diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/controller/MessagesController.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/controller/MessagesController.java index 32d341e6134..50b36e14703 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/controller/MessagesController.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/controller/MessagesController.java @@ -24,6 +24,7 @@ import com.provectus.kafka.ui.model.rbac.permission.TopicAction; import com.provectus.kafka.ui.service.DeserializationService; import com.provectus.kafka.ui.service.MessagesService; +import com.provectus.kafka.ui.util.DynamicConfigOperations; import java.util.List; import java.util.Map; import java.util.Optional; @@ -31,6 +32,7 @@ import javax.validation.Valid; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.tuple.Pair; import org.apache.kafka.common.TopicPartition; import org.springframework.http.ResponseEntity; @@ -47,6 +49,7 @@ public class MessagesController extends AbstractController implements MessagesAp private final MessagesService messagesService; private final DeserializationService deserializationService; + private final DynamicConfigOperations dynamicConfigOperations; @Override public Mono> deleteTopicMessages( @@ -94,6 +97,10 @@ public Mono>> getTopicMessages(String .topicActions(MESSAGES_READ) .operationName("getTopicMessages"); + if (StringUtils.isNoneEmpty(q) && MessageFilterTypeDTO.GROOVY_SCRIPT == filterQueryType) { + dynamicConfigOperations.checkIfFilteringGroovyEnabled(); + } + if (auditService.isAuditTopic(getCluster(clusterName), topicName)) { contextBuilder.auditActions(AuditAction.VIEW); } diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/DynamicConfigOperations.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/DynamicConfigOperations.java index 9b1e5017ba8..2a5532ca76a 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/DynamicConfigOperations.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/util/DynamicConfigOperations.java @@ -45,6 +45,7 @@ public class DynamicConfigOperations { static final String DYNAMIC_CONFIG_ENABLED_ENV_PROPERTY = "dynamic.config.enabled"; + static final String FILTERING_GROOVY_ENABLED_PROPERTY = "filtering.groovy.enabled"; static final String DYNAMIC_CONFIG_PATH_ENV_PROPERTY = "dynamic.config.path"; static final String DYNAMIC_CONFIG_PATH_ENV_PROPERTY_DEFAULT = "/etc/kafkaui/dynamic_config.yaml"; @@ -64,6 +65,10 @@ public boolean dynamicConfigEnabled() { return "true".equalsIgnoreCase(ctx.getEnvironment().getProperty(DYNAMIC_CONFIG_ENABLED_ENV_PROPERTY)); } + public boolean filteringGroovyEnabled() { + return "true".equalsIgnoreCase(ctx.getEnvironment().getProperty(FILTERING_GROOVY_ENABLED_PROPERTY)); + } + private Path dynamicConfigFilePath() { return Paths.get( Optional.ofNullable(ctx.getEnvironment().getProperty(DYNAMIC_CONFIG_PATH_ENV_PROPERTY)) @@ -147,6 +152,14 @@ public Mono uploadConfigRelatedFile(FilePart file) { .onErrorMap(th -> new FileUploadException(targetFilePath, th)); } + public void checkIfFilteringGroovyEnabled() { + if (!filteringGroovyEnabled()) { + throw new ValidationException( + "Groovy filters is not allowed. " + + "Set filtering.groovy.enabled property to 'true' to enabled it."); + } + } + private void checkIfDynamicConfigEnabled() { if (!dynamicConfigEnabled()) { throw new ValidationException(