[英]How to programmatically get topics permissions [Kafka, Java]
我正在实施高级 Kafka 健康检查。 现在它实现了“标准”健康检查:
@Override
protected void doHealthCheck(Builder builder) {
try (AdminClient adminClient = AdminClient.create(this.kafkaAdmin.getConfig())) {
DescribeClusterResult result = adminClient.describeCluster(this.describeOptions);
String brokerId = result.controller().get().idString();
int replicationFactor = getReplicationFactor(brokerId, adminClient);
int nodes = result.nodes().get().size();
Health h = Option.when(nodes >= replicationFactor, builder::up)
.getOrElse(() ->
builder.down()
.withDetail("clusterId", result.clusterId())
.withDetail("brokerId", brokerId)
.withDetail("nodes", nodes))
.build();
log.info("Current state kafka: {}", h.getStatus(), keyValue(HEALTH, h.getStatus()));
} catch (Exception e) {
Health h = builder.down().build();
log.error("Current state kafka: {}, with error {}", h.getStatus(), e.toString(),
keyValue(HEALTH, h.getStatus()));
}
}
但目标是检查我的服务是否能够读取/写入某个主题。
我在 AdminClient 和其他类中找不到合适的功能。
一般来说它存在吗?
我没有使用它,但describeTopics
的结果已authorizedOperations
。
/**
* authorized operations for this topic, or null if this is not known.
*/
public Set<AclOperation> authorizedOperations() {
return authorizedOperations;
}
/**
* Represents an operation which an ACL grants or denies permission to perform.
*
* Some operations imply other operations:
* <ul>
* <li><code>ALLOW ALL</code> implies <code>ALLOW</code> everything
* <li><code>DENY ALL</code> implies <code>DENY</code> everything
*
* <li><code>ALLOW READ</code> implies <code>ALLOW DESCRIBE</code>
* <li><code>ALLOW WRITE</code> implies <code>ALLOW DESCRIBE</code>
* <li><code>ALLOW DELETE</code> implies <code>ALLOW DESCRIBE</code>
*
* <li><code>ALLOW ALTER</code> implies <code>ALLOW DESCRIBE</code>
*
* <li><code>ALLOW ALTER_CONFIGS</code> implies <code>ALLOW DESCRIBE_CONFIGS</code>
* </ul>
* The API for this class is still evolving and we may break compatibility in minor releases, if necessary.
*/
@InterfaceStability.Evolving
public enum AclOperation {
从 2.3 开始。
我需要的数据在这里:
AclBindingFilter filter = new AclBindingFilter(
new ResourcePatternFilter(ResourceType.ANY, null, PatternType.LITERAL),
new AccessControlEntryFilter(null, null, AclOperation.ANY, AclPermissionType.ANY));
adminClient.describeAcls(filter).values().get();
(pattern=ResourcePattern(resourceType=TOPIC, name=APP_DIRECTORY.VIEW, patternType=LITERAL), entry=(principal=User:CN=CN,L=L,ST=ST,C=C, host=*, operation=READ , 权限类型=允许))
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.