using Confluent.Kafka.Admin; using Microsoft.AspNetCore.Mvc; using TelpoKafkaConsole.Service; using TelpoKafkaConsole.WebApi.Controllers.Api; using TelpoKafkaConsole.WebApi.Model.Request; // For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860 namespace TelpoKafkaConsole.WebApi.Controllers { [Route("api/[controller]/[action]")] [ApiController] public class AclsController : ControllerBase { private readonly KafkaAdminService _servicekafkaAdmin; public AclsController(KafkaAdminService kafkaAdminService) { _servicekafkaAdmin = kafkaAdminService; } // GET: api/ [HttpGet] public async Task>> Get() { var acls = await _servicekafkaAdmin.DescribeAclsAsync(); return ApiResponse>.Success(acls); } // GET api//5 [HttpGet("{username}")] public async Task>> Get(string username) { var acls = await _servicekafkaAdmin.DescribeAclsAsync(); return ApiResponse>.Success(acls.Where(i => i.Entry.Principal.EndsWith(username))); } // POST api/ [HttpPost] public async Task> Post([FromBody] AclsReq aclsReq) { List aclBindings = new(); // 生产者 if (string.IsNullOrEmpty(aclsReq.Group)) { aclBindings.Add(new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = aclsReq.Topic, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = $"User:{aclsReq.UserName}", Host = "*", Operation = AclOperation.Write, PermissionType = AclPermissionType.Allow } }); } // 消费者 else { aclBindings.Add(new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Group, Name = aclsReq.Group, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = $"User:{aclsReq.UserName}", Host = "*", Operation = AclOperation.Read, PermissionType = AclPermissionType.Allow } }); aclBindings.Add(new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = aclsReq.Topic, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = $"User:{aclsReq.UserName}", Host = "*", Operation = AclOperation.Read, PermissionType = AclPermissionType.Allow } }); } // - Group: {aclsReq.Group} await _servicekafkaAdmin.CreateAclsAsync(aclBindings); var operation = string.IsNullOrEmpty(aclsReq.Group) ? "写" : "读"; var group = string.IsNullOrEmpty(aclsReq.Group) ? "" : $"Group:{aclsReq.Group} - "; return ApiResponse.Success($"创建 ACLs 规则 用户:{aclsReq.UserName} - Topic:{aclsReq.Topic} - {group}{operation}权限成功"); } // DELETE api//5 [HttpDelete] public async Task> DeleteAsync([FromBody] AclsReq aclsReq) { List aclBindings = new(); // 生产者 if (string.IsNullOrEmpty(aclsReq.Group)) { aclBindings.Add(new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = aclsReq.Topic, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = $"User:{aclsReq.UserName}", Host = "*", Operation = AclOperation.Any, PermissionType = AclPermissionType.Any } }); } // 消费者 else { aclBindings.Add(new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Group, Name = aclsReq.Group, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = $"User:{aclsReq.UserName}", Host = "*", Operation = AclOperation.Any, PermissionType = AclPermissionType.Any } }); aclBindings.Add(new AclBinding() { Pattern = new ResourcePattern { Type = ResourceType.Topic, Name = aclsReq.Topic, ResourcePatternType = ResourcePatternType.Literal }, Entry = new AccessControlEntry { Principal = $"User:{aclsReq.UserName}", Host = "*", Operation = AclOperation.Read, PermissionType = AclPermissionType.Allow } }); } await _servicekafkaAdmin.DeleteAclsAsync(aclBindings); // var operation = string.IsNullOrEmpty(aclsReq.Group) ? "写" : "读"; var group = string.IsNullOrEmpty(aclsReq.Group) ? "" : $"Group:{aclsReq.Group} - "; return ApiResponse.Success($"删除 ACLs 规则 用户:{aclsReq.UserName} - Topic:{aclsReq.Topic} - {group}所有权限成功"); } } }