Merge branch 'main' of github.com:kafbat/kafka-ui into kafbat/203

kafbat · May 22, 2024 · 89f8c22 · 89f8c22
2 parents 94f3640 + 19e95fe
commit 89f8c22
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 40 deletions.
diff --git a/api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java b/api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java
@@ -49,6 +49,7 @@
 import io.kafbat.ui.serdes.BuiltInSerde;
 import io.kafbat.ui.util.jsonschema.ProtobufSchemaConverter;
 import java.io.ByteArrayInputStream;
+import java.nio.file.FileVisitOption;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.Collection;
@@ -404,7 +405,7 @@ private Loader createFilesLoader(Map<String, ProtoFile> files) {
     @SneakyThrows
     private Map<String, ProtoFile> loadFilesWithLocations() {
       Map<String, ProtoFile> filesByLocations = new HashMap<>();
-      try (var files = Files.walk(baseLocation)) {
+      try (var files = Files.walk(baseLocation, FileVisitOption.FOLLOW_LINKS)) {
         files.filter(p -> !Files.isDirectory(p) && p.toString().endsWith(".proto"))
             .forEach(path -> {
               // relative path will be used as "import" statement

diff --git a/api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacLdapAuthoritiesExtractor.java b/api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacLdapAuthoritiesExtractor.java
@@ -1,11 +1,8 @@
 package io.kafbat.ui.service.rbac.extractor;
 
-import io.kafbat.ui.config.auth.LdapProperties;
 import io.kafbat.ui.model.rbac.Role;
 import io.kafbat.ui.model.rbac.provider.Provider;
 import io.kafbat.ui.service.rbac.AccessControlService;
-import java.util.List;
-import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
 import lombok.extern.slf4j.Slf4j;
@@ -14,25 +11,26 @@
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
-import org.springframework.util.Assert;
+import org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator;
 
 @Slf4j
-public class RbacLdapAuthoritiesExtractor extends DefaultLdapAuthoritiesPopulator {
+public class RbacLdapAuthoritiesExtractor extends NestedLdapAuthoritiesPopulator {
 
   private final AccessControlService acs;
-  private final LdapProperties props;
 
   public RbacLdapAuthoritiesExtractor(ApplicationContext context,
                                       BaseLdapPathContextSource contextSource, String groupFilterSearchBase) {
     super(contextSource, groupFilterSearchBase);
     this.acs = context.getBean(AccessControlService.class);
-    this.props = context.getBean(LdapProperties.class);
   }
 
   @Override
   protected Set<GrantedAuthority> getAdditionalRoles(DirContextOperations user, String username) {
-    var ldapGroups = getRoles(user.getNameInNamespace(), username);
+    var ldapGroups = super.getGroupMembershipRoles(user.getNameInNamespace(), username)
+        .stream()
+        .map(GrantedAuthority::getAuthority)
+        .peek(group -> log.trace("Found LDAP group [{}] for user [{}]", group, username))
+        .collect(Collectors.toSet());
 
     return acs.getRoles()
         .stream()
@@ -47,32 +45,4 @@ protected Set<GrantedAuthority> getAdditionalRoles(DirContextOperations user, St
         .map(SimpleGrantedAuthority::new)
         .collect(Collectors.toSet());
   }
-
-  private Set<String> getRoles(String userDn, String username) {
-    var groupSearchBase = props.getGroupFilterSearchBase();
-    Assert.notNull(groupSearchBase, "groupSearchBase is empty");
-
-    var groupRoleAttribute = props.getGroupRoleAttribute();
-    if (groupRoleAttribute == null) {
-
-      groupRoleAttribute = "cn";
-    }
-
-    log.trace(
-        "Searching for roles for user [{}] with DN [{}], groupRoleAttribute [{}] and filter [{}] in search base [{}]",
-        username, userDn, groupRoleAttribute, getGroupSearchFilter(), groupSearchBase);
-
-    var ldapTemplate = getLdapTemplate();
-    ldapTemplate.setIgnoreNameNotFoundException(true);
-
-    Set<Map<String, List<String>>> userRoles = ldapTemplate.searchForMultipleAttributeValues(
-        groupSearchBase, getGroupSearchFilter(), new String[] {userDn, username},
-        new String[] {groupRoleAttribute});
-
-    return userRoles.stream()
-        .map(record -> record.get(getGroupRoleAttribute()).get(0))
-        .peek(group -> log.trace("Found LDAP group [{}] for user [{}]", group, username))
-        .collect(Collectors.toSet());
-  }
-
 }
diff --git a/api/src/main/java/io/kafbat/ui/util/GithubReleaseInfo.java b/api/src/main/java/io/kafbat/ui/util/GithubReleaseInfo.java
@@ -11,7 +11,7 @@ public class GithubReleaseInfo {
   private static final String GITHUB_LATEST_RELEASE_RETRIEVAL_URL =
       "https://api.github.com/repos/kafbat/kafka-ui/releases/latest";
 
-  private static final Duration GITHUB_API_MAX_WAIT_TIME = Duration.ofSeconds(2);
+  private static final Duration GITHUB_API_MAX_WAIT_TIME = Duration.ofSeconds(10);
 
   public record GithubReleaseDto(String html_url, String tag_name, String published_at) {
 

diff --git a/frontend/src/components/common/Select/Select.styled.ts b/frontend/src/components/common/Select/Select.styled.ts
@@ -81,7 +81,7 @@ export const OptionList = styled.ul`
   line-height: 18px;
   color: ${({ theme }) => theme.select.color.normal};
   overflow-y: auto;
-  z-index: 10;
+  z-index: 12;
   max-width: 300px;
   min-width: 100%;
   align-items: center;