MINOR: remove SaslPlainPlaintextConsumerTest.testZkAclsDisabled (#17902)

Reviewers: David Arthur <mumrah@gmail.com>, Chia-Ping Tsai <chia7712@gmail.com>
apache · Nov 22, 2024 · c2352f8 · c2352f8
1 parent eb641b5
commit c2352f8
Showing 1 changed file with 0 additions and 47 deletions.
diff --git a/core/src/test/scala/integration/kafka/api/SaslPlainPlaintextConsumerTest.scala b/core/src/test/scala/integration/kafka/api/SaslPlainPlaintextConsumerTest.scala
@@ -14,17 +14,11 @@ package kafka.api
 
 import kafka.security.JaasTestUtils
 import kafka.utils.TestUtils
-import kafka.zk.{KafkaZkClient, ZkData}
 import org.apache.kafka.common.network.ListenerName
 import org.apache.kafka.common.security.auth.SecurityProtocol
-import org.apache.kafka.server.config.ZkConfigs
-import org.apache.zookeeper.ZooDefs.Perms
-import org.apache.zookeeper.data.ACL
-import org.junit.jupiter.api.Assertions.assertEquals
 import org.junit.jupiter.api._
 
 import java.util.Locale
-import scala.collection.Seq
 
 @Timeout(600)
 class SaslPlainPlaintextConsumerTest extends BaseConsumerTest with SaslSetup {
@@ -33,9 +27,6 @@ class SaslPlainPlaintextConsumerTest extends BaseConsumerTest with SaslSetup {
   private val kafkaServerSaslMechanisms = List(kafkaClientSaslMechanism)
   private val kafkaServerJaasEntryName =
     s"${listenerName.value.toLowerCase(Locale.ROOT)}.${JaasTestUtils.KAFKA_SERVER_CONTEXT_NAME}"
-  this.serverConfig.setProperty(ZkConfigs.ZK_ENABLE_SECURE_ACLS_CONFIG, "false")
-  // disable secure acls of zkClient in QuorumTestHarness
-  override protected def zkAclsEnabled = Some(false)
   override protected def securityProtocol = SecurityProtocol.SASL_PLAINTEXT
   override protected lazy val trustStoreFile = Some(TestUtils.tempFile("truststore", ".jks"))
   override protected val serverSaslProperties = Some(kafkaServerSaslProperties(kafkaServerSaslMechanisms, kafkaClientSaslMechanism))
@@ -52,42 +43,4 @@ class SaslPlainPlaintextConsumerTest extends BaseConsumerTest with SaslSetup {
     super.tearDown()
     closeSasl()
   }
-
-  /**
-   * Checks that everyone can access ZkData.SecureZkRootPaths and ZkData.SensitiveZkRootPaths
-   * when zookeeper.set.acl=false, even if ZooKeeper is SASL-enabled.
-   */
-  @Test
-  def testZkAclsDisabled(): Unit = {
-    secureZkPaths(zkClient).foreach(path => {
-      if (zkClient.pathExists(path)) {
-        val acls = zkClient.getAcl(path)
-        assertEquals(1, acls.size, s"Invalid ACLs for $path $acls")
-        acls.foreach(isAclUnsecure)
-      }
-    })
-  }
-
-  def secureZkPaths(zkClient: KafkaZkClient): Seq[String] = {
-    def subPaths(path: String): Seq[String] = {
-      if (zkClient.pathExists(path))
-        path +: zkClient.getChildren(path).map(c => path + "/" + c).flatMap(subPaths)
-      else
-        Seq.empty
-    }
-    val topLevelPaths = ZkData.SecureRootPaths ++ ZkData.SensitiveRootPaths
-    topLevelPaths.flatMap(subPaths)
-  }
-
-  /**
-   * Verifies that the ACL corresponds to the unsecure one that
-   * provides ALL access to everyone (world).
-   */
-  def isAclUnsecure(acl: ACL): Boolean = {
-    debug(s"ACL $acl")
-    acl.getPerms match {
-      case Perms.ALL => acl.getId.getScheme == "world"
-      case _ => false
-    }
-  }
 }