diff --git a/api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java b/api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java index e2fc105b9..51c921603 100644 --- a/api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java +++ b/api/src/main/java/io/kafbat/ui/serdes/builtin/ProtobufFileSerde.java @@ -49,6 +49,7 @@ import io.kafbat.ui.serdes.BuiltInSerde; import io.kafbat.ui.util.jsonschema.ProtobufSchemaConverter; import java.io.ByteArrayInputStream; +import java.nio.file.FileVisitOption; import java.nio.file.Files; import java.nio.file.Path; import java.util.Collection; @@ -404,7 +405,7 @@ private Loader createFilesLoader(Map files) { @SneakyThrows private Map loadFilesWithLocations() { Map filesByLocations = new HashMap<>(); - try (var files = Files.walk(baseLocation)) { + try (var files = Files.walk(baseLocation, FileVisitOption.FOLLOW_LINKS)) { files.filter(p -> !Files.isDirectory(p) && p.toString().endsWith(".proto")) .forEach(path -> { // relative path will be used as "import" statement diff --git a/api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacLdapAuthoritiesExtractor.java b/api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacLdapAuthoritiesExtractor.java index 8fd80ac88..3282ab1e2 100644 --- a/api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacLdapAuthoritiesExtractor.java +++ b/api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacLdapAuthoritiesExtractor.java @@ -1,11 +1,8 @@ package io.kafbat.ui.service.rbac.extractor; -import io.kafbat.ui.config.auth.LdapProperties; import io.kafbat.ui.model.rbac.Role; import io.kafbat.ui.model.rbac.provider.Provider; import io.kafbat.ui.service.rbac.AccessControlService; -import java.util.List; -import java.util.Map; import java.util.Set; import java.util.stream.Collectors; import lombok.extern.slf4j.Slf4j; @@ -14,25 +11,26 @@ import org.springframework.ldap.core.support.BaseLdapPathContextSource; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator; -import org.springframework.util.Assert; +import org.springframework.security.ldap.userdetails.NestedLdapAuthoritiesPopulator; @Slf4j -public class RbacLdapAuthoritiesExtractor extends DefaultLdapAuthoritiesPopulator { +public class RbacLdapAuthoritiesExtractor extends NestedLdapAuthoritiesPopulator { private final AccessControlService acs; - private final LdapProperties props; public RbacLdapAuthoritiesExtractor(ApplicationContext context, BaseLdapPathContextSource contextSource, String groupFilterSearchBase) { super(contextSource, groupFilterSearchBase); this.acs = context.getBean(AccessControlService.class); - this.props = context.getBean(LdapProperties.class); } @Override protected Set getAdditionalRoles(DirContextOperations user, String username) { - var ldapGroups = getRoles(user.getNameInNamespace(), username); + var ldapGroups = super.getGroupMembershipRoles(user.getNameInNamespace(), username) + .stream() + .map(GrantedAuthority::getAuthority) + .peek(group -> log.trace("Found LDAP group [{}] for user [{}]", group, username)) + .collect(Collectors.toSet()); return acs.getRoles() .stream() @@ -47,32 +45,4 @@ protected Set getAdditionalRoles(DirContextOperations user, St .map(SimpleGrantedAuthority::new) .collect(Collectors.toSet()); } - - private Set getRoles(String userDn, String username) { - var groupSearchBase = props.getGroupFilterSearchBase(); - Assert.notNull(groupSearchBase, "groupSearchBase is empty"); - - var groupRoleAttribute = props.getGroupRoleAttribute(); - if (groupRoleAttribute == null) { - - groupRoleAttribute = "cn"; - } - - log.trace( - "Searching for roles for user [{}] with DN [{}], groupRoleAttribute [{}] and filter [{}] in search base [{}]", - username, userDn, groupRoleAttribute, getGroupSearchFilter(), groupSearchBase); - - var ldapTemplate = getLdapTemplate(); - ldapTemplate.setIgnoreNameNotFoundException(true); - - Set>> userRoles = ldapTemplate.searchForMultipleAttributeValues( - groupSearchBase, getGroupSearchFilter(), new String[] {userDn, username}, - new String[] {groupRoleAttribute}); - - return userRoles.stream() - .map(record -> record.get(getGroupRoleAttribute()).get(0)) - .peek(group -> log.trace("Found LDAP group [{}] for user [{}]", group, username)) - .collect(Collectors.toSet()); - } - } diff --git a/api/src/main/java/io/kafbat/ui/util/GithubReleaseInfo.java b/api/src/main/java/io/kafbat/ui/util/GithubReleaseInfo.java index 0448c96c8..e3f546ad8 100644 --- a/api/src/main/java/io/kafbat/ui/util/GithubReleaseInfo.java +++ b/api/src/main/java/io/kafbat/ui/util/GithubReleaseInfo.java @@ -11,7 +11,7 @@ public class GithubReleaseInfo { private static final String GITHUB_LATEST_RELEASE_RETRIEVAL_URL = "https://api.github.com/repos/kafbat/kafka-ui/releases/latest"; - private static final Duration GITHUB_API_MAX_WAIT_TIME = Duration.ofSeconds(2); + private static final Duration GITHUB_API_MAX_WAIT_TIME = Duration.ofSeconds(10); public record GithubReleaseDto(String html_url, String tag_name, String published_at) { diff --git a/frontend/src/components/common/Select/Select.styled.ts b/frontend/src/components/common/Select/Select.styled.ts index 9be7ed3db..b9e59a2cc 100644 --- a/frontend/src/components/common/Select/Select.styled.ts +++ b/frontend/src/components/common/Select/Select.styled.ts @@ -81,7 +81,7 @@ export const OptionList = styled.ul` line-height: 18px; color: ${({ theme }) => theme.select.color.normal}; overflow-y: auto; - z-index: 10; + z-index: 12; max-width: 300px; min-width: 100%; align-items: center;