescribeTopicPartitionsResponsePartition partitionInfo : 
partitionInfos) {
             
partitions.add(DescribeTopicPartitionsResponse.partitionToTopicPartitionInfo(partitionInfo,
 nodes));
         }
-        return new TopicDescription(topic.name(), topic.isInternal(), 
partitions, validAclOperations(topic.topicAuthorizedOperations()), 
topic.topicId());
+        Set<AclOperation> authorisedOperations = includeAuthorizedOperations ? 
validAclOperations(topic.topicAuthorizedOperations()) : null;

Review Comment:
   Pardon me, why we  don't make `DescribeTopicPartitionsRequest` support 
`IncludeAuthorizedOperations` (similar to `MetadataRequest`, 
`DescribeGroupsRequest,` and `ConsumerGroupDescribeRequest`)? 



##########
clients/src/test/java/org/apache/kafka/clients/admin/KafkaAdminClientTest.java:
##########
@@ -1464,13 +1464,50 @@ public void 
testDescribeTopicsWithDescribeTopicPartitionsApiBasic() {
                 assertEquals(0, 
topicDescription.partitions().get(0).partition());
                 assertEquals(1, 
topicDescription.partitions().get(1).partition());
                 topicDescription = topicDescriptions.get(topicName1);
+                assertNull(topicDescription.authorizedOperations());
                 assertEquals(1, topicDescription.partitions().size());
             } catch (Exception e) {
                 fail("describe using DescribeTopics API should not fail", e);
             }
         }
     }
 
+    @Test
+    public void testDescribeTopicPartitionsApiWithAuthorizedOps() throws 
ExecutionException, InterruptedException {
+        try (AdminClientUnitTestEnv env = mockClientEnv()) {
+            env.kafkaClient().setNodeApiVersions(NodeApiVersions.create());
+            String topicName0 = "test-0";
+            Uuid topicId =  Uuid.randomUuid();
+
+            int authorisedOperations = 
Utils.to32BitField(Utils.mkSet(AclOperation.DESCRIBE.code(), 
AclOperation.ALTER.code()));
+            env.kafkaClient().prepareResponse(
+                    prepareDescribeClusterResponse(0,
+                            env.cluster().nodes(),
+                            env.cluster().clusterResource().clusterId(),
+                            2,
+                            authorisedOperations)
+            );
+
+            DescribeTopicPartitionsResponseData responseData = new 
DescribeTopicPartitionsResponseData();
+            responseData.topics().add(new 
DescribeTopicPartitionsResponseTopic()
+                    .setErrorCode((short) 0)
+                    .setTopicId(topicId)
+                    .setName(topicName0)
+                    .setIsInternal(false)
+                    .setTopicAuthorizedOperations(authorisedOperations));
+            env.kafkaClient().prepareResponse(new 
DescribeTopicPartitionsResponse(responseData));
+
+            DescribeTopicsResult result = env.adminClient().describeTopics(
+                    singletonList(topicName0), new 
DescribeTopicsOptions().includeAuthorizedOperations(true)
+            );
+
+            Map<String, TopicDescription> topicDescriptions = 
result.allTopicNames().get();
+            TopicDescription topicDescription = 
topicDescriptions.get(topicName0);
+            assertEquals(new HashSet<>(asList(AclOperation.DESCRIBE, 
AclOperation.ALTER)),

Review Comment:
   This test case is great. It tests the case that server returns 
`topicAuthorizedOperations` and `includeAuthorizedOperations=true`. 
   
   However, it seems to me the issue is that we don't filter 
`topicAuthorizedOperations` out when `includeAuthorizedOperations=false`. Other 
test cases having `assertNull(topicDescription.authorizedOperations())` don't 
prepare `topicAuthorizedOperations` to response so the scenario is different to 
the issue. 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to