Re: [PR] KAFKA-17036: KIP-919 supports for createAcls, deleteAcls, describeAcls [kafka]

Mon, 19 Aug 2024 18:26:45 -0700 


FrankYang0529 commented on code in PR #16493:
URL: https://github.com/apache/kafka/pull/16493#discussion_r1722571292


##########
core/src/test/java/kafka/test/server/BootstrapControllersIntegrationTest.java:
##########
@@ -235,4 +254,48 @@ private void testIncrementalAlterConfigs(ClusterInstance 
clusterInstance, boolea
             });
         }
     }
+
+    @ClusterTest(serverProperties = {
+            @ClusterConfigProperty(key = 
StandardAuthorizer.SUPER_USERS_CONFIG, value = "User:ANONYMOUS"),
+            @ClusterConfigProperty(key = AUTHORIZER_CLASS_NAME_CONFIG, value = 
"org.apache.kafka.metadata.authorizer.StandardAuthorizer")
+    })
+    public void testAclsByControllers(ClusterInstance clusterInstance) throws 
Exception {
+        testAcls(clusterInstance, true);
+    }
+
+    @ClusterTest(serverProperties = {
+            @ClusterConfigProperty(key = 
StandardAuthorizer.SUPER_USERS_CONFIG, value = "User:ANONYMOUS"),
+            @ClusterConfigProperty(key = AUTHORIZER_CLASS_NAME_CONFIG, value = 
"org.apache.kafka.metadata.authorizer.StandardAuthorizer")
+    })
+    public void testAcls(ClusterInstance clusterInstance) throws Exception {
+        testAcls(clusterInstance, false);
+    }
+
+
+    private void testAcls(ClusterInstance clusterInstance, boolean 
usingBootstrapControllers) throws Exception {
+        try (Admin admin = Admin.create(adminConfig(clusterInstance, 
usingBootstrapControllers))) {
+            ResourcePattern resourcePattern = new 
ResourcePattern(ResourceType.TOPIC, "mytopic3", PatternType.LITERAL);
+            AccessControlEntry accessControlEntry = new 
AccessControlEntry("User:ANONYMOUS", "*", AclOperation.DESCRIBE, 
AclPermissionType.ALLOW);
+            AclBinding aclBinding = new AclBinding(resourcePattern, 
accessControlEntry);
+            assertDoesNotThrow(() -> 
admin.createAcls(Collections.singleton(aclBinding)).all().get(1, 
TimeUnit.MINUTES));
+
+            List<Authorizer> allAuthorizers = new ArrayList<>();
+            allAuthorizers.addAll(clusterInstance.brokers().values().stream()
+                    .map(server -> 
server.authorizer().get()).collect(Collectors.toList()));
+            
allAuthorizers.addAll(clusterInstance.controllers().values().stream()
+                    .map(server -> 
server.authorizer().get()).collect(Collectors.toList()));
+            allAuthorizers.forEach(authorizer -> 
kafka.utils.TestUtils.waitAndVerifyAcls(

Review Comment:
   Yes, add a method `authorizers` to `ClusterInstance`. Thanks.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to