def test_idempotent_write_passes_2(self): username, password, algorithm = self.redpanda.SUPERUSER_CREDENTIALS rpk = RpkTool(self.redpanda) rpk.sasl_create_user("bob", "bob", algorithm) rpk.sasl_allow_principal("User:bob", ["write", "read", "describe"], "topic", "*", username, password, algorithm) self.retry(lambda: self.write_by_bob(algorithm), 5, TOPIC_AUTHORIZATION_FAILED)
def test_tx_init_passes_2(self): username, password, algorithm = self.redpanda.SUPERUSER_CREDENTIALS rpk = RpkTool(self.redpanda) rpk.sasl_create_user("bob", "bob", algorithm) rpk.sasl_allow_principal("User:bob", ["write", "read", "describe"], "topic", "topic1", username, password, algorithm) rpk.sasl_allow_principal("User:bob", ["write", "describe"], "transactional-id", "*", username, password, algorithm) self.retry(lambda: self.init_by_bob("tx-id-2", algorithm), 5, TRANSACTIONAL_ID_AUTHORIZATION_FAILED)
def test_tx_init_fails(self): username, password, algorithm = self.redpanda.SUPERUSER_CREDENTIALS rpk = RpkTool(self.redpanda) rpk.sasl_create_user("bob", "bob", algorithm) rpk.sasl_allow_principal("User:bob", ["write", "read", "describe"], "topic", "topic1", username, password, algorithm) try: self.init_by_bob("tx-id-1", algorithm) assert False, "bob should not have access to txns" except AssertionError as e: raise e except KafkaException as e: assert e.args[0].code( ) == TRANSACTIONAL_ID_AUTHORIZATION_FAILED, "TRANSACTIONAL_ID_AUTHORIZATION_FAILED is expected"