Creation of Group Read ACL for * literal pattern does not work

fanfuvac commented 1 week ago

Issue submitter TODO list

[X] I've looked up my issue in FAQ
[X] I've searched for an already existing issues here
[X] I've tried running main-labeled docker image and the issue still persists there
[X] I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

I am trying to create ACL as per below: However it fails with error: 500 Internal Server Error patternType must not be MATCH

I am trying to achieve something like this: https://stackoverflow.com/questions/73087776/how-to-authorize-every-group-on-a-topic-in-the-acl Create a group read permission for given user to be able to have any consumer-group permission (which is ok by me since the user is restricted by ACL on Topic level)

I was able to create the rule by API as well as by cmd, so it should work in the GUI as well, sample of such rule:

Expected behavior

ACL creation should work

Your installation details

10d4a11 11/12/2024, 14:20:31

Steps to reproduce

Try to create ACL as per desription.

Screenshots

No response

Logs

No response

Additional context

No response

Haarolean commented 1 week ago

Please share the full logs

fanfuvac commented 1 week ago

56:09,851 ERROR [reactor-http-epoll-9] o.s.b.a.w.r.e.AbstractErrorWebExceptionHandler: [26a64f03-2782] 500 Server Error for HTTP POST "/api/clusters/XXXXXX/acl" java.lang.IllegalArgumentException: patternType must not be MATCH at org.apache.kafka.common.resource.ResourcePattern.(ResourcePattern.java:58) Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException: Error has been observed at the following site(s): __checkpoint ⇢ Handler io.kafbat.ui.controller.AclsController#createAcl(String, Mono, ServerWebExchange) [DispatcherHandler] checkpoint ⇢ io.kafbat.ui.config.CorsGlobalConfiguration$$Lambda$1139/0x00007fe042719758 [DefaultWebFilterChain] *checkpoint ⇢ io.kafbat.ui.config.CustomWebFilter [DefaultWebFilterChain] __checkpoint ⇢ io.kafbat.ui.config.ReadOnlyModeFilter [DefaultWebFilterChain] checkpoint ⇢ AuthorizationWebFilter [DefaultWebFilterChain] *checkpoint ⇢ ExceptionTranslationWebFilter [DefaultWebFilterChain] __checkpoint ⇢ LogoutWebFilter [DefaultWebFilterChain] checkpoint ⇢ ServerRequestCacheWebFilter [DefaultWebFilterChain] *checkpoint ⇢ SecurityContextServerWebExchangeWebFilter [DefaultWebFilterChain] __checkpoint ⇢ LogoutPageGeneratingWebFilter [DefaultWebFilterChain] checkpoint ⇢ LoginPageGeneratingWebFilter [DefaultWebFilterChain] *checkpoint ⇢ OAuth2LoginAuthenticationWebFilter [DefaultWebFilterChain] __checkpoint ⇢ OAuth2AuthorizationRequestRedirectWebFilter [DefaultWebFilterChain] checkpoint ⇢ ReactorContextWebFilter [DefaultWebFilterChain] *checkpoint ⇢ HttpHeaderWriterWebFilter [DefaultWebFilterChain] __checkpoint ⇢ ServerWebExchangeReactorContextWebFilter [DefaultWebFilterChain] checkpoint ⇢ org.springframework.security.web.server.WebFilterChainProxy [DefaultWebFilterChain] *checkpoint ⇢ HTTP POST "/api/clusters/XXXXXX/acl" [ExceptionHandlingWebHandler] Original Stack Trace: at org.apache.kafka.common.resource.ResourcePattern.(ResourcePattern.java:58) at io.kafbat.ui.mapper.ClusterMapper.toAclBinding(ClusterMapper.java:179) at reactor.core.publisher.FluxMap$MapSubscriber.onNext(FluxMap.java:106) at reactor.core.publisher.MonoIgnoreThen$ThenIgnoreMain.complete(MonoIgnoreThen.java:294) at reactor.core.publisher.MonoIgnoreThen$ThenIgnoreMain.onNext(MonoIgnoreThen.java:188) at reactor.core.publisher.FluxPeek$PeekSubscriber.onNext(FluxPeek.java:200) at reactor.core.publisher.FluxOnErrorResume$ResumeSubscriber.onNext(FluxOnErrorResume.java:79) at reactor.core.publisher.MonoFlatMap$FlatMapMain.onNext(MonoFlatMap.java:158) at reactor.core.publisher.FluxContextWrite$ContextWriteSubscriber.onNext(FluxContextWrite.java:107) at reactor.core.publisher.FluxMapFuseable$MapFuseableConditionalSubscriber.onNext(FluxMapFuseable.java:299) at reactor.core.publisher.FluxFilterFuseable$FilterFuseableConditionalSubscriber.onNext(FluxFilterFuseable.java:337) at reactor.core.publisher.Operators$BaseFluxToMonoOperator.completePossiblyEmpty(Operators.java:2097) at reactor.core.publisher.MonoCollect$CollectSubscriber.onComplete(MonoCollect.java:145) at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:144) at reactor.core.publisher.FluxPeek$PeekSubscriber.onComplete(FluxPeek.java:260) at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:144) at reactor.netty.channel.FluxReceive.onInboundComplete(FluxReceive.java:415) at reactor.netty.channel.ChannelOperations.onInboundComplete(ChannelOperations.java:445) at reactor.netty.http.server.HttpServerOperations.handleLastHttpContent(HttpServerOperations.java:867) at reactor.netty.http.server.HttpServerOperations.onInboundNext(HttpServerOperations.java:789) at reactor.netty.channel.ChannelOperationsHandler.channelRead(ChannelOperationsHandler.java:115) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) at reactor.netty.http.server.HttpTrafficHandler.channelRead(HttpTrafficHandler.java:311) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:436) at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:346) at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:318) at io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:251) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412) at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1357) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420) at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:868) at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:799) at io.netty.channel.epoll.AbstractEpollChannel$AbstractEpollUnsafe$1.run(AbstractEpollChannel.java:425) at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:173) at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:166) at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472) at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:405) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:840)

kafbat / kafka-ui