From cbc8f7865f8031cf19aefd35fea8212255026913 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Mon, 17 Jul 2023 17:16:30 -0400 Subject: [PATCH 01/19] Support describeacls --- createacl_test.go | 77 +++++++++++++----- describeacls.go | 113 ++++++++++++++++++++++++++ protocol/describeacls/describeacls.go | 59 ++++++++++++++ 3 files changed, 228 insertions(+), 21 deletions(-) create mode 100644 describeacls.go create mode 100644 protocol/describeacls/describeacls.go diff --git a/createacl_test.go b/createacl_test.go index 4f4b15380..c3ac87da6 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -5,6 +5,7 @@ import ( "testing" ktesting "github.com/segmentio/kafka-go/testing" + "github.com/stretchr/testify/assert" ) func TestClientCreateACLs(t *testing.T) { @@ -15,35 +16,69 @@ func TestClientCreateACLs(t *testing.T) { client, shutdown := newLocalClient() defer shutdown() - res, err := client.CreateACLs(context.Background(), &CreateACLsRequest{ - ACLs: []ACLEntry{ - { - Principal: "User:alice", - PermissionType: ACLPermissionTypeAllow, - Operation: ACLOperationTypeRead, - ResourceType: ResourceTypeTopic, - ResourcePatternType: PatternTypeLiteral, - ResourceName: "fake-topic-for-alice", - Host: "*", - }, - { - Principal: "User:bob", - PermissionType: ACLPermissionTypeAllow, - Operation: ACLOperationTypeRead, - ResourceType: ResourceTypeGroup, - ResourcePatternType: PatternTypeLiteral, - ResourceName: "fake-group-for-bob", - Host: "*", - }, + var ACLs = []ACLEntry{ + { + Principal: "User:alice", + PermissionType: ACLPermissionTypeAllow, + Operation: ACLOperationTypeRead, + ResourceType: ResourceTypeTopic, + ResourcePatternType: PatternTypeLiteral, + ResourceName: "fake-topic-for-alice", + Host: "*", + }, + { + Principal: "User:bob", + PermissionType: ACLPermissionTypeAllow, + Operation: ACLOperationTypeRead, + ResourceType: ResourceTypeGroup, + ResourcePatternType: PatternTypeLiteral, + ResourceName: "fake-group-for-bob", + Host: "*", }, + } + + createRes, err := client.CreateACLs(context.Background(), &CreateACLsRequest{ + ACLs: ACLs, }) if err != nil { t.Fatal(err) } - for _, err := range res.Errors { + for _, err := range createRes.Errors { if err != nil { t.Error(err) } } + + describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ + Filters: []ACLFilter{ + ACLFilter{ + ResourceTypeFilter: ResourceTypeTopic, + }, + }, + }) + if err != nil { + t.Fatal(err) + } + + expectedDescribeResp := DescribeACLsResponse{ + Throttle: 0, + Error: makeError(0, ""), + Resources: []ACLResource{ + ACLResource{ + ResourceType: ResourceTypeTopic, + ResourceName: "fake-topic-for-alice", + ACLs: []ACLDescription{ + ACLDescription{ + Principal: "User:alice", + Host: "*", + Operation: ACLOperationTypeRead, + PermissionType: ACLPermissionTypeAllow, + }, + }, + }, + }, + } + + assert.Equal(t, expectedDescribeResp, *describeResp) } diff --git a/describeacls.go b/describeacls.go new file mode 100644 index 000000000..aa83095fc --- /dev/null +++ b/describeacls.go @@ -0,0 +1,113 @@ +package kafka + +import ( + "context" + "fmt" + "net" + "time" + + "github.com/segmentio/kafka-go/protocol/describeacls" +) + +// DescribeACLsRequest represents a request sent to a kafka broker to describe +// existing ACLs. +type DescribeACLsRequest struct { + // Address of the kafka broker to send the request to. + Addr net.Addr + + // List of filters to filter ACLs on. + Filters []ACLFilter +} + +type ACLFilter struct { + ResourceTypeFilter ResourceType + ResourceNameFilter string + ResourcePatternTypeFilter PatternType + PrincipalFilter string + HostFilter string + Operation ACLOperationType + PermissionType ACLPermissionType +} + +// DescribeACLsResponse represents a response from a kafka broker to an ACL +// describe request. +type DescribeACLsResponse struct { + // The amount of time that the broker throttled the request. + Throttle time.Duration + + // Error that occurred while attempting to describe + // the ACLs. + // + // The errors contain the kafka error code. Programs may use the standard + // errors.Is function to test the error against kafka error codes. + Error error + + // ACL resources returned from the describe request. + Resources []ACLResource +} + +type ACLResource struct { + ResourceType ResourceType + ResourceName string + ACLs []ACLDescription +} + +type ACLDescription struct { + Principal string + Host string + Operation ACLOperationType + PermissionType ACLPermissionType +} + +func (c *Client) DescribeACLs(ctx context.Context, req *DescribeACLsRequest) (*DescribeACLsResponse, error) { + filters := make([]describeacls.ACLFilters, len(req.Filters)) + + for filterIdx, filter := range req.Filters { + filters[filterIdx] = describeacls.ACLFilters{ + ResourceTypeFilter: int8(filter.ResourceTypeFilter), + ResourceNameFilter: filter.ResourceNameFilter, + ResourcePatternTypeFilter: int8(filter.ResourcePatternTypeFilter), + PrincipalFilter: filter.PrincipalFilter, + HostFilter: filter.HostFilter, + Operation: int8(filter.Operation), + PermissionType: int8(filter.PermissionType), + } + } + + m, err := c.roundTrip(ctx, req.Addr, &describeacls.Request{ + Filters: filters, + }) + if err != nil { + return nil, fmt.Errorf("kafka.(*Client).DescribeACLs: %w", err) + } + + res := m.(*describeacls.Response) + resources := make([]ACLResource, len(res.Resources)) + + for resourceIdx, respResource := range res.Resources { + descriptions := make([]ACLDescription, len(respResource.ACLs)) + + for descriptionIdx, respDescription := range respResource.ACLs { + descriptions[descriptionIdx] = ACLDescription{ + Principal: respDescription.Principal, + Host: respDescription.Host, + Operation: ACLOperationType(respDescription.Operation), + PermissionType: ACLPermissionType(respDescription.PermissionType), + } + } + + resources[resourceIdx] = ACLResource{ + ResourceType: ResourceType(respResource.ResourceType), + ResourceName: respResource.ResourceName, + ACLs: descriptions, + } + } + + ret := &DescribeACLsResponse{ + Throttle: makeDuration(res.ThrottleTimeMs), + Error: makeError(res.ErrorCode, res.ErrorMessage), + Resources: resources, + } + + return ret, nil +} diff --git a/protocol/describeacls/describeacls.go b/protocol/describeacls/describeacls.go new file mode 100644 index 000000000..db89b317f --- /dev/null +++ b/protocol/describeacls/describeacls.go @@ -0,0 +1,59 @@ +package describeacls + +import "github.com/segmentio/kafka-go/protocol" + +func init() { + protocol.Register(&Request{}, &Response{}) +} + +type Request struct { + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + + Filters []ACLFilters `kafka:"min=v0,max=v3"` +} + +func (r *Request) ApiKey() protocol.ApiKey { return protocol.CreateAcls } + +func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { + return cluster.Brokers[cluster.Controller], nil +} + +type ACLFilters struct { + ResourceTypeFilter int8 `kafka:"min=v0,max=v3"` + ResourceNameFilter string `kafka:"min=v0,max=v3,nullable"` + ResourcePatternTypeFilter int8 `kafka:"min=v1,max=v3"` + PrincipalFilter string `kafka:"min=v0,max=v3,nullable"` + HostFilter string `kafka:"min=v0,max=v3,nullable"` + Operation int8 `kafka:"min=v0,max=v3"` + PermissionType int8 `kafka:"min=v0,max=v3"` +} + +type Response struct { + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + + ThrottleTimeMs int32 `kafka:"min=v0,max=v3"` + ErrorCode int16 `kafka:"min=v0,max=v3"` + ErrorMessage string `kafka:"min=v0,max=v3,nullable"` + Resources []Resource `kafka:"min=v0,max=v3"` +} + +func (r *Response) ApiKey() protocol.ApiKey { return protocol.CreateAcls } + +type Resource struct { + ResourceType int8 `kafka:"min=v0,max=v3"` + ResourceName string `kafka:"min=v0,max=v3"` + ACLs []ResponseACL `kafka:"min=v0,max=v3"` +} + +type ResponseACL struct { + Principal string `kafka:"min=v0,max=v3"` + Host string `kafka:"min=v0,max=v3"` + Operation int8 `kafka:"min=v0,max=v3"` + PermissionType int8 `kafka:"min=v0,max=v3"` +} + +var _ protocol.BrokerMessage = (*Request)(nil) From ef59217ac15a680cd150457cfe59785a72ee0181 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:16:03 -0400 Subject: [PATCH 02/19] gofmt -s -w createacl_test.go --- createacl_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/createacl_test.go b/createacl_test.go index c3ac87da6..4575abddb 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -52,7 +52,7 @@ func TestClientCreateACLs(t *testing.T) { describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ Filters: []ACLFilter{ - ACLFilter{ + { ResourceTypeFilter: ResourceTypeTopic, }, }, @@ -65,11 +65,11 @@ func TestClientCreateACLs(t *testing.T) { Throttle: 0, Error: makeError(0, ""), Resources: []ACLResource{ - ACLResource{ + { ResourceType: ResourceTypeTopic, ResourceName: "fake-topic-for-alice", ACLs: []ACLDescription{ - ACLDescription{ + { Principal: "User:alice", Host: "*", Operation: ACLOperationTypeRead, From 2609002c4680804d3cffd5baee74dc705a84aa3d Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:21:32 -0400 Subject: [PATCH 03/19] make test diff smaller and fix protocl api key --- createacl_test.go | 42 +++++++++++++-------------- protocol/describeacls/describeacls.go | 2 +- 2 files changed, 21 insertions(+), 23 deletions(-) diff --git a/createacl_test.go b/createacl_test.go index 4575abddb..05b4cd04d 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -16,29 +16,27 @@ func TestClientCreateACLs(t *testing.T) { client, shutdown := newLocalClient() defer shutdown() - var ACLs = []ACLEntry{ - { - Principal: "User:alice", - PermissionType: ACLPermissionTypeAllow, - Operation: ACLOperationTypeRead, - ResourceType: ResourceTypeTopic, - ResourcePatternType: PatternTypeLiteral, - ResourceName: "fake-topic-for-alice", - Host: "*", - }, - { - Principal: "User:bob", - PermissionType: ACLPermissionTypeAllow, - Operation: ACLOperationTypeRead, - ResourceType: ResourceTypeGroup, - ResourcePatternType: PatternTypeLiteral, - ResourceName: "fake-group-for-bob", - Host: "*", - }, - } - createRes, err := client.CreateACLs(context.Background(), &CreateACLsRequest{ - ACLs: ACLs, + ACLs: []ACLEntry{ + { + Principal: "User:alice", + PermissionType: ACLPermissionTypeAllow, + Operation: ACLOperationTypeRead, + ResourceType: ResourceTypeTopic, + ResourcePatternType: PatternTypeLiteral, + ResourceName: "fake-topic-for-alice", + Host: "*", + }, + { + Principal: "User:bob", + PermissionType: ACLPermissionTypeAllow, + Operation: ACLOperationTypeRead, + ResourceType: ResourceTypeGroup, + ResourcePatternType: PatternTypeLiteral, + ResourceName: "fake-group-for-bob", + Host: "*", + }, + }, }) if err != nil { t.Fatal(err) diff --git a/protocol/describeacls/describeacls.go b/protocol/describeacls/describeacls.go index db89b317f..914c89309 100644 --- a/protocol/describeacls/describeacls.go +++ b/protocol/describeacls/describeacls.go @@ -14,7 +14,7 @@ type Request struct { Filters []ACLFilters `kafka:"min=v0,max=v3"` } -func (r *Request) ApiKey() protocol.ApiKey { return protocol.CreateAcls } +func (r *Request) ApiKey() protocol.ApiKey { return protocol.DescribeAcls } func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { return cluster.Brokers[cluster.Controller], nil From ec01572a34985b3481f2c246460eaa47c9737d8d Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:22:15 -0400 Subject: [PATCH 04/19] fix another protocol api key --- protocol/describeacls/describeacls.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/protocol/describeacls/describeacls.go b/protocol/describeacls/describeacls.go index 914c89309..bcb1a180a 100644 --- a/protocol/describeacls/describeacls.go +++ b/protocol/describeacls/describeacls.go @@ -41,7 +41,7 @@ type Response struct { Resources []Resource `kafka:"min=v0,max=v3"` } -func (r *Response) ApiKey() protocol.ApiKey { return protocol.CreateAcls } +func (r *Response) ApiKey() protocol.ApiKey { return protocol.DescribeAcls } type Resource struct { ResourceType int8 `kafka:"min=v0,max=v3"` From fdfe93a3261c0f14f9887deaffecf3645f6ea542 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:23:33 -0400 Subject: [PATCH 05/19] improve test name --- createacl_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/createacl_test.go b/createacl_test.go index 05b4cd04d..f67e0bd2d 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -8,7 +8,7 @@ import ( "github.com/stretchr/testify/assert" ) -func TestClientCreateACLs(t *testing.T) { +func TestClientCreateDescribeACLs(t *testing.T) { if !ktesting.KafkaIsAtLeast("2.0.1") { return } From 5622f4f90ecdd9669f1e940435ebe34ce99b4481 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:38:02 -0400 Subject: [PATCH 06/19] protocol fixes --- protocol/describeacls/describeacls.go | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/protocol/describeacls/describeacls.go b/protocol/describeacls/describeacls.go index bcb1a180a..b53d8afa9 100644 --- a/protocol/describeacls/describeacls.go +++ b/protocol/describeacls/describeacls.go @@ -22,10 +22,10 @@ func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { type ACLFilters struct { ResourceTypeFilter int8 `kafka:"min=v0,max=v3"` - ResourceNameFilter string `kafka:"min=v0,max=v3,nullable"` + ResourceNameFilter string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` ResourcePatternTypeFilter int8 `kafka:"min=v1,max=v3"` - PrincipalFilter string `kafka:"min=v0,max=v3,nullable"` - HostFilter string `kafka:"min=v0,max=v3,nullable"` + PrincipalFilter string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` + HostFilter string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` Operation int8 `kafka:"min=v0,max=v3"` PermissionType int8 `kafka:"min=v0,max=v3"` } @@ -37,21 +37,30 @@ type Response struct { ThrottleTimeMs int32 `kafka:"min=v0,max=v3"` ErrorCode int16 `kafka:"min=v0,max=v3"` - ErrorMessage string `kafka:"min=v0,max=v3,nullable"` + ErrorMessage string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` Resources []Resource `kafka:"min=v0,max=v3"` } func (r *Response) ApiKey() protocol.ApiKey { return protocol.DescribeAcls } type Resource struct { + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + ResourceType int8 `kafka:"min=v0,max=v3"` - ResourceName string `kafka:"min=v0,max=v3"` + ResourceName string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` + PatternType int8 `kafka:"min=v1,max=v3"` ACLs []ResponseACL `kafka:"min=v0,max=v3"` } type ResponseACL struct { - Principal string `kafka:"min=v0,max=v3"` - Host string `kafka:"min=v0,max=v3"` + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + + Principal string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` + Host string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` Operation int8 `kafka:"min=v0,max=v3"` PermissionType int8 `kafka:"min=v0,max=v3"` } From a865cc5468fa7d7caa06ddf5abdf50d203f84e7f Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:40:04 -0400 Subject: [PATCH 07/19] add missing patterntype --- describeacls.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/describeacls.go b/describeacls.go index aa83095fc..24b0c627b 100644 --- a/describeacls.go +++ b/describeacls.go @@ -49,6 +49,7 @@ type DescribeACLsResponse struct { type ACLResource struct { ResourceType ResourceType ResourceName string + PatternType PatternType ACLs []ACLDescription } @@ -99,6 +100,7 @@ func (c *Client) DescribeACLs(ctx context.Context, req *DescribeACLsRequest) (*D resources[resourceIdx] = ACLResource{ ResourceType: ResourceType(respResource.ResourceType), ResourceName: respResource.ResourceName, + PatternType: PatternType(respResource.PatternType), ACLs: descriptions, } } From ca11cb98637476fb0249cb74a68e41d4d5284f1a Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 10:45:56 -0400 Subject: [PATCH 08/19] fix createacls protocol --- protocol/createacls/createacls.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/protocol/createacls/createacls.go b/protocol/createacls/createacls.go index 893be44dd..0e55cc2d7 100644 --- a/protocol/createacls/createacls.go +++ b/protocol/createacls/createacls.go @@ -22,10 +22,10 @@ func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { type RequestACLs struct { ResourceType int8 `kafka:"min=v0,max=v2"` - ResourceName string `kafka:"min=v0,max=v2"` - ResourcePatternType int8 `kafka:"min=v0,max=v2"` - Principal string `kafka:"min=v0,max=v2"` - Host string `kafka:"min=v0,max=v2"` + ResourceName string `kafka:"min=v0,max=v1|min=v2,max=v2,compact"` + ResourcePatternType int8 `kafka:"min=v1,max=v2"` + Principal string `kafka:"min=v0,max=v1|min=v2,max=v2,compact"` + Host string `kafka:"min=v0,max=v2|min=v2,max=v2,compact` Operation int8 `kafka:"min=v0,max=v2"` PermissionType int8 `kafka:"min=v0,max=v2"` } @@ -43,7 +43,7 @@ func (r *Response) ApiKey() protocol.ApiKey { return protocol.CreateAcls } type ResponseACLs struct { ErrorCode int16 `kafka:"min=v0,max=v2"` - ErrorMessage string `kafka:"min=v0,max=v2,nullable"` + ErrorMessage string `kafka:"min=v0,max=v1,nullable|min=v2,max=v2,nullable,compact"` } var _ protocol.BrokerMessage = (*Request)(nil) From 68056671f511a263d2dd6ae56f009b0cc6187648 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 11:07:19 -0400 Subject: [PATCH 09/19] fix tags and add tagged fields back in --- protocol/createacls/createacls.go | 2 +- protocol/describeacls/describeacls.go | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/protocol/createacls/createacls.go b/protocol/createacls/createacls.go index 0e55cc2d7..4e9d2c518 100644 --- a/protocol/createacls/createacls.go +++ b/protocol/createacls/createacls.go @@ -25,7 +25,7 @@ type RequestACLs struct { ResourceName string `kafka:"min=v0,max=v1|min=v2,max=v2,compact"` ResourcePatternType int8 `kafka:"min=v1,max=v2"` Principal string `kafka:"min=v0,max=v1|min=v2,max=v2,compact"` - Host string `kafka:"min=v0,max=v2|min=v2,max=v2,compact` + Host string `kafka:"min=v0,max=v2|min=v2,max=v2,compact"` Operation int8 `kafka:"min=v0,max=v2"` PermissionType int8 `kafka:"min=v0,max=v2"` } diff --git a/protocol/describeacls/describeacls.go b/protocol/describeacls/describeacls.go index b53d8afa9..037f4e05b 100644 --- a/protocol/describeacls/describeacls.go +++ b/protocol/describeacls/describeacls.go @@ -21,6 +21,10 @@ func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { } type ACLFilters struct { + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + ResourceTypeFilter int8 `kafka:"min=v0,max=v3"` ResourceNameFilter string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` ResourcePatternTypeFilter int8 `kafka:"min=v1,max=v3"` From f6e2d372b78f8c481d2ad5ce3a9a1f887d385935 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 11:27:27 -0400 Subject: [PATCH 10/19] bump createacls version to v3 --- describeacls.go | 3 --- protocol/createacls/createacls.go | 28 ++++++++++++++-------------- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/describeacls.go b/describeacls.go index 24b0c627b..814b2a920 100644 --- a/describeacls.go +++ b/describeacls.go @@ -37,9 +37,6 @@ type DescribeACLsResponse struct { // Error that occurred while attempting to describe // the ACLs. - // - // The errors contain the kafka error code. Programs may use the standard - // errors.Is function to test the error against kafka error codes. Error error // ACL resources returned from the describe request. diff --git a/protocol/createacls/createacls.go b/protocol/createacls/createacls.go index 4e9d2c518..47936c371 100644 --- a/protocol/createacls/createacls.go +++ b/protocol/createacls/createacls.go @@ -9,9 +9,9 @@ func init() { type Request struct { // We need at least one tagged field to indicate that v2+ uses "flexible" // messages. - _ struct{} `kafka:"min=v2,max=v2,tag"` + _ struct{} `kafka:"min=v2,max=v3,tag"` - Creations []RequestACLs `kafka:"min=v0,max=v2"` + Creations []RequestACLs `kafka:"min=v0,max=v3"` } func (r *Request) ApiKey() protocol.ApiKey { return protocol.CreateAcls } @@ -21,29 +21,29 @@ func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { } type RequestACLs struct { - ResourceType int8 `kafka:"min=v0,max=v2"` - ResourceName string `kafka:"min=v0,max=v1|min=v2,max=v2,compact"` - ResourcePatternType int8 `kafka:"min=v1,max=v2"` - Principal string `kafka:"min=v0,max=v1|min=v2,max=v2,compact"` - Host string `kafka:"min=v0,max=v2|min=v2,max=v2,compact"` - Operation int8 `kafka:"min=v0,max=v2"` - PermissionType int8 `kafka:"min=v0,max=v2"` + ResourceType int8 `kafka:"min=v0,max=v3"` + ResourceName string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` + ResourcePatternType int8 `kafka:"min=v1,max=v3"` + Principal string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` + Host string `kafka:"min=v0,max=v2|min=v2,max=v3,compact"` + Operation int8 `kafka:"min=v0,max=v3"` + PermissionType int8 `kafka:"min=v0,max=v3"` } type Response struct { // We need at least one tagged field to indicate that v2+ uses "flexible" // messages. - _ struct{} `kafka:"min=v2,max=v2,tag"` + _ struct{} `kafka:"min=v2,max=v3,tag"` - ThrottleTimeMs int32 `kafka:"min=v0,max=v2"` - Results []ResponseACLs `kafka:"min=v0,max=v2"` + ThrottleTimeMs int32 `kafka:"min=v0,max=v3"` + Results []ResponseACLs `kafka:"min=v0,max=v3"` } func (r *Response) ApiKey() protocol.ApiKey { return protocol.CreateAcls } type ResponseACLs struct { - ErrorCode int16 `kafka:"min=v0,max=v2"` - ErrorMessage string `kafka:"min=v0,max=v1,nullable|min=v2,max=v2,nullable,compact"` + ErrorCode int16 `kafka:"min=v0,max=v3"` + ErrorMessage string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` } var _ protocol.BrokerMessage = (*Request)(nil) From b8746fa581226f7ffe608edd24e369d6d75b0f62 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 13:23:43 -0400 Subject: [PATCH 11/19] wip --- createacl_test.go | 5 ++++- protocol/createacls/createacls.go | 10 +++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/createacl_test.go b/createacl_test.go index f67e0bd2d..bc066c733 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -51,7 +51,10 @@ func TestClientCreateDescribeACLs(t *testing.T) { describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ Filters: []ACLFilter{ { - ResourceTypeFilter: ResourceTypeTopic, + ResourceTypeFilter: ResourceTypeTopic, + ResourcePatternTypeFilter: PatternTypeLiteral, + Operation: ACLOperationTypeRead, + PermissionType: ACLPermissionTypeAllow, }, }, }) diff --git a/protocol/createacls/createacls.go b/protocol/createacls/createacls.go index 47936c371..aad0cc07c 100644 --- a/protocol/createacls/createacls.go +++ b/protocol/createacls/createacls.go @@ -21,11 +21,15 @@ func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { } type RequestACLs struct { + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + ResourceType int8 `kafka:"min=v0,max=v3"` ResourceName string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` ResourcePatternType int8 `kafka:"min=v1,max=v3"` Principal string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` - Host string `kafka:"min=v0,max=v2|min=v2,max=v3,compact"` + Host string `kafka:"min=v0,max=v1|min=v2,max=v3,compact"` Operation int8 `kafka:"min=v0,max=v3"` PermissionType int8 `kafka:"min=v0,max=v3"` } @@ -42,6 +46,10 @@ type Response struct { func (r *Response) ApiKey() protocol.ApiKey { return protocol.CreateAcls } type ResponseACLs struct { + // We need at least one tagged field to indicate that v2+ uses "flexible" + // messages. + _ struct{} `kafka:"min=v2,max=v3,tag"` + ErrorCode int16 `kafka:"min=v0,max=v3"` ErrorMessage string `kafka:"min=v0,max=v1,nullable|min=v2,max=v3,nullable,compact"` } From 565bc7ada3327e4b39189623e1cabac77167ba63 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 13:33:42 -0400 Subject: [PATCH 12/19] just one filter, not a list of filters --- createacl_test.go | 12 +++++------- describeacls.go | 28 +++++++++++---------------- protocol/describeacls/describeacls.go | 4 ++-- 3 files changed, 18 insertions(+), 26 deletions(-) diff --git a/createacl_test.go b/createacl_test.go index bc066c733..ce967e7b1 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -49,13 +49,11 @@ func TestClientCreateDescribeACLs(t *testing.T) { } describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ - Filters: []ACLFilter{ - { - ResourceTypeFilter: ResourceTypeTopic, - ResourcePatternTypeFilter: PatternTypeLiteral, - Operation: ACLOperationTypeRead, - PermissionType: ACLPermissionTypeAllow, - }, + Filter: ACLFilter{ + ResourceTypeFilter: ResourceTypeTopic, + ResourcePatternTypeFilter: PatternTypeLiteral, + Operation: ACLOperationTypeRead, + PermissionType: ACLPermissionTypeAllow, }, }) if err != nil { diff --git a/describeacls.go b/describeacls.go index 814b2a920..5200261a9 100644 --- a/describeacls.go +++ b/describeacls.go @@ -15,8 +15,8 @@ type DescribeACLsRequest struct { // Address of the kafka broker to send the request to. Addr net.Addr - // List of filters to filter ACLs on. - Filters []ACLFilter + // Filter to filter ACLs on. + Filter ACLFilter } type ACLFilter struct { @@ -58,22 +58,16 @@ type ACLDescription struct { } func (c *Client) DescribeACLs(ctx context.Context, req *DescribeACLsRequest) (*DescribeACLsResponse, error) { - filters := make([]describeacls.ACLFilters, len(req.Filters)) - - for filterIdx, filter := range req.Filters { - filters[filterIdx] = describeacls.ACLFilters{ - ResourceTypeFilter: int8(filter.ResourceTypeFilter), - ResourceNameFilter: filter.ResourceNameFilter, - ResourcePatternTypeFilter: int8(filter.ResourcePatternTypeFilter), - PrincipalFilter: filter.PrincipalFilter, - HostFilter: filter.HostFilter, - Operation: int8(filter.Operation), - PermissionType: int8(filter.PermissionType), - } - } - m, err := c.roundTrip(ctx, req.Addr, &describeacls.Request{ - Filters: filters, + Filter: describeacls.ACLFilter{ + ResourceTypeFilter: int8(req.Filter.ResourceTypeFilter), + ResourceNameFilter: req.Filter.ResourceNameFilter, + ResourcePatternTypeFilter: int8(req.Filter.ResourcePatternTypeFilter), + PrincipalFilter: req.Filter.PrincipalFilter, + HostFilter: req.Filter.HostFilter, + Operation: int8(req.Filter.Operation), + PermissionType: int8(req.Filter.PermissionType), + }, }) if err != nil { return nil, fmt.Errorf("kafka.(*Client).DescribeACLs: %w", err) diff --git a/protocol/describeacls/describeacls.go b/protocol/describeacls/describeacls.go index 037f4e05b..93a7d2ed7 100644 --- a/protocol/describeacls/describeacls.go +++ b/protocol/describeacls/describeacls.go @@ -11,7 +11,7 @@ type Request struct { // messages. _ struct{} `kafka:"min=v2,max=v3,tag"` - Filters []ACLFilters `kafka:"min=v0,max=v3"` + Filter ACLFilter `kafka:"min=v0,max=v3"` } func (r *Request) ApiKey() protocol.ApiKey { return protocol.DescribeAcls } @@ -20,7 +20,7 @@ func (r *Request) Broker(cluster protocol.Cluster) (protocol.Broker, error) { return cluster.Brokers[cluster.Controller], nil } -type ACLFilters struct { +type ACLFilter struct { // We need at least one tagged field to indicate that v2+ uses "flexible" // messages. _ struct{} `kafka:"min=v2,max=v3,tag"` From fbea1d3d0dd1102b4d98a3574cbc57a03f2721ef Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 13:38:04 -0400 Subject: [PATCH 13/19] add missing patterntype in test --- createacl_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/createacl_test.go b/createacl_test.go index ce967e7b1..b93a3f052 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -73,6 +73,7 @@ func TestClientCreateDescribeACLs(t *testing.T) { Host: "*", Operation: ACLOperationTypeRead, PermissionType: ACLPermissionTypeAllow, + PatternType: ResourceTypeLiteral, }, }, }, From 28383ab2c486e4f98a25ecadb77e96d45035142d Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Tue, 18 Jul 2023 13:40:23 -0400 Subject: [PATCH 14/19] fix patterntype location --- createacl_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/createacl_test.go b/createacl_test.go index b93a3f052..57fdb1139 100644 --- a/createacl_test.go +++ b/createacl_test.go @@ -67,13 +67,13 @@ func TestClientCreateDescribeACLs(t *testing.T) { { ResourceType: ResourceTypeTopic, ResourceName: "fake-topic-for-alice", + PatternType: PatternTypeLiteral, ACLs: []ACLDescription{ { Principal: "User:alice", Host: "*", Operation: ACLOperationTypeRead, PermissionType: ACLPermissionTypeAllow, - PatternType: ResourceTypeLiteral, }, }, }, From cf63056d9934833ce13d97cc5d182bd90c7e3a0c Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Mon, 24 Jul 2023 14:04:47 -0400 Subject: [PATCH 15/19] add prototests --- protocol/createacls/createacls_test.go | 115 ++++++++++++++++ protocol/describeacls/describeacls_test.go | 149 +++++++++++++++++++++ 2 files changed, 264 insertions(+) create mode 100644 protocol/createacls/createacls_test.go create mode 100644 protocol/describeacls/describeacls_test.go diff --git a/protocol/createacls/createacls_test.go b/protocol/createacls/createacls_test.go new file mode 100644 index 000000000..61b48c805 --- /dev/null +++ b/protocol/createacls/createacls_test.go @@ -0,0 +1,115 @@ +package createacls_test + +import ( + "testing" + + "github.com/segmentio/kafka-go/protocol/createacls" + "github.com/segmentio/kafka-go/protocol/prototest" +) + +const ( + v0 = 0 + v1 = 1 + v2 = 2 + v3 = 3 +) + +func TestCreateACLsRequest(t *testing.T) { + prototest.TestRequest(t, v0, &createacls.Request{ + Creations: []createacls.RequestACLs{ + { + Principal: "User:alice", + PermissionType: 3, + Operation: 3, + ResourceType: 2, + ResourceName: "fake-topic-for-alice", + Host: "*", + }, + }, + }) + + prototest.TestRequest(t, v1, &createacls.Request{ + Creations: []createacls.RequestACLs{ + { + Principal: "User:alice", + PermissionType: 3, + Operation: 3, + ResourceType: 2, + ResourcePatternType: 3, + ResourceName: "fake-topic-for-alice", + Host: "*", + }, + }, + }) + + prototest.TestRequest(t, v2, &createacls.Request{ + Creations: []createacls.RequestACLs{ + { + Principal: "User:alice", + PermissionType: 3, + Operation: 3, + ResourceType: 2, + ResourcePatternType: 3, + ResourceName: "fake-topic-for-alice", + Host: "*", + }, + }, + }) + + prototest.TestRequest(t, v3, &createacls.Request{ + Creations: []createacls.RequestACLs{ + { + Principal: "User:alice", + PermissionType: 3, + Operation: 3, + ResourceType: 2, + ResourcePatternType: 3, + ResourceName: "fake-topic-for-alice", + Host: "*", + }, + }, + }) +} + +func TestCreateACLsResponse(t *testing.T) { + prototest.TestResponse(t, v0, &createacls.Response{ + ThrottleTimeMs: 1, + Results: []createacls.ResponseACLs{ + { + ErrorCode: 1, + ErrorMessage: "foo", + }, + }, + }) + + prototest.TestResponse(t, v1, &createacls.Response{ + ThrottleTimeMs: 1, + Results: []createacls.ResponseACLs{ + { + ErrorCode: 1, + ErrorMessage: "foo", + }, + }, + }) + + prototest.TestResponse(t, v2, &createacls.Response{ + ThrottleTimeMs: 1, + Results: []createacls.ResponseACLs{ + { + ErrorCode: 1, + ErrorMessage: "foo", + }, + }, + }) + + prototest.TestResponse(t, v3, &createacls.Response{ + ThrottleTimeMs: 1, + Results: []createacls.ResponseACLs{ + { + ErrorCode: 1, + ErrorMessage: "foo", + }, + }, + }) + +} diff --git a/protocol/describeacls/describeacls_test.go b/protocol/describeacls/describeacls_test.go new file mode 100644 index 000000000..8fd45fffc --- /dev/null +++ b/protocol/describeacls/describeacls_test.go @@ -0,0 +1,149 @@ +package describeacls_test + +import ( + "testing" + + "github.com/segmentio/kafka-go/protocol/describeacls" + "github.com/segmentio/kafka-go/protocol/prototest" +) + +const ( + v0 = 0 + v1 = 1 + v2 = 2 + v3 = 3 +) + +func TestDescribeACLsRequest(t *testing.T) { + prototest.TestRequest(t, v0, &describeacls.Request{ + Filter: describeacls.ACLFilter{ + ResourceTypeFilter: 2, + ResourceNameFilter: "fake-topic-for-alice", + PrincipalFilter: "User:alice", + HostFilter: "*", + Operation: 3, + PermissionType: 3, + }, + }) + + prototest.TestRequest(t, v1, &describeacls.Request{ + Filter: describeacls.ACLFilter{ + ResourceTypeFilter: 2, + ResourceNameFilter: "fake-topic-for-alice", + ResourcePatternTypeFilter: 0, + PrincipalFilter: "User:alice", + HostFilter: "*", + Operation: 3, + PermissionType: 3, + }, + }) + + prototest.TestRequest(t, v2, &describeacls.Request{ + Filter: describeacls.ACLFilter{ + ResourceTypeFilter: 2, + ResourceNameFilter: "fake-topic-for-alice", + ResourcePatternTypeFilter: 0, + PrincipalFilter: "User:alice", + HostFilter: "*", + Operation: 3, + PermissionType: 3, + }, + }) + + prototest.TestRequest(t, v3, &describeacls.Request{ + Filter: describeacls.ACLFilter{ + ResourceTypeFilter: 2, + ResourceNameFilter: "fake-topic-for-alice", + ResourcePatternTypeFilter: 0, + PrincipalFilter: "User:alice", + HostFilter: "*", + Operation: 3, + PermissionType: 3, + }, + }) +} + +func TestDescribeACLsResponse(t *testing.T) { + prototest.TestResponse(t, v0, &describeacls.Response{ + ThrottleTimeMs: 1, + ErrorCode: 1, + ErrorMessage: "foo", + Resources: []describeacls.Resource{ + { + ResourceType: 2, + ResourceName: "fake-topic-for-alice", + ACLs: []describeacls.ResponseACL{ + { + Principal: "User:alice", + Host: "*", + Operation: 3, + PermissionType: 3, + }, + }, + }, + }, + }) + + prototest.TestResponse(t, v1, &describeacls.Response{ + ThrottleTimeMs: 1, + ErrorCode: 1, + ErrorMessage: "foo", + Resources: []describeacls.Resource{ + { + ResourceType: 2, + ResourceName: "fake-topic-for-alice", + PatternType: 3, + ACLs: []describeacls.ResponseACL{ + { + Principal: "User:alice", + Host: "*", + Operation: 3, + PermissionType: 3, + }, + }, + }, + }, + }) + + prototest.TestResponse(t, v2, &describeacls.Response{ + ThrottleTimeMs: 1, + ErrorCode: 1, + ErrorMessage: "foo", + Resources: []describeacls.Resource{ + { + ResourceType: 2, + ResourceName: "fake-topic-for-alice", + PatternType: 3, + ACLs: []describeacls.ResponseACL{ + { + Principal: "User:alice", + Host: "*", + Operation: 3, + PermissionType: 3, + }, + }, + }, + }, + }) + + prototest.TestResponse(t, v3, &describeacls.Response{ + ThrottleTimeMs: 1, + ErrorCode: 1, + ErrorMessage: "foo", + Resources: []describeacls.Resource{ + { + ResourceType: 2, + ResourceName: "fake-topic-for-alice", + PatternType: 3, + ACLs: []describeacls.ResponseACL{ + { + Principal: "User:alice", + Host: "*", + Operation: 3, + PermissionType: 3, + }, + }, + }, + }, + }) +} From 99474705c6f1c040998284ab49a279ad76b201df Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Mon, 24 Jul 2023 14:05:22 -0400 Subject: [PATCH 16/19] createacl_test.go -> createacls_test.go --- createacl_test.go => createacls_test.go | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename createacl_test.go => createacls_test.go (100%) diff --git a/createacl_test.go b/createacls_test.go similarity index 100% rename from createacl_test.go rename to createacls_test.go From 687064539f71baad2b8596c5692c92037d10e72a Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Mon, 24 Jul 2023 14:08:58 -0400 Subject: [PATCH 17/19] seperate createacls_test and describeacls_test --- createacls_test.go | 44 +++------------------- describeacls_test.go | 87 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 93 insertions(+), 38 deletions(-) create mode 100644 describeacls_test.go diff --git a/createacls_test.go b/createacls_test.go index 57fdb1139..ee04779ea 100644 --- a/createacls_test.go +++ b/createacls_test.go @@ -5,10 +5,9 @@ import ( "testing" ktesting "github.com/segmentio/kafka-go/testing" - "github.com/stretchr/testify/assert" ) -func TestClientCreateDescribeACLs(t *testing.T) { +func TestClientCreateACLs(t *testing.T) { if !ktesting.KafkaIsAtLeast("2.0.1") { return } @@ -16,6 +15,9 @@ func TestClientCreateDescribeACLs(t *testing.T) { client, shutdown := newLocalClient() defer shutdown() + topic := makeTopic() + group := makeGroupID() + createRes, err := client.CreateACLs(context.Background(), &CreateACLsRequest{ ACLs: []ACLEntry{ { @@ -24,7 +26,7 @@ func TestClientCreateDescribeACLs(t *testing.T) { Operation: ACLOperationTypeRead, ResourceType: ResourceTypeTopic, ResourcePatternType: PatternTypeLiteral, - ResourceName: "fake-topic-for-alice", + ResourceName: topic, Host: "*", }, { @@ -33,7 +35,7 @@ func TestClientCreateDescribeACLs(t *testing.T) { Operation: ACLOperationTypeRead, ResourceType: ResourceTypeGroup, ResourcePatternType: PatternTypeLiteral, - ResourceName: "fake-group-for-bob", + ResourceName: group, Host: "*", }, }, @@ -47,38 +49,4 @@ func TestClientCreateDescribeACLs(t *testing.T) { t.Error(err) } } - - describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ - Filter: ACLFilter{ - ResourceTypeFilter: ResourceTypeTopic, - ResourcePatternTypeFilter: PatternTypeLiteral, - Operation: ACLOperationTypeRead, - PermissionType: ACLPermissionTypeAllow, - }, - }) - if err != nil { - t.Fatal(err) - } - - expectedDescribeResp := DescribeACLsResponse{ - Throttle: 0, - Error: makeError(0, ""), - Resources: []ACLResource{ - { - ResourceType: ResourceTypeTopic, - ResourceName: "fake-topic-for-alice", - PatternType: PatternTypeLiteral, - ACLs: []ACLDescription{ - { - Principal: "User:alice", - Host: "*", - Operation: ACLOperationTypeRead, - PermissionType: ACLPermissionTypeAllow, - }, - }, - }, - }, - } - - assert.Equal(t, expectedDescribeResp, *describeResp) } diff --git a/describeacls_test.go b/describeacls_test.go new file mode 100644 index 000000000..e45197587 --- /dev/null +++ b/describeacls_test.go @@ -0,0 +1,87 @@ +package kafka + +import ( + "context" + "testing" + + ktesting "github.com/segmentio/kafka-go/testing" + "github.com/stretchr/testify/assert" +) + +func TestClientDescribeACLs(t *testing.T) { + if !ktesting.KafkaIsAtLeast("2.0.1") { + return + } + + client, shutdown := newLocalClient() + defer shutdown() + + topic := makeTopic() + group := makeGroupID() + + createRes, err := client.CreateACLs(context.Background(), &CreateACLsRequest{ + ACLs: []ACLEntry{ + { + Principal: "User:alice", + PermissionType: ACLPermissionTypeAllow, + Operation: ACLOperationTypeRead, + ResourceType: ResourceTypeTopic, + ResourcePatternType: PatternTypeLiteral, + ResourceName: topic, + Host: "*", + }, + { + Principal: "User:bob", + PermissionType: ACLPermissionTypeAllow, + Operation: ACLOperationTypeRead, + ResourceType: ResourceTypeGroup, + ResourcePatternType: PatternTypeLiteral, + ResourceName: group, + Host: "*", + }, + }, + }) + if err != nil { + t.Fatal(err) + } + + for _, err := range createRes.Errors { + if err != nil { + t.Error(err) + } + } + + describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ + Filter: ACLFilter{ + ResourceTypeFilter: ResourceTypeTopic, + ResourcePatternTypeFilter: PatternTypeLiteral, + Operation: ACLOperationTypeRead, + PermissionType: ACLPermissionTypeAllow, + }, + }) + if err != nil { + t.Fatal(err) + } + + expectedDescribeResp := DescribeACLsResponse{ + Throttle: 0, + Error: makeError(0, ""), + Resources: []ACLResource{ + { + ResourceType: ResourceTypeTopic, + ResourceName: topic, + PatternType: PatternTypeLiteral, + ACLs: []ACLDescription{ + { + Principal: "User:alice", + Host: "*", + Operation: ACLOperationTypeRead, + PermissionType: ACLPermissionTypeAllow, + }, + }, + }, + }, + } + + assert.Equal(t, expectedDescribeResp, *describeResp) +} From 283760dfff4be57d4fa67f6b5c8148923cedb968 Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Mon, 24 Jul 2023 14:30:54 -0400 Subject: [PATCH 18/19] fix describeaclstest --- describeacls_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/describeacls_test.go b/describeacls_test.go index e45197587..25585b25c 100644 --- a/describeacls_test.go +++ b/describeacls_test.go @@ -54,6 +54,7 @@ func TestClientDescribeACLs(t *testing.T) { describeResp, err := client.DescribeACLs(context.Background(), &DescribeACLsRequest{ Filter: ACLFilter{ ResourceTypeFilter: ResourceTypeTopic, + ResourceNameFilter: topic, ResourcePatternTypeFilter: PatternTypeLiteral, Operation: ACLOperationTypeRead, PermissionType: ACLPermissionTypeAllow, From 3f32979f840641ef766785d6b79671a7d85d6dae Mon Sep 17 00:00:00 2001 From: Peter Dannemann Date: Fri, 28 Jul 2023 11:10:03 -0400 Subject: [PATCH 19/19] add comment for ResourcePatternTypeFilter --- describeacls.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/describeacls.go b/describeacls.go index 5200261a9..d1093bbed 100644 --- a/describeacls.go +++ b/describeacls.go @@ -20,8 +20,9 @@ type DescribeACLsRequest struct { } type ACLFilter struct { - ResourceTypeFilter ResourceType - ResourceNameFilter string + ResourceTypeFilter ResourceType + ResourceNameFilter string + // ResourcePatternTypeFilter was added in v1 and is not available prior to that. ResourcePatternTypeFilter PatternType PrincipalFilter string HostFilter string