def write_to_topic(cn: str, task: str, topic: str, message: str, krb5: object) -> bool: return auth.write_to_topic( cn, task, topic, message, auth.get_kerberos_client_properties(ssl_enabled=False), auth.setup_krb5_env(cn, task, krb5))
def write_to_topic(cn: str, task: str, topic: str, message: str) -> bool: return auth.write_to_topic(cn, task, topic, message, auth.get_ssl_client_properties(cn, False), environment=None)
def write_to_topic(cn: str, task: str, topic: str, message: str, krb5: object) -> bool: return auth.write_to_topic(cn, task, topic, message, get_client_properties(cn), environment=auth.setup_krb5_env(cn, task, krb5))
def write_to_topic(cn: str, task: str, topic: str, message: str) -> str: client_properties = write_client_properties(cn, task) cmd = "bash -c \"echo {} | kafka-console-producer \ --topic {} \ --producer.config {} \ --broker-list \$KAFKA_BROKER_LIST\"".format( message, topic, client_properties) return auth.write_to_topic(cn, task, topic, message, cmd=cmd)
def write_to_topic(self, user: str, topic_name: str, brokers: str) -> bool: # Generate a unique message: message = str(uuid.uuid4()) properties, environment = self._get_cli_settings(user) write_success = auth.write_to_topic(user, self.id, topic_name, message, properties, environment, brokers) if write_success: self.MESSAGES.append(message) return write_success
def test_client_can_read_and_write(kafka_client, kafka_server): client_id = kafka_client["id"] auth.wait_for_brokers(kafka_client["id"], kafka_client["brokers"]) topic_name = "authn.test" sdk_cmd.svc_cli(kafka_server["package_name"], kafka_server["service"]["name"], "topic create {}".format(topic_name), json=True) test_utils.wait_for_topic(kafka_server["package_name"], kafka_server["service"]["name"], topic_name) message = str(uuid.uuid4()) assert auth.write_to_topic("client", client_id, topic_name, message) assert message in auth.read_from_topic("client", client_id, topic_name, 1)
def write_to_topic(cn: str, task: str, topic: str, message: str, brokers: str, tls: bool) -> bool: properties, environment = get_settings(cn, task, tls) return auth.write_to_topic(cn, task, topic, message, properties, environment, brokers)
def write_to_topic(cn: str, marathon_task: str, topic: str, message: str, krb5: object) -> bool: return auth.write_to_topic(cn, marathon_task, topic, message, get_client_properties(cn), environment=auth.setup_krb5_env(cn, marathon_task, krb5))
def write_to_topic(cn: str, task: str, topic: str, message: str, krb5: object) -> bool: return auth.write_to_topic(cn, task, topic, message, auth.get_kerberos_client_properties(ssl_enabled=False), auth.setup_krb5_env(cn, task, krb5))
def test_authz_acls_required(kafka_client, kafka_server): client_id = kafka_client["id"] auth.wait_for_brokers(kafka_client["id"], kafka_client["brokers"]) topic_name = "authz.test" sdk_cmd.svc_cli(kafka_server["package_name"], kafka_server["service"]["name"], "topic create {}".format(topic_name), json=True) test_utils.wait_for_topic(kafka_server["package_name"], kafka_server["service"]["name"], topic_name) message = str(uuid.uuid4()) log.info("Writing and reading: Writing to the topic, but not super user") assert not auth.write_to_topic("authorized", client_id, topic_name, message) log.info("Writing and reading: Writing to the topic, as super user") assert auth.write_to_topic("super", client_id, topic_name, message) log.info("Writing and reading: Reading from the topic, but not super user") assert auth.is_not_authorized( auth.read_from_topic("authorized", client_id, topic_name, 1)) log.info("Writing and reading: Reading from the topic, as super user") assert message in auth.read_from_topic("super", client_id, topic_name, 1) zookeeper_endpoint = sdk_cmd.svc_cli(kafka_server["package_name"], kafka_server["service"]["name"], "endpoint zookeeper").strip() # TODO: If zookeeper has Kerberos enabled, then the environment should be changed topics.add_acls("authorized", client_id, topic_name, zookeeper_endpoint, env_str=None) # Send a second message which should not be authorized second_message = str(uuid.uuid4()) log.info("Writing and reading: Writing to the topic, but not super user") assert auth.write_to_topic("authorized", client_id, topic_name, second_message) log.info("Writing and reading: Writing to the topic, as super user") assert auth.write_to_topic("super", client_id, topic_name, second_message) log.info("Writing and reading: Reading from the topic, but not super user") topic_output = auth.read_from_topic("authorized", client_id, topic_name, 3) assert message in topic_output assert second_message in topic_output log.info("Writing and reading: Reading from the topic, as super user") topic_output = auth.read_from_topic("super", client_id, topic_name, 3) assert message in topic_output assert second_message in topic_output # Check that the unauthorized client can still not read or write from the topic. log.info("Writing and reading: Writing to the topic, but not super user") assert not auth.write_to_topic("unauthorized", client_id, topic_name, second_message) log.info("Writing and reading: Reading from the topic, but not super user") assert auth.is_not_authorized( auth.read_from_topic("unauthorized", client_id, topic_name, 1))