[ISSUE #70] The rocketmq-dashboard supports ACL configuration

[xxd763795151]

What is the purpose of the change

#70

The rocketmq-dashboard supports ACL configuration, such as following:

Or

Feature descirbe:

• the 'CRUD operation' of topic permission for an accessKey
• the 'CRUD operation' of group permission for an accessKey
• add/delete host white list
• the acl info can be synchronized in the cluster from a broker to all broker when it is inconsistent(Why it may be inconsistent? For example, the acl info is add by manual in all brokers, one broker config error or forget to config; when we config acl, one broker is down in the cluster.)

**Note: the Acl menu only appears when the accessKey and secretKey is not empty in the application.yml. **

By the way, the last topic or group permission can not be deleted if there is only one topic or group permission for an access key because of the rocketmq`s implemention.

Brief changelog

XXXX

Verifying this change

XXXX

Follow this checklist to help us incorporate your contribution quickly and easily. Notice, it would be helpful if you could finish the following 5 checklist(the last one is not necessary)before request the community to review your PR.

• Make sure there is a Github issue filed for the change (usually before you start working on it). Trivial changes like typos do not require a Github issue. Your pull request should address just this issue, without pulling in other changes - one PR resolves one issue.
• Format the pull request title like [ISSUE #123] Fix UnknownException when host config not exist. Each commit in the pull request should have a meaningful subject line and body.
• Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
• Write necessary unit-test(over 80% coverage) to verify your logic correction, more mock a little better when cross module dependency exist. If the new feature or significant change is committed, please remember to add integration-test in test module.
• Run mvn -B clean apache-rat:check findbugs:findbugs checkstyle:checkstyle to make sure basic checks pass. Run mvn clean install -DskipITs to make sure unit-test pass. Run mvn clean test-compile failsafe:integration-test to make sure integration-test pass.
• If this contribution is large, please file an Apache Individual Contributor License Agreement.

[xxd763795151]

Sorry, I forget unit tests. I need spend a little time to add some unit tests.

[StyleTang]

@xxd763795151
Thanks for your contribution, I have some urgent things to do recently, will review your PR later.

[vongosling]

Security key should be hidden by asterisks :-)

[vongosling]

NIce job ~~~ I'd like to add another reviewer @zhangjidi2016 for this feature :-)

[zhangjidi2016]

Use StringUtils.isNotEmpty(config.getAccessKey()) instead

[zhangjidi2016]

Add permission control for ACL-related operation interfaces for different login role

[xxd763795151]

Oh, oh, okay. I will make some adjustments according to your suggestions later.
@zhangjidi2016

[zhangjidi2016]

Hide action buttons based on login roles

[xxd763795151]

Security key should be hidden by asterisks :-)

About this, I hope you could think it about more. If it is necessary, I will adjust later. Such as , it will show '********' , that hidden by asterisks, and there is a button on the side, click visible. Or hide this column , and add a 'Secret key ' button.

[codecov-commenter]

Codecov Report

❗ No coverage uploaded for pull request base (master@6da21f4). Click here to learn what that means.
The diff coverage is n/a.

@@            Coverage Diff            @@
##             master      #71   +/-   ##
=========================================
  Coverage          ?   76.94%           
  Complexity        ?      821           
=========================================
  Files             ?       91           
  Lines             ?     2837           
  Branches          ?      278           
=========================================
  Hits              ?     2183           
  Misses            ?      500           
  Partials          ?      154           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6da21f4...5ed049c. Read the comment docs.

[xxd763795151]

Now, when enable login controle, different roles are treated differently, as following:
the admin role:

the normal role:

@zhangjidi2016 @vongosling
Please review code again, thanks.

[vongosling]

Security key should be hidden by asterisks :-)

About this, I hope you could think it about more. If it is necessary, I will adjust later. Such as , it will show '********' , that hidden by asterisks, and there is a button on the side, click visible. Or hide this column, and add a 'Secret key ' button.

As I said, Open Source projects also consider the common safety problem. Do you really see the downside of displaying security keys in clear text by default?

[xxd763795151]

Security key should be hidden by asterisks :-)

About this, I hope you could think it about more. If it is necessary, I will adjust later. Such as , it will show '********' , that hidden by asterisks, and there is a button on the side, click visible. Or hide this column, and add a 'Secret key ' button.

As I said, Open Source projects also consider the common safety problem. Do you really see the downside of displaying security keys in clear text by default?

@vongosling Yeah, u are right. I just made some adjustments for it. Such as following:

[StyleTang]

We can just return true.

return true;

[xxd763795151]

I will adjust it later. When I optimize code first time, I try return true, but it occur json error. So I use this style as return value. But using this style, it doesn't seem to be a problem right now, I will optimize these code again.

[StyleTang]

ditto

[StyleTang]

can be on the same line.