Added /acls endpoint to get all the ACLs (#231)

* Adding /acls endpoint to get all the ACLs

* Adding unit tests

Co-authored-by: Alexis Souquiere <[email protected]>

src/main/java/com/michelin/ns4kafka/controllers/AccessControlListController.java → src/main/java/com/michelin/ns4kafka/controllers/acl/AccessControlListController.java

@@ -1,4 +1,4 @@
-package com.michelin.ns4kafka.controllers;
+package com.michelin.ns4kafka.controllers.acl;
 
 import com.michelin.ns4kafka.controllers.generic.NamespacedResourceController;
 import com.michelin.ns4kafka.models.AccessControlEntry;

src/main/java/com/michelin/ns4kafka/controllers/acl/AccessControlListNonNamespacedController.java

@@ -0,0 +1,34 @@
+package com.michelin.ns4kafka.controllers.acl;
+
+import com.michelin.ns4kafka.controllers.generic.NonNamespacedResourceController;
+import com.michelin.ns4kafka.models.AccessControlEntry;
+import com.michelin.ns4kafka.security.ResourceBasedSecurityRule;
+import com.michelin.ns4kafka.services.AccessControlEntryService;
+import io.micronaut.http.annotation.Controller;
+import io.micronaut.http.annotation.Get;
+import io.swagger.v3.oas.annotations.tags.Tag;
+
+import javax.annotation.security.RolesAllowed;
+import javax.inject.Inject;
+import java.util.List;
+
+@Tag(name = "ACLs resource")
+@Controller("/api/acls")
+@RolesAllowed(ResourceBasedSecurityRule.IS_ADMIN)
+public class AccessControlListNonNamespacedController extends NonNamespacedResourceController {
+
+    /**
+     * The ACL service
+     */
+    @Inject
+    AccessControlEntryService accessControlEntryService;
+
+    /**
+     * Get all the ACLs of all namespaces
+     * @return A list of ACLs
+     */
+    @Get
+    public List<AccessControlEntry> listAll() {
+        return accessControlEntryService.findAll();
+    }
+}

src/main/java/com/michelin/ns4kafka/services/AccessControlEntryService.java

@@ -271,6 +271,14 @@ public List<AccessControlEntry> findAllForCluster(String cluster) {
                 .collect(Collectors.toList());
     }
 
+    /**
+     * Find all the ACLs on all clusters
+     * @return A list of ACLs
+     */
+    public List<AccessControlEntry> findAll() {
+        return new ArrayList<>(accessControlEntryRepository.findAll());
+    }
+
     /**
      * Does given namespace is owner of the given resource ?
      *

src/test/java/com/michelin/ns4kafka/controllers/AccessControlListControllerTest.java

@@ -1,5 +1,6 @@
 package com.michelin.ns4kafka.controllers;
 
+import com.michelin.ns4kafka.controllers.acl.AccessControlListController;
 import com.michelin.ns4kafka.models.AccessControlEntry;
 import com.michelin.ns4kafka.models.Namespace;
 import com.michelin.ns4kafka.models.ObjectMeta;

src/test/java/com/michelin/ns4kafka/controllers/AccessControlListNonNamespacedControllerTest.java

@@ -0,0 +1,48 @@
+package com.michelin.ns4kafka.controllers;
+
+import com.michelin.ns4kafka.controllers.acl.AccessControlListNonNamespacedController;
+import com.michelin.ns4kafka.models.AccessControlEntry;
+import com.michelin.ns4kafka.models.Namespace;
+import com.michelin.ns4kafka.models.ObjectMeta;
+import com.michelin.ns4kafka.services.AccessControlEntryService;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+import java.util.List;
+
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class AccessControlListNonNamespacedControllerTest {
+    /**
+     * The mocked ACL service
+     */
+    @Mock
+    AccessControlEntryService accessControlEntryService;
+
+    /**
+     * The mocked ACL controller
+     */
+    @InjectMocks
+    AccessControlListNonNamespacedController accessControlListNonNamespacedController;
+
+    @Test
+    void listAll() {
+        AccessControlEntry ace1 = AccessControlEntry.builder()
+                .metadata(ObjectMeta.builder().namespace("namespace1").build())
+                .spec(AccessControlEntry.AccessControlEntrySpec.builder().grantedTo("namespace1").build()).build();
+        AccessControlEntry ace2 = AccessControlEntry.builder()
+                .metadata(ObjectMeta.builder().namespace("namespace2").build())
+                .spec(AccessControlEntry.AccessControlEntrySpec.builder().grantedTo("namespace2").build()).build();
+
+        when(accessControlEntryService.findAll()).thenReturn(List.of(ace1, ace2));
+
+        List<AccessControlEntry> actual = accessControlListNonNamespacedController.listAll();
+        Assertions.assertEquals(2, actual.size());
+        Assertions.assertEquals(List.of(ace1, ace2), actual);
+    }
+}

src/test/java/com/michelin/ns4kafka/services/AccessControlEntryServiceTest.java

@@ -806,6 +806,24 @@ void findAllForNamespace() {
         Assertions.assertEquals(2, actual.size());
     }
 
+    @Test
+    void findAll() {
+        AccessControlEntry ace1 = AccessControlEntry.builder()
+                .metadata(ObjectMeta.builder().namespace("namespace1").build())
+                .spec(AccessControlEntry.AccessControlEntrySpec.builder().grantedTo("namespace1").build()).build();
+        AccessControlEntry ace2 = AccessControlEntry.builder()
+                .metadata(ObjectMeta.builder().namespace("namespace2").build())
+                .spec(AccessControlEntry.AccessControlEntrySpec.builder().grantedTo("namespace2").build()).build();
+        AccessControlEntry ace3 = AccessControlEntry.builder()
+                .metadata(ObjectMeta.builder().namespace("namespace3").build())
+                .spec(AccessControlEntry.AccessControlEntrySpec.builder().grantedTo("namespace3").build()).build();
+
+        Mockito.when(accessControlEntryRepository.findAll())
+                .thenReturn(List.of(ace1, ace2, ace3));
+        List<AccessControlEntry> actual = accessControlEntryService.findAll();
+        Assertions.assertEquals(3, actual.size());
+    }
+
     @Test
     void isNamespaceOwnerOfResource() {
         AccessControlEntry ace1 = AccessControlEntry.builder()