-
Notifications
You must be signed in to change notification settings - Fork 868
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[KIP-430] DescribeConsumerGroups, DescribeTopics, DescribeCluster with authorized AclOperations #2021
Conversation
add SASL users to docker compose
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems mostly okay, some minor changes and comments
node?.ToString() ?? "null" | ||
).ToList()); | ||
var authorizedOperations = string.Join(",", | ||
AuthorizedOperations.Select(authorizedOperation => |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose AuthorizedOperations can be null, too, right?
needs handling for that
).ToList(); | ||
} | ||
|
||
private unsafe List<AclOperation> extractAuthorizedOperations(IntPtr authorizedOperationsPtr, int authorizedOperationCount) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
authorizedOperationsPtr maybe a null pointer, and in that case we should return null, rather than an empty list, what do you think?
/// <summary> | ||
/// Extension methods for default <see cref="IAdminClient"/> implementations. | ||
/// </summary> | ||
public static class IAdminClientExtensions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: why are we using IAdminClientExtensions, and not using IAdminClient?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see we are doing this to avoid breaking binary compatibility but we don't guarantee that for .NET, right?
Also, as per https://learn.microsoft.com/en-us/dotnet/core/compatibility/categories#binary-compatibility
If we just add methods or method implementations, that doesn't break binary compatibility, too, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, it's extending an interface that breaks it, in case one has it implemented. We're starting to avoid breaking it.
examples/AdminClient/Program.cs
Outdated
foreach (var partition in topic.Partitions) | ||
{ | ||
Console.WriteLine($" Partition ID: {partition.Partition} with leader: {partition.Leader}"); | ||
if(!partition.ISR.Any()){ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: stick to the formatting norms of the brace on next line, here and elsewhere in this file
Members.Select(member => | ||
member.ToString() | ||
).ToList()); | ||
var authorizedOperations = string.Join(",", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add handling for if AuthorizedOperations is null
Assert.Equal(2, resCount); | ||
|
||
// TODO: remove after fix | ||
ex.Results.TopicDescriptions.Sort( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: can remove now
Assert.Empty(ex.Results.TopicDescriptions[0].AuthorizedOperations); | ||
Assert.Empty(ex.Results.TopicDescriptions[1].AuthorizedOperations); | ||
Assert.True(ex.Results.TopicDescriptions[0].Error.IsError); | ||
Assert.True(!ex.Results.TopicDescriptions[1].Error.IsError); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: use Assert.False instead.
|
||
var descResAuthOps = | ||
descResWithAuthOps.TopicDescriptions[0].AuthorizedOperations; | ||
Assert.Equal( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should OrderBy before asserting equality, because while the order of the operations will be exactly what you described, there is no reason for it to be so (and it's not something we or the user should assume)
Here and elsewhere
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The order will be that one because it comes from the order in the enum that corresponds to the bitfield order too
topicList.IndexOf(b.Name); | ||
} | ||
); | ||
Assert.Empty(ex.Results.TopicDescriptions[0].AuthorizedOperations); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note to change this to asserting null after making change to allow for null authorized operations
here and in other files
}, | ||
Entry = new AccessControlEntry | ||
{ | ||
Principal = "User:user", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use
"User:(value of string user)"
rather than hard-coding it.
For all the relevant tests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for looking into this @emasab !
Approved with a few comments here and there.
examples/AdminClient/Program.cs
Outdated
{ | ||
Console.WriteLine(" There is no In-Sync-Replica broker for the partition"); | ||
} | ||
else{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
else{ | |
else | |
{ |
examples/AdminClient/Program.cs
Outdated
{ | ||
Console.WriteLine(" There is no Replica broker for the partition"); | ||
} | ||
else{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these are nits but
else{ | |
else | |
{ |
examples/AdminClient/Program.cs
Outdated
|
||
} | ||
Console.WriteLine($" Is internal: {topic.IsInternal}"); | ||
if(includeAuthorizedOperations) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if(includeAuthorizedOperations) | |
if (includeAuthorizedOperations) |
}, | ||
Entry = new AccessControlEntry | ||
{ | ||
Principal = "User:user", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe, this comment was missed for this test : #2021 (comment)
We should pick this dynamically
No description provided.