def get(self, topicName):
"""
Get Topic ACL.
"""
app.logger.info("Request to get ACL for topic {0}.".format(topicName))
try:
admin = KafkaAdminClient(
bootstrap_servers=config['cluster.broker.listeners'],
security_protocol=config['cluster.security.protocol'],
ssl_cafile=config['cluster.ssl.cafile'],
ssl_certfile=config['cluster.ssl.certfile'],
ssl_keyfile=config['cluster.ssl.keyfile'])
acl_filter = ACLFilter(principal=None,
host="*",
operation=ACLOperation.ANY,
permission_type=ACLPermissionType.ANY,
resource_pattern=ResourcePattern(
ResourceType.TOPIC, topicName))
acls, error = admin.describe_acls(acl_filter)
acl_list = []
for a in acls:
princpl = a.principal
oprtn = a.operation.name
acl_list.append({'user': princpl, 'type': oprtn})
return acl_list
except Exception as e:
ns_acl.abort(500, str(e.args))
finally:
admin.close()
def test_create_describe_delete_acls(self):
"""Tests that we can add, list and remove ACLs
"""
# Setup
brokers = '%s:%d' % (self.server.host, self.server.port)
admin_client = KafkaAdminClient(bootstrap_servers=brokers)
# Check that we don't have any ACLs in the cluster
acls, error = admin_client.describe_acls(
ACLFilter(principal=None,
host="*",
operation=ACLOperation.ANY,
permission_type=ACLPermissionType.ANY,
resource_pattern=ResourcePattern(ResourceType.TOPIC,
"topic")))
self.assertIs(error, NoError)
self.assertEqual(0, len(acls))
# Try to add an ACL
acl = ACL(principal="User:test",
host="*",
operation=ACLOperation.READ,
permission_type=ACLPermissionType.ALLOW,
resource_pattern=ResourcePattern(ResourceType.TOPIC,
"topic"))
result = admin_client.create_acls([acl])
self.assertFalse(len(result["failed"]))
self.assertEqual(len(result["succeeded"]), 1)
# Check that we can list the ACL we created
acl_filter = ACLFilter(principal=None,
host="*",
operation=ACLOperation.ANY,
permission_type=ACLPermissionType.ANY,
resource_pattern=ResourcePattern(
ResourceType.TOPIC, "topic"))
acls, error = admin_client.describe_acls(acl_filter)
self.assertIs(error, NoError)
self.assertEqual(1, len(acls))
# Remove the ACL
delete_results = admin_client.delete_acls([
ACLFilter(principal="User:test",
host="*",
operation=ACLOperation.READ,
permission_type=ACLPermissionType.ALLOW,
resource_pattern=ResourcePattern(ResourceType.TOPIC,
"topic"))
])
self.assertEqual(1, len(delete_results))
self.assertEqual(1, len(
delete_results[0][1])) # Check number of affected ACLs
# Make sure the ACL does not exist in the cluster anymore
acls, error = admin_client.describe_acls(
ACLFilter(principal="*",
host="*",
operation=ACLOperation.ANY,
permission_type=ACLPermissionType.ANY,
resource_pattern=ResourcePattern(ResourceType.TOPIC,
"topic")))
self.assertIs(error, NoError)
self.assertEqual(0, len(acls))
