BE: RBAC: Support provider for basic auth

create basic auth extractor

Author: wernerdv

api/src/main/java/io/kafbat/ui/config/auth/BasicAuthSecurityConfig.java

@@ -1,12 +1,9 @@
 package io.kafbat.ui.config.auth;
 
-import io.kafbat.ui.model.rbac.Role;
-import io.kafbat.ui.model.rbac.provider.Provider;
 import io.kafbat.ui.service.rbac.AccessControlService;
+import io.kafbat.ui.service.rbac.extractor.RbacBasicAuthAuthoritiesExtractor;
 import io.kafbat.ui.util.StaticFileWebFilter;
-import java.util.Collection;
 import java.util.regex.Pattern;
-import java.util.stream.Collectors;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -71,16 +68,9 @@ public ReactiveUserDetailsService reactiveUserDetailsService(SecurityProperties
         .roles(StringUtils.toStringArray(user.getRoles()))
         .build();
 
-    Collection<String> groups = accessControlService.getRoles().stream()
-        .filter(role -> role.getSubjects().stream()
-            .filter(subj -> Provider.BASIC_AUTH.equals(subj.getProvider()))
-            .filter(subj -> "user".equals(subj.getType()))
-            .anyMatch(subj -> user.getName().equals(subj.getValue()))
-        )
-        .map(Role::getName)
-        .collect(Collectors.toSet());
+    RbacBasicAuthAuthoritiesExtractor extractor = new RbacBasicAuthAuthoritiesExtractor(accessControlService);
 
-    return new RbacUserDetailsService(new RbacBasicAuthUser(userDetails, groups));
+    return new RbacUserDetailsService(new RbacBasicAuthUser(userDetails, extractor.groups(user.getName())));
   }
 
   private String password(String password, PasswordEncoder encoder) {

api/src/main/java/io/kafbat/ui/model/rbac/provider/Provider.java

@@ -15,7 +15,7 @@ public enum Provider {
   LDAP,
   LDAP_AD,
 
-  BASIC_AUTH;
+  LOGIN_FORM;
 
   @Nullable
   public static Provider fromString(String name) {

api/src/main/java/io/kafbat/ui/service/rbac/extractor/RbacBasicAuthAuthoritiesExtractor.java

@@ -0,0 +1,26 @@
+package io.kafbat.ui.service.rbac.extractor;
+
+import io.kafbat.ui.model.rbac.Role;
+import io.kafbat.ui.model.rbac.provider.Provider;
+import io.kafbat.ui.service.rbac.AccessControlService;
+import java.util.Collection;
+import java.util.stream.Collectors;
+
+public class RbacBasicAuthAuthoritiesExtractor {
+  private final AccessControlService accessControlService;
+
+  public RbacBasicAuthAuthoritiesExtractor(AccessControlService accessControlService) {
+    this.accessControlService = accessControlService;
+  }
+
+  public Collection<String> groups(String username) {
+    return accessControlService.getRoles().stream()
+        .filter(role -> role.getSubjects().stream()
+            .filter(subj -> Provider.LOGIN_FORM.equals(subj.getProvider()))
+            .filter(subj -> "user".equals(subj.getType()))
+            .anyMatch(subj -> username.equals(subj.getValue()))
+        )
+        .map(Role::getName)
+        .collect(Collectors.toSet());
+  }
+}

api/src/test/java/io/kafbat/ui/BasicAuthIntegrationTest.java

@@ -21,7 +21,7 @@
 import org.springframework.test.web.reactive.server.WebTestClient;
 
 @SpringBootTest
-@ActiveProfiles("rbac-basic-auth")
+@ActiveProfiles("rbac-login-form")
 @AutoConfigureWebTestClient(timeout = "60000")
 public class BasicAuthIntegrationTest {
   @Autowired

api/src/test/resources/application-rbac-basic-auth.yml renamed to api/src/test/resources/application-rbac-login-form.yml

@@ -13,7 +13,7 @@ rbac:
       clusters:
         - local
       subjects:
-        - provider: basic_auth
+        - provider: login_form
           type: user
           value: admin
       permissions: