public async void AdminClient_AclOperations(string bootstrapServers) { LogToFile("start AdminClient_AclOperations"); var topicName = Guid.NewGuid().ToString(); var groupName = Guid.NewGuid().ToString(); var maxDuration = TimeSpan.FromSeconds(30); var noError = new Error(ErrorCode.NoError, "", false); var unknownError = new Error(ErrorCode.Unknown, "Unknown broker error", false); var noErrorCreateResult = new CreateAclReport { Error = noError }; var unknownErrorCreateResult = new CreateAclReport { Error = unknownError }; var newACLs = new List <AclBinding> { new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = topicName, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = "User:test-user-1", Host = "*", Operation = AclOperation.Read, PermissionType = AclPermissionType.Allow } }, new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = topicName, ResourcePatternType = ResourcePatternType.Prefixed }, Entry = new AccessControlEntry { Principal = "User:test-user-2", Host = "*", Operation = AclOperation.Write, PermissionType = AclPermissionType.Deny } }, new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Group, Name = groupName, ResourcePatternType = ResourcePatternType.Prefixed }, Entry = new AccessControlEntry { Principal = "User:test-user-2", Host = "some-host", Operation = AclOperation.All, PermissionType = AclPermissionType.Allow } }, }; var invalidACLs = new List <AclBinding> { new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = topicName, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { // Principal must be in the form "{principalType}:{principalName}" // Broker returns ErrUnknown in this case Principal = "wrong-principal", Host = "*", Operation = AclOperation.Read, PermissionType = AclPermissionType.Allow } } }; var validAndInvalidACLs = new List <AclBinding> { new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = topicName, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { // Principal must be in the form "{principalType}:{principalName}" // Broker returns ErrUnknown in this case Principal = "wrong-principal", Host = "*", Operation = AclOperation.Read, PermissionType = AclPermissionType.Allow } }, new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Group, Name = groupName, ResourcePatternType = ResourcePatternType.Prefixed }, Entry = new AccessControlEntry { Principal = "User:test-user-2", Host = "some-host", Operation = AclOperation.All, PermissionType = AclPermissionType.Allow } }, }; var aclBindingFilters = new List <AclBindingFilter> { new AclBindingFilter() { PatternFilter = new ResourcePatternFilter { Type = ResourceType.Any, ResourcePatternType = ResourcePatternType.Any }, EntryFilter = new AccessControlEntryFilter { Operation = AclOperation.Any, PermissionType = AclPermissionType.Any } }, new AclBindingFilter() { PatternFilter = new ResourcePatternFilter { Type = ResourceType.Any, ResourcePatternType = ResourcePatternType.Prefixed }, EntryFilter = new AccessControlEntryFilter { Operation = AclOperation.Any, PermissionType = AclPermissionType.Any } }, new AclBindingFilter() { PatternFilter = new ResourcePatternFilter { Type = ResourceType.Topic, ResourcePatternType = ResourcePatternType.Any }, EntryFilter = new AccessControlEntryFilter { Operation = AclOperation.Any, PermissionType = AclPermissionType.Any } }, new AclBindingFilter() { PatternFilter = new ResourcePatternFilter { Type = ResourceType.Group, ResourcePatternType = ResourcePatternType.Any }, EntryFilter = new AccessControlEntryFilter { Operation = AclOperation.Any, PermissionType = AclPermissionType.Any } } }; var createAclsOptions = new CreateAclsOptions { RequestTimeout = maxDuration }; var describeAclsOptions = new DescribeAclsOptions { RequestTimeout = maxDuration }; var deleteAclsOptions = new DeleteAclsOptions { RequestTimeout = maxDuration }; // - construction of admin client from configuration. // - creation of multiple ACL. // - CreateAcls should be idempotent using (var adminClient = new AdminClientBuilder(new AdminClientConfig { BootstrapServers = bootstrapServers }).Build()) { for (int i = 0; i < 2; ++i) { await adminClient.CreateAclsAsync( newACLs, createAclsOptions ); } } // - construction of admin client from a producer handle // - CreateACLs with server side validation errors using (var producer = new ProducerBuilder <Null, Null>(new ProducerConfig { BootstrapServers = bootstrapServers }).Build()) using (var adminClient = new DependentAdminClientBuilder(producer.Handle).Build()) { var createAclsException = await Assert.ThrowsAsync <CreateAclsException>(() => adminClient.CreateAclsAsync( invalidACLs, createAclsOptions ) ); Assert.Equal(new CreateAclsException( new List <CreateAclReport> { unknownErrorCreateResult } ), createAclsException); } // - construction of admin client from a producer handle // - CreateACLs with errors and succeeded items using (var producer = new ProducerBuilder <Null, Null>(new ProducerConfig { BootstrapServers = bootstrapServers }).Build()) using (var adminClient = new DependentAdminClientBuilder(producer.Handle).Build()) { var createAclsException = await Assert.ThrowsAsync <CreateAclsException>(() => adminClient.CreateAclsAsync( validAndInvalidACLs, createAclsOptions ) ); Assert.Equal(new CreateAclsException( new List <CreateAclReport> { unknownErrorCreateResult, noErrorCreateResult } ), createAclsException); // DescribeAcls must return the three ACLs var describeAclsResult = await adminClient.DescribeAclsAsync(aclBindingFilters[0], describeAclsOptions); var newACLsShuffled = new List <AclBinding> { newACLs[0], newACLs[2], newACLs[1], }; Assert.Equal(new DescribeAclsResult { AclBindings = newACLs }, describeAclsResult); Assert.Equal(new DescribeAclsResult { AclBindings = newACLsShuffled }, describeAclsResult); } // - construction of admin client from configuration. using (var adminClient = new AdminClientBuilder(new AdminClientConfig { BootstrapServers = bootstrapServers }).Build()) { // DeleteAcls with ResourcePatternType Prefixed var resultDeleteAcls = await adminClient.DeleteAclsAsync( new List <AclBindingFilter> { aclBindingFilters[1] }, deleteAclsOptions ); Assert.Single(resultDeleteAcls); Assert.Equal(2, resultDeleteAcls[0].AclBindings.Count); Assert.Equal(new DeleteAclsResult { AclBindings = new List <AclBinding> { newACLs[1], newACLs[2] } }, resultDeleteAcls[0]); // DeleteAcls with ResourceType Topic and Group resultDeleteAcls = await adminClient.DeleteAclsAsync( new List <AclBindingFilter> { aclBindingFilters[2], aclBindingFilters[3], }, deleteAclsOptions ); Assert.Equal(2, resultDeleteAcls.Count); Assert.Equal(new DeleteAclsResult { AclBindings = new List <AclBinding> { newACLs[0] } }, resultDeleteAcls[0]); Assert.Equal(new DeleteAclsResult { AclBindings = new List <AclBinding>() }, resultDeleteAcls[1]); // All the ACLs should have been deleted var describeAclsResult = await adminClient.DescribeAclsAsync(aclBindingFilters[0], describeAclsOptions); Assert.Equal(new DescribeAclsResult { AclBindings = new List <AclBinding> { } }, describeAclsResult); } Assert.Equal(0, Library.HandleCount); LogToFile("end AdminClient_AclOperations"); }