There was an error updating the application config

[rahul-anbalagan]

Issue submitter TODO list

• I've looked up my issue in FAQ
• I've searched for an already existing issues here
• I've tried running main-labeled docker image and the issue still persists there
• I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

When trying to create a cluster configuration via jar file, it gives "There was an error updating the application config" even though the rbac is setup properly.

Expected behavior

No response

Your installation details

Java version: 17
App version: 28677a9
App config:

logging:
  level:
    root: INFO
    io.kafbat.ui: DEBUG
    #org.springframework.http.codec.json.Jackson2JsonEncoder: DEBUG
    #org.springframework.http.codec.json.Jackson2JsonDecoder: DEBUG
    reactor.netty.http.server.AccessLog: INFO
    org.springframework.security: DEBUG

#server:
#  port: 8080 #- Port on which the app will run.

#spring.profiles.active: local

spring:
  jmx:
    enabled: true


dynamic.config.enabled: true

oauth2:
  ldap:
    activeDirectory: false
    activeDirectory.domain: domain.com

auth:
#  type: DISABLED
  type: OAUTH2
  oauth2:
    client:
      google:
        provider: google
        clientId: 6922.apps.googleusercontent.com # REPLACE WITH CLIENT ID
        clientSecret: GOCSPX-KYIdU # REPLACE WITH CLIENT SECRET
        user-name-attribute: email
        custom-params:
          type: google
          allowedDomain: hyperface.co


rbac:
  roles:
    - name: "admin"
      clusters:
        - ".*"
      subjects:
        - provider: oauth_google
          type: user
          value: "[email protected]" # REPLACE WITH ADMIN USER

      permissions:
        - resource: applicationconfig
          actions: all

        - resource: clusterconfig
          actions: all

        - resource: topic
          value: ".*"
          actions: all

        - resource: consumer
          value: ".*"
          actions: all

        - resource: schema
          value: ".*"
          actions: all

        - resource: connect
          value: ".*"
          actions: all

        - resource: ksql
          actions: all

        - resource: acl
          actions: all

        - resource: audit
          actions: all

    - name: "view-only"
      clusters:
        - ".*"
      subjects:
        - provider: oauth_google
          type: domain
          value: "hyperface.co" #REPLACE WITH VIEW USER
      permissions:
        - resource: clusterconfig
          actions: [ "view" ]

        - resource: topic
          value: ".*"
          actions:
            - VIEW
            - MESSAGES_READ

        - resource: consumer
          value: ".*"
          actions: [ view ]

        - resource: schema
          value: ".*"
          actions: [ view ]

        - resource: connect
          value: ".*"
          actions: [ view ]

        - resource: acl
          actions: [ view ]

Steps to reproduce

1. Clone main branch
2. setup google oauth with above mentioned roles.
3. Try creating a new kafka cluster config

Screenshots

No response

Logs

[Uploading message.txt…](Stack trace)

Additional context

No response

[github-actions]

Hi rahul-anbalagan! 👋

Welcome, and thank you for opening your first issue in the repo!

Please wait for triaging by our maintainers.

As development is carried out in our spare time, you can support us by sponsoring our activities or even funding the development of specific issues.
Sponsorship link

If you plan to raise a PR for this issue, please take a look at our contributing guide.

[Haarolean]

A regression from #116:
io/kafbat/ui/service/rbac/AccessControlService.java:110 skips cluster verification if context.cluster() != null, but the same is being done in getUserPermissions call on io/kafbat/ui/service/rbac/AccessControlService.java:113 which results in an NPE with .filter(role -> role.getClusters().stream().anyMatch(clusterName::equalsIgnoreCase)) on io/kafbat/ui/service/rbac/AccessControlService.java:120