def get(self, topicName): """ Get Topic ACL. """ app.logger.info("Request to get ACL for topic {0}.".format(topicName)) try: admin = KafkaAdminClient( bootstrap_servers=config['cluster.broker.listeners'], security_protocol=config['cluster.security.protocol'], ssl_cafile=config['cluster.ssl.cafile'], ssl_certfile=config['cluster.ssl.certfile'], ssl_keyfile=config['cluster.ssl.keyfile']) acl_filter = ACLFilter(principal=None, host="*", operation=ACLOperation.ANY, permission_type=ACLPermissionType.ANY, resource_pattern=ResourcePattern( ResourceType.TOPIC, topicName)) acls, error = admin.describe_acls(acl_filter) acl_list = [] for a in acls: princpl = a.principal oprtn = a.operation.name acl_list.append({'user': princpl, 'type': oprtn}) return acl_list except Exception as e: ns_acl.abort(500, str(e.args)) finally: admin.close()
def test_create_describe_delete_acls(self): """Tests that we can add, list and remove ACLs """ # Setup brokers = '%s:%d' % (self.server.host, self.server.port) admin_client = KafkaAdminClient(bootstrap_servers=brokers) # Check that we don't have any ACLs in the cluster acls, error = admin_client.describe_acls( ACLFilter(principal=None, host="*", operation=ACLOperation.ANY, permission_type=ACLPermissionType.ANY, resource_pattern=ResourcePattern(ResourceType.TOPIC, "topic"))) self.assertIs(error, NoError) self.assertEqual(0, len(acls)) # Try to add an ACL acl = ACL(principal="User:test", host="*", operation=ACLOperation.READ, permission_type=ACLPermissionType.ALLOW, resource_pattern=ResourcePattern(ResourceType.TOPIC, "topic")) result = admin_client.create_acls([acl]) self.assertFalse(len(result["failed"])) self.assertEqual(len(result["succeeded"]), 1) # Check that we can list the ACL we created acl_filter = ACLFilter(principal=None, host="*", operation=ACLOperation.ANY, permission_type=ACLPermissionType.ANY, resource_pattern=ResourcePattern( ResourceType.TOPIC, "topic")) acls, error = admin_client.describe_acls(acl_filter) self.assertIs(error, NoError) self.assertEqual(1, len(acls)) # Remove the ACL delete_results = admin_client.delete_acls([ ACLFilter(principal="User:test", host="*", operation=ACLOperation.READ, permission_type=ACLPermissionType.ALLOW, resource_pattern=ResourcePattern(ResourceType.TOPIC, "topic")) ]) self.assertEqual(1, len(delete_results)) self.assertEqual(1, len( delete_results[0][1])) # Check number of affected ACLs # Make sure the ACL does not exist in the cluster anymore acls, error = admin_client.describe_acls( ACLFilter(principal="*", host="*", operation=ACLOperation.ANY, permission_type=ACLPermissionType.ANY, resource_pattern=ResourcePattern(ResourceType.TOPIC, "topic"))) self.assertIs(error, NoError) self.assertEqual(0, len(acls))