feature: [174] Implement ACL DSL using Google Mug#175
Open
crazyrokr wants to merge 21 commits into
Open
Conversation
Test Coverage Report
|
crazyrokr
changed the title
JavaSaBr
reviewed
Jun 15, 2026
| @FieldDefaults(level = AccessLevel.PRIVATE, makeFinal = true) | ||
| public class GaclParser { | ||
|
|
||
| CharPredicate WHITESPACE = CharPredicate.anyOf(" \t\r\n"); |
Owner
There was a problem hiding this comment.
why it looks like final static constans but it's not a static?
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request introduces a new ACL DSL implementation based on Google Mug and wires it into the broker’s Spring configuration, aiming to replace/augment the existing Groovy-based ACL DSL and improve compatibility with native-image builds.
Changes:
- Added new
acl-mug-dslmodule (parser + file loader) with Spock tests and example.gaclconfigs. - Integrated the Mug-based ACL engine selection into the standalone application and test configuration.
- Updated Gradle configuration (module includes, version catalog, and JaCoCo aggregation) to account for the new module/dependencies.
Reviewed changes
Copilot reviewed 19 out of 20 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| test-coverage/build.gradle | Adds JaCoCo aggregation for the new acl-mug-dsl module. |
| settings.gradle | Registers the new :acl-mug-dsl Gradle module. |
| gradle/libs.versions.toml | Adds Mug and dot-parse dependencies to the version catalog. |
| application/src/test/resources/application-test.properties | Switches integration tests to use mug-dsl and a unified acl.engine.config.path property. |
| application/src/main/java/javasabr/mqtt/broker/application/config/MqttBrokerSpringConfig.java | Switches the standalone app to import the Mug-based ACL Spring config. |
| application/build.gradle | Replaces acl-groovy-dsl dependency with acl-mug-dsl. |
| acl-service/src/main/java/javasabr/mqtt/acl/service/impl/UriLoaderAuthorizationService.java | Refactors authorization service to accept a pluggable rules loader function and loads ACL rules from a URI-backed path. |
| acl-service/src/main/java/javasabr/mqtt/acl/service/conifg/MugDslBasedAclServiceSpringConfig.java | New Spring config enabling Mug DSL engine based on acl.engine.type=mug-dsl. |
| acl-service/src/main/java/javasabr/mqtt/acl/service/conifg/GroovyDslBasedAclServiceSpringConfig.java | Updates Groovy DSL config to use the unified acl.engine.config.path property and shared loader-based service. |
| acl-service/build.gradle | Adds compileOnly API dependency on acl-mug-dsl. |
| acl-mug-dsl/src/test/resources/acl/test-acl-shorthand.gacl | Adds shorthand DSL example file for tests. |
| acl-mug-dsl/src/test/resources/acl/test-acl-full.gacl | Adds full-feature DSL example file for tests. |
| acl-mug-dsl/src/test/resources/acl/invalid/invalid-syntax.gacl | Adds invalid DSL sample for negative parsing tests. |
| acl-mug-dsl/src/test/groovy/javasabr/mqtt/acl/mug/dsl/parser/GaclParserTest.groovy | Adds parser unit tests for directives/conditions/errors. |
| acl-mug-dsl/src/test/groovy/javasabr/mqtt/acl/mug/dsl/loader/AclRulesLoaderTest.groovy | Adds loader tests for missing/unreadable file scenarios and success path. |
| acl-mug-dsl/src/main/java/javasabr/mqtt/acl/mug/dsl/parser/GaclParser.java | Implements the Mug-based .gacl parser producing AclRule objects. |
| acl-mug-dsl/src/main/java/javasabr/mqtt/acl/mug/dsl/loader/AclRulesLoader.java | Implements filesystem-based ACL rules loading and grouping by operation. |
| acl-mug-dsl/build.gradle | Declares the new module’s dependencies and Groovy test setup. |
| acl-engine/src/main/java/javasabr/mqtt/acl/engine/exception/AclConfigurationException.java | Adds a (message, cause) constructor to preserve error causes. |
| .gitignore | Broadens ignoring of out/ folders across submodules. |
Comment on lines
+158
to
+164
| .map(s -> { | ||
| try { | ||
| return DynamicTopicMatcher.autoBuild(s); | ||
| } catch (RuntimeException e) { | ||
| throw new AclConfigurationException(e.getMessage()); | ||
| } | ||
| }), |
| @RequiredArgsConstructor | ||
| public class AclRulesLoader { | ||
|
|
||
| private final GaclParser parser ; |
| GaclParser parser = new GaclParser() | ||
|
|
||
| @Unroll | ||
| def "should parse string literal containing #pattern without treating it as a comment"() { |
| thrown(AclConfigurationException) | ||
| } | ||
|
|
||
| def "should handle empty users section"() { |
|
|
||
| @Bean | ||
| AuthorizationService authorizationService(@Value("${acl.engine.groovy.dsl.config}") URI aclConfigUri) { | ||
| AuthorizationService authorizationService(@Value("${acl.engine.config.path}") URI aclConfigUri) { |
Comment on lines
71
to
76
| @Import({ | ||
| AuthenticationServiceSpringConfig.class, | ||
| GroovyDslBasedAclServiceSpringConfig.class, | ||
| MugDslBasedAclServiceSpringConfig.class, | ||
| MqttExternalPlainNetworkConfig.class, | ||
| MqttExternalTlsNetworkConfig.class | ||
| }) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue
#174
Description
This pull request implements an Access Control List (ACL) Domain-Specific Language (DSL) using Google Mug library and integrates it into the application configurations.
Changes
Impact
This change enables ability to use authorization service (ACL engine) in native image