diff --git a/src/v/cloud_topics/frontend/BUILD b/src/v/cloud_topics/frontend/BUILD index 878eff0b82dd6..abe46509443f2 100644 --- a/src/v/cloud_topics/frontend/BUILD +++ b/src/v/cloud_topics/frontend/BUILD @@ -31,6 +31,7 @@ redpanda_cc_library( "//src/v/cloud_topics/level_zero/stm:ctp_stm", "//src/v/cloud_topics/level_zero/stm:placeholder", "//src/v/cluster", + "//src/v/kafka/protocol", "//src/v/kafka/server:write_at_offset_stm", "//src/v/ssx:future_util", "//src/v/storage:record_batch_builder", diff --git a/src/v/cloud_topics/frontend/frontend.cc b/src/v/cloud_topics/frontend/frontend.cc index 9abea19864866..78eda0496b544 100644 --- a/src/v/cloud_topics/frontend/frontend.cc +++ b/src/v/cloud_topics/frontend/frontend.cc @@ -26,6 +26,7 @@ #include "cluster/partition.h" #include "cluster/rm_stm_types.h" #include "cluster/types.h" +#include "kafka/protocol/errors.h" #include "kafka/server/write_at_offset_stm.h" #include "model/fundamental.h" #include "model/offset_interval.h" diff --git a/src/v/security/BUILD b/src/v/security/BUILD index 8e963f456725a..f9dba5eba2d3f 100644 --- a/src/v/security/BUILD +++ b/src/v/security/BUILD @@ -129,6 +129,8 @@ redpanda_cc_library( "types.h", ], implementation_deps = [ + "//src/v/kafka/protocol", + "//src/v/pandaproxy/schema_registry:types", "//src/v/random:secure_random", "//src/v/thirdparty/krb5", "@abseil-cpp//absl/strings", @@ -145,12 +147,10 @@ redpanda_cc_library( "//src/v/hashing:secure", "//src/v/http", "//src/v/json", - "//src/v/kafka/protocol", "//src/v/metrics", "//src/v/model", "//src/v/net", "//src/v/net:types", - "//src/v/pandaproxy/schema_registry:types", "//src/v/reflection:adl", "//src/v/security/audit:types", "//src/v/serde", diff --git a/src/v/security/acl.cc b/src/v/security/acl.cc index b9fd880e7de44..b0b53b0216f81 100644 --- a/src/v/security/acl.cc +++ b/src/v/security/acl.cc @@ -12,6 +12,8 @@ #include "absl/container/flat_hash_map.h" #include "absl/container/node_hash_map.h" +#include "kafka/protocol/types.h" +#include "pandaproxy/schema_registry/types.h" #include "security/acl_store.h" #include "serde/read_header.h" #include "serde/rw/rw.h" @@ -707,6 +709,36 @@ void acl_binding_filter::testing_serde_full_read_v2( *this = acl_binding_filter{res._pattern, res._acl}; } +template +resource_type get_resource_type() { + if constexpr (std::is_same_v) { + return resource_type::topic; + } else if constexpr (std::is_same_v) { + return resource_type::group; + } else if constexpr (std::is_same_v) { + return resource_type::cluster; + } else if constexpr (std::is_same_v) { + return resource_type::transactional_id; + } else if constexpr ( + std::is_same_v) { + return resource_type::sr_subject; + } else if constexpr ( + std::is_same_v) { + return resource_type::sr_registry; + } else { + static_assert(base::unsupported_type::value, "Unsupported type"); + } +} + +template resource_type get_resource_type(); +template resource_type get_resource_type(); +template resource_type get_resource_type(); +template resource_type get_resource_type(); +template resource_type +get_resource_type(); +template resource_type +get_resource_type(); + template const std::vector& get_allowed_operations() { static const std::vector topic_resource_ops{ diff --git a/src/v/security/acl.h b/src/v/security/acl.h index 7a4466760a01b..670d13006aecc 100644 --- a/src/v/security/acl.h +++ b/src/v/security/acl.h @@ -14,9 +14,7 @@ #include "base/format_to.h" #include "base/seastarx.h" #include "base/type_traits.h" -#include "kafka/protocol/types.h" #include "model/fundamental.h" -#include "pandaproxy/schema_registry/types.h" #include "security/audit/schemas/types.h" #include "serde/envelope.h" #include "serde/rw/enum.h" @@ -105,24 +103,7 @@ std::optional from_string_view(std::string_view str); template -consteval resource_type get_resource_type() { - namespace ppsr = pandaproxy::schema_registry; - if constexpr (std::is_same_v) { - return resource_type::topic; - } else if constexpr (std::is_same_v) { - return resource_type::group; - } else if constexpr (std::is_same_v) { - return resource_type::cluster; - } else if constexpr (std::is_same_v) { - return resource_type::transactional_id; - } else if constexpr (std::is_same_v) { - return resource_type::sr_subject; - } else if constexpr (std::is_same_v) { - return resource_type::sr_registry; - } else { - static_assert(base::unsupported_type::value, "Unsupported type"); - } -} +resource_type get_resource_type(); /* * A pattern rule for matching ACL resource names. diff --git a/src/v/security/authorizer.cc b/src/v/security/authorizer.cc index 82e2fdff22d96..8f77bef058861 100644 --- a/src/v/security/authorizer.cc +++ b/src/v/security/authorizer.cc @@ -13,8 +13,10 @@ #include "acl_store.h" #include "config/configuration.h" +#include "kafka/protocol/types.h" #include "metrics/metrics.h" #include "metrics/prometheus_sanitize.h" +#include "pandaproxy/schema_registry/types.h" #include "security/role.h" #include "security/role_store.h" diff --git a/src/v/security/tests/BUILD b/src/v/security/tests/BUILD index e3d154d328739..460f147b58384 100644 --- a/src/v/security/tests/BUILD +++ b/src/v/security/tests/BUILD @@ -75,6 +75,7 @@ redpanda_cc_gtest( ], deps = [ "//src/v/config", + "//src/v/kafka/protocol", "//src/v/pandaproxy/schema_registry:types", "//src/v/random:generators", "//src/v/security", diff --git a/src/v/security/tests/authorizer_test.cc b/src/v/security/tests/authorizer_test.cc index 25410df82a7f8..b21658c2c7b25 100644 --- a/src/v/security/tests/authorizer_test.cc +++ b/src/v/security/tests/authorizer_test.cc @@ -8,6 +8,7 @@ // by the Apache License, Version 2.0 #include "absl/container/flat_hash_set.h" #include "config/mock_property.h" +#include "kafka/protocol/types.h" #include "pandaproxy/schema_registry/types.h" #include "random/generators.h" #include "security/acl.h"