J1147
/
TelpoKafkaConsole

﻿using Confluent.Kafka.Admin;
using Microsoft.AspNetCore.Mvc;
using TelpoKafkaConsole.Service;
using TelpoKafkaConsole.WebApi.Controllers.Api;
using TelpoKafkaConsole.WebApi.Model.Request;

// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860

namespace TelpoKafkaConsole.WebApi.Controllers
{
    [Route("api/[controller]/[action]")]
    [ApiController]
    public class AclsController : ControllerBase
    {
        private readonly KafkaAdminService _servicekafkaAdmin;
        public AclsController(KafkaAdminService kafkaAdminService)
        {
            _servicekafkaAdmin = kafkaAdminService;
        }
        // GET: api/<AclsController>
        [HttpGet]
        public async Task<ApiResponse<List<AclBinding>>> Get()
        {
            var acls = await _servicekafkaAdmin.DescribeAclsAsync();
            return ApiResponse<List<AclBinding>>.Success(acls);
        }

        // GET api/<AclsController>/5
        [HttpGet("{username}")]
        public async Task<ApiResponse<IEnumerable<AclBinding>>> Get(string username)
        {

            var acls = await _servicekafkaAdmin.DescribeAclsAsync();
            return ApiResponse<IEnumerable<AclBinding>>.Success(acls.Where(i => i.Entry.Principal.EndsWith(username)));
        }

        // POST api/<AclsController>
        [HttpPost]
        public async Task<ApiResponse<string>> Post([FromBody] AclsReq aclsReq)
        {
            List<AclBinding> aclBindings = new();
            // 生产者
            if (string.IsNullOrEmpty(aclsReq.Group))
            {
                aclBindings.Add(new AclBinding()
                {
                    Pattern = new ResourcePattern
                    {
                        Type = ResourceType.Topic,
                        Name = aclsReq.Topic,
                        ResourcePatternType = ResourcePatternType.Literal
                    },
                    Entry = new AccessControlEntry
                    {
                        Principal = $"User:{aclsReq.UserName}",
                        Host = "*",
                        Operation = AclOperation.Write,
                        PermissionType = AclPermissionType.Allow
                    }
                });
            }
            // 消费者
            else
            {
                aclBindings.Add(new AclBinding()
                {
                    Pattern = new ResourcePattern
                    {
                        Type = ResourceType.Group,
                        Name = aclsReq.Group,
                        ResourcePatternType = ResourcePatternType.Literal
                    },
                    Entry = new AccessControlEntry
                    {
                        Principal = $"User:{aclsReq.UserName}",
                        Host = "*",
                        Operation = AclOperation.Read,
                        PermissionType = AclPermissionType.Allow
                    }
                });
                aclBindings.Add(new AclBinding()
                {
                    Pattern = new ResourcePattern
                    {
                        Type = ResourceType.Topic,
                        Name = aclsReq.Topic,
                        ResourcePatternType = ResourcePatternType.Literal
                    },
                    Entry = new AccessControlEntry
                    {
                        Principal = $"User:{aclsReq.UserName}",
                        Host = "*",
                        Operation = AclOperation.Read,
                        PermissionType = AclPermissionType.Allow
                    }
                });
            }

            //  - Group: {aclsReq.Group}
            await _servicekafkaAdmin.CreateAclsAsync(aclBindings);
            var operation = string.IsNullOrEmpty(aclsReq.Group) ? "写" : "读";
            var group = string.IsNullOrEmpty(aclsReq.Group) ? "" : $"Group:{aclsReq.Group} - ";

            return ApiResponse<string>.Success($"创建 ACLs 规则 用户:{aclsReq.UserName} - Topic:{aclsReq.Topic} - {group}{operation}权限成功");
        }

        // DELETE api/<AclsController>/5
        [HttpDelete]
        public async Task<ApiResponse<string>> DeleteAsync([FromBody] AclsReq aclsReq)
        {
            List<AclBinding> aclBindings = new();
            // 生产者
            if (string.IsNullOrEmpty(aclsReq.Group))
            {
                aclBindings.Add(new AclBinding()
                {
                    Pattern = new ResourcePattern
                    {
                        Type = ResourceType.Topic,
                        Name = aclsReq.Topic,
                        ResourcePatternType = ResourcePatternType.Literal
                    },
                    Entry = new AccessControlEntry
                    {
                        Principal = $"User:{aclsReq.UserName}",
                        Host = "*",
                        Operation = AclOperation.Any,
                        PermissionType = AclPermissionType.Any
                    }
                });
            }
            // 消费者
            else
            {
                aclBindings.Add(new AclBinding()
                {
                    Pattern = new ResourcePattern
                    {
                        Type = ResourceType.Group,
                        Name = aclsReq.Group,
                        ResourcePatternType = ResourcePatternType.Literal
                    },
                    Entry = new AccessControlEntry
                    {
                        Principal = $"User:{aclsReq.UserName}",
                        Host = "*",
                        Operation = AclOperation.Any,
                        PermissionType = AclPermissionType.Any
                    }
                });
                aclBindings.Add(new AclBinding()
                {
                    Pattern = new ResourcePattern
                    {
                        Type = ResourceType.Topic,
                        Name = aclsReq.Topic,
                        ResourcePatternType = ResourcePatternType.Literal
                    },
                    Entry = new AccessControlEntry
                    {
                        Principal = $"User:{aclsReq.UserName}",
                        Host = "*",
                        Operation = AclOperation.Read,
                        PermissionType = AclPermissionType.Allow
                    }
                });
            }


            await _servicekafkaAdmin.DeleteAclsAsync(aclBindings);

           // var operation = string.IsNullOrEmpty(aclsReq.Group) ? "写" : "读";
            var group = string.IsNullOrEmpty(aclsReq.Group) ? "" : $"Group:{aclsReq.Group} - ";

            return ApiResponse<string>.Success($"删除 ACLs 规则 用户:{aclsReq.UserName} - Topic:{aclsReq.Topic} - {group}所有权限成功");

        }
    }
}