yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(auth mnesia): remove the duplicate cli command 

style(auth mnesia): fix elvis check failurex

style(auth mnesia): remove the extra symbol
This commit is contained in:
zhanghongtong 2020-12-18 09:22:14 +08:00 committed by Rory Z
parent fe675905a6
commit 0ef84d2722
3 changed files with 105 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
apps/emqx_auth_mnesia/src/emqx_acl_mnesia_cli.erl
View File

@ -36,7 +36,8 @@
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
%% @doc Add Acls %% @doc Add Acls
-spec(add_acl(login() |all, emqx_topic:topic(), pub | sub| pubsub, allow | deny) -> ok | {error, any()}). -spec(add_acl(login() |all, emqx_topic:topic(), pub | sub| pubsub, allow | deny) ->
ok | {error, any()}).
add_acl(Login, Topic, Action, Access) -> add_acl(Login, Topic, Action, Access) ->
Acls = #?TABLE{ Acls = #?TABLE{
filter = {Login, Topic}, filter = {Login, Topic},
@ -51,7 +52,9 @@ add_acl(Login, Topic, Action, Access) ->
lookup_acl(undefined) -> []; lookup_acl(undefined) -> [];
lookup_acl(Login) -> lookup_acl(Login) ->
MatchSpec = ets:fun2ms(fun({?TABLE, {Filter, ACLTopic}, Action, Access, CreatedAt}) MatchSpec = ets:fun2ms(fun({?TABLE, {Filter, ACLTopic}, Action, Access, CreatedAt})
when Filter =:= Login -> {Filter, ACLTopic, Action, Access, CreatedAt} end), when Filter =:= Login ->
{Filter, ACLTopic, Action, Access, CreatedAt}
end),
lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)). lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)).
%% @doc Remove acl %% @doc Remove acl
@ -67,65 +70,50 @@ all_acls() ->
all_acls(all). all_acls(all).
all_acls(clientid) -> all_acls(clientid) ->
MatchSpec = ets:fun2ms(fun({?TABLE, {{clientid, Clientid}, Topic}, Action, Access, CreatedAt}) -> {{clientid, Clientid}, Topic, Action, Access, CreatedAt} end), MatchSpec = ets:fun2ms(
fun({?TABLE, {{clientid, Clientid}, Topic}, Action, Access, CreatedAt}) ->
{{clientid, Clientid}, Topic, Action, Access, CreatedAt}
end),
lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)); lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec));
all_acls(username) -> all_acls(username) ->
MatchSpec = ets:fun2ms(fun({?TABLE, {{username, Username}, Topic}, Action, Access, CreatedAt}) -> {{username, Username}, Topic, Action, Access, CreatedAt} end), MatchSpec = ets:fun2ms(
fun({?TABLE, {{username, Username}, Topic}, Action, Access, CreatedAt}) ->
{{username, Username}, Topic, Action, Access, CreatedAt}
end),
lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)); lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec));
all_acls(all) -> all_acls(all) ->
MatchSpec = ets:fun2ms(fun({?TABLE, {all, Topic}, Action, Access, CreatedAt}) -> {all, Topic, Action, Access, CreatedAt} end), MatchSpec = ets:fun2ms(
fun({?TABLE, {all, Topic}, Action, Access, CreatedAt}) ->
{all, Topic, Action, Access, CreatedAt}
end
),
lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)). lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)).
%%--------------------------------------------------------------------
%% Internal functions
%%--------------------------------------------------------------------
comparing({_, _, _, _, CreatedAt1},
{_, _, _, _, CreatedAt2}) ->
CreatedAt1 >= CreatedAt2.
ret({atomic, ok}) -> ok;
ret({aborted, Error}) -> {error, Error}.
validate(action, "pub") -> true;
validate(action, "sub") -> true;
validate(action, "pubsub") -> true;
validate(access, "allow") -> true;
validate(access, "deny") -> true;
validate(_, _) -> false.
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
%% ACL Cli %% ACL Cli
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
cli(["list"]) -> cli(["list"]) ->
[ begin [print_acl(Acl) || Acl <- all_acls()];
case Filter of
{clientid, Clientid} ->
emqx_ctl:print("Acl(clientid = ~p topic = ~p action = ~p access = ~p)~n",[Clientid, Topic, Action, Access]);
{username, Username} ->
emqx_ctl:print("Acl(username = ~p topic = ~p action = ~p access = ~p)~n",[Username, Topic, Action, Access]);
all ->
emqx_ctl:print("Acl($all topic = ~p action = ~p access = ~p)~n",[Topic, Action, Access])
end
end || {Filter, Topic, Action, Access, _} <- all_acls()];
cli(["list", "clientid"]) -> cli(["list", "clientid"]) ->
[emqx_ctl:print("Acl(clientid = ~p topic = ~p action = ~p access = ~p)~n",[Clientid, Topic, Action, Access]) [print_acl(Acl) || Acl <- all_acls(clientid)];
|| {{clientid, Clientid}, Topic, Action, Access, _} <- all_acls(clientid) ];
cli(["list", "username"]) -> cli(["list", "username"]) ->
[emqx_ctl:print("Acl(username = ~p topic = ~p action = ~p access = ~p)~n",[Username, Topic, Action, Access]) [print_acl(Acl) || Acl <- all_acls(username)];
|| {{username, Username}, Topic, Action, Access, _} <- all_acls(username) ];
cli(["list", "_all"]) -> cli(["list", "_all"]) ->
[emqx_ctl:print("Acl($all topic = ~p action = ~p access = ~p)~n",[Topic, Action, Access]) [print_acl(Acl) || Acl <- all_acls(all)];
|| {all, Topic, Action, Access, _} <- all_acls(all) ];
cli(["add", "clientid", Clientid, Topic, Action, Access]) -> cli(["add", "clientid", Clientid, Topic, Action, Access]) ->
case validate(action, Action) andalso validate(access, Access) of case validate(action, Action) andalso validate(access, Access) of
true -> true ->
case add_acl({clientid, iolist_to_binary(Clientid)}, iolist_to_binary(Topic), list_to_existing_atom(Action), list_to_existing_atom(Access)) of case add_acl(
{clientid, iolist_to_binary(Clientid)},
iolist_to_binary(Topic),
list_to_existing_atom(Action),
list_to_existing_atom(Access)
) of
ok -> emqx_ctl:print("ok~n"); ok -> emqx_ctl:print("ok~n");
{error, Reason} -> emqx_ctl:print("Error: ~p~n", [Reason]) {error, Reason} -> emqx_ctl:print("Error: ~p~n", [Reason])
end; end;
@ -136,7 +124,12 @@ cli(["add", "clientid", Clientid, Topic, Action, Access]) ->
cli(["add", "username", Username, Topic, Action, Access]) -> cli(["add", "username", Username, Topic, Action, Access]) ->
case validate(action, Action) andalso validate(access, Access) of case validate(action, Action) andalso validate(access, Access) of
true -> true ->
case add_acl({username, iolist_to_binary(Username)}, iolist_to_binary(Topic), list_to_existing_atom(Action), list_to_existing_atom(Access)) of case add_acl(
{username, iolist_to_binary(Username)},
iolist_to_binary(Topic),
list_to_existing_atom(Action),
list_to_existing_atom(Access)
) of
ok -> emqx_ctl:print("ok~n"); ok -> emqx_ctl:print("ok~n");
{error, Reason} -> emqx_ctl:print("Error: ~p~n", [Reason]) {error, Reason} -> emqx_ctl:print("Error: ~p~n", [Reason])
end; end;
@ -147,7 +140,12 @@ cli(["add", "username", Username, Topic, Action, Access]) ->
cli(["add", "_all", Topic, Action, Access]) -> cli(["add", "_all", Topic, Action, Access]) ->
case validate(action, Action) andalso validate(access, Access) of case validate(action, Action) andalso validate(access, Access) of
true -> true ->
case add_acl(all, iolist_to_binary(Topic), list_to_existing_atom(Action), list_to_existing_atom(Access)) of case add_acl(
all,
iolist_to_binary(Topic),
list_to_existing_atom(Action),
list_to_existing_atom(Access)
) of
ok -> emqx_ctl:print("ok~n"); ok -> emqx_ctl:print("ok~n");
{error, Reason} -> emqx_ctl:print("Error: ~p~n", [Reason]) {error, Reason} -> emqx_ctl:print("Error: ~p~n", [Reason])
end; end;
@ -156,12 +154,10 @@ cli(["add", "_all", Topic, Action, Access]) ->
end; end;
cli(["show", "clientid", Clientid]) -> cli(["show", "clientid", Clientid]) ->
[emqx_ctl:print("Acl(clientid = ~p topic = ~p action = ~p access = ~p)~n",[NClientid, Topic, Action, Access]) [print_acl(Acl) || Acl <- lookup_acl({clientid, iolist_to_binary(Clientid)})];
|| {{clientid, NClientid}, Topic, Action, Access, _} <- lookup_acl({clientid, iolist_to_binary(Clientid)}) ];
cli(["show", "username", Username]) -> cli(["show", "username", Username]) ->
[emqx_ctl:print("Acl(username = ~p topic = ~p action = ~p access = ~p)~n",[NUsername, Topic, Action, Access]) [print_acl(Acl) || Acl <- lookup_acl({username, iolist_to_binary(Username)})];
|| {{username, NUsername}, Topic, Action, Access, _} <- lookup_acl({username, iolist_to_binary(Username)}) ];
cli(["del", "clientid", Clientid, Topic])-> cli(["del", "clientid", Clientid, Topic])->
case remove_acl({clientid, iolist_to_binary(Clientid)}, iolist_to_binary(Topic)) of case remove_acl({clientid, iolist_to_binary(Clientid)}, iolist_to_binary(Topic)) of
@ -182,9 +178,9 @@ cli(["del", "_all", Topic])->
end; end;
cli(_) -> cli(_) ->
emqx_ctl:usage([ {"acl list clientid","List clientid acls"} emqx_ctl:usage([ {"acl list clientid", "List clientid acls"}
, {"acl list username","List username acls"} , {"acl list username", "List username acls"}
, {"acl list _all","List $all acls"} , {"acl list _all", "List $all acls"}
, {"acl show clientid <Clientid>", "Lookup clientid acl detail"} , {"acl show clientid <Clientid>", "Lookup clientid acl detail"}
, {"acl show username <Username>", "Lookup username acl detail"} , {"acl show username <Username>", "Lookup username acl detail"}
, {"acl aad clientid <Clientid> <Topic> <Action> <Access>", "Add clientid acl"} , {"acl aad clientid <Clientid> <Topic> <Action> <Access>", "Add clientid acl"}
@ -192,7 +188,39 @@ cli(_) ->
, {"acl add _all <Topic> <Action> <Access>", "Add $all acl"} , {"acl add _all <Topic> <Action> <Access>", "Add $all acl"}
, {"acl del clientid <Clientid> <Topic>", "Delete clientid acl"} , {"acl del clientid <Clientid> <Topic>", "Delete clientid acl"}
, {"acl del username <Username> <Topic>", "Delete username acl"} , {"acl del username <Username> <Topic>", "Delete username acl"}
, {"acl del _all, <Topic>", "Delete $all acl"} , {"acl del _all <Topic>", "Delete $all acl"}
]). ]).
%%--------------------------------------------------------------------
%% Internal functions
%%--------------------------------------------------------------------
comparing({_, _, _, _, CreatedAt1},
{_, _, _, _, CreatedAt2}) ->
CreatedAt1 >= CreatedAt2.
ret({atomic, ok}) -> ok;
ret({aborted, Error}) -> {error, Error}.
validate(action, "pub") -> true;
validate(action, "sub") -> true;
validate(action, "pubsub") -> true;
validate(access, "allow") -> true;
validate(access, "deny") -> true;
validate(_, _) -> false.
print_acl({{clientid, Clientid}, Topic, Action, Access, _}) ->
emqx_ctl:print(
"Acl(clientid = ~p topic = ~p action = ~p access = ~p)~n",
[Clientid, Topic, Action, Access]
);
print_acl({{username, Username}, Topic, Action, Access, _}) ->
emqx_ctl:print(
"Acl(username = ~p topic = ~p action = ~p access = ~p)~n",
[Username, Topic, Action, Access]
);
print_acl({all, Topic, Action, Access, _}) ->
emqx_ctl:print(
"Acl($all topic = ~p action = ~p access = ~p)~n",
[Topic, Action, Access]
).

2
apps/emqx_auth_mnesia/src/emqx_auth_mnesia_app.erl
View File

@ -35,7 +35,6 @@
start(_StartType, _StartArgs) -> start(_StartType, _StartArgs) ->
{ok, Sup} = emqx_auth_mnesia_sup:start_link(), {ok, Sup} = emqx_auth_mnesia_sup:start_link(),
emqx_ctl:register_command(clientid, {emqx_auth_mnesia_cli, auth_clientid_cli}, []), emqx_ctl:register_command(clientid, {emqx_auth_mnesia_cli, auth_clientid_cli}, []),
emqx_ctl:register_command(username, {emqx_auth_mnesia_cli, auth_username_cli}, []),
emqx_ctl:register_command(user, {emqx_auth_mnesia_cli, auth_username_cli}, []), emqx_ctl:register_command(user, {emqx_auth_mnesia_cli, auth_username_cli}, []),
emqx_ctl:register_command(acl, {emqx_acl_mnesia_cli, cli}, []), emqx_ctl:register_command(acl, {emqx_acl_mnesia_cli, cli}, []),
_ = load_auth_hook(), _ = load_auth_hook(),
@ -46,7 +45,6 @@ prep_stop(State) ->
emqx:unhook('client.authenticate', fun emqx_auth_mnesia:check/3), emqx:unhook('client.authenticate', fun emqx_auth_mnesia:check/3),
emqx:unhook('client.check_acl', fun emqx_acl_mnesia:check_acl/5), emqx:unhook('client.check_acl', fun emqx_acl_mnesia:check_acl/5),
emqx_ctl:unregister_command(clientid), emqx_ctl:unregister_command(clientid),
emqx_ctl:unregister_command(username),
emqx_ctl:unregister_command(user), emqx_ctl:unregister_command(user),
emqx_ctl:unregister_command(acl), emqx_ctl:unregister_command(acl),
State. State.

32
apps/emqx_auth_mnesia/src/emqx_auth_mnesia_cli.erl
View File

@ -43,7 +43,11 @@
%% @doc Add User %% @doc Add User
-spec(add_user(tuple(), binary()) -> ok | {error, any()}). -spec(add_user(tuple(), binary()) -> ok | {error, any()}).
add_user(Login, Password) -> add_user(Login, Password) ->
User = #emqx_user{login = Login, password = encrypted_data(Password), created_at = erlang:system_time(millisecond)}, User = #emqx_user{
login = Login,
password = encrypted_data(Password),
created_at = erlang:system_time(millisecond)
},
ret(mnesia:transaction(fun insert_user/1, [User])). ret(mnesia:transaction(fun insert_user/1, [User])).
insert_user(User = #emqx_user{login = Login}) -> insert_user(User = #emqx_user{login = Login}) ->
@ -81,10 +85,16 @@ remove_user(Login) ->
all_users() -> mnesia:dirty_all_keys(?TABLE). all_users() -> mnesia:dirty_all_keys(?TABLE).
all_users(clientid) -> all_users(clientid) ->
MatchSpec = ets:fun2ms(fun({?TABLE, {clientid, Clientid}, Password, CreatedAt}) -> {?TABLE, {clientid, Clientid}, Password, CreatedAt} end), MatchSpec = ets:fun2ms(
fun({?TABLE, {clientid, Clientid}, Password, CreatedAt}) ->
{?TABLE, {clientid, Clientid}, Password, CreatedAt}
end),
lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)); lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec));
all_users(username) -> all_users(username) ->
MatchSpec = ets:fun2ms(fun({?TABLE, {username, Username}, Password, CreatedAt}) -> {?TABLE, {username, Username}, Password, CreatedAt} end), MatchSpec = ets:fun2ms(
fun({?TABLE, {username, Username}, Password, CreatedAt}) ->
{?TABLE, {username, Username}, Password, CreatedAt}
end),
lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)). lists:sort(fun comparing/2, ets:select(?TABLE, MatchSpec)).
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
@ -117,7 +127,9 @@ salt() ->
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
auth_clientid_cli(["list"]) -> auth_clientid_cli(["list"]) ->
[emqx_ctl:print("~s~n", [ClientId]) || {?TABLE, {clientid, ClientId}, _Password, _CreatedAt} <- all_users(clientid)]; [emqx_ctl:print("~s~n", [ClientId])
|| {?TABLE, {clientid, ClientId}, _Password, _CreatedAt} <- all_users(clientid)
];
auth_clientid_cli(["add", ClientId, Password]) -> auth_clientid_cli(["add", ClientId, Password]) ->
case add_user({clientid, iolist_to_binary(ClientId)}, iolist_to_binary(Password)) of case add_user({clientid, iolist_to_binary(ClientId)}, iolist_to_binary(Password)) of
@ -148,7 +160,9 @@ auth_clientid_cli(_) ->
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
auth_username_cli(["list"]) -> auth_username_cli(["list"]) ->
[emqx_ctl:print("~s~n", [Username]) || {?TABLE, {username, Username}, _Password, _CreatedAt}<- all_users(username)]; [emqx_ctl:print("~s~n", [Username])
|| {?TABLE, {username, Username}, _Password, _CreatedAt} <- all_users(username)
];
auth_username_cli(["add", Username, Password]) -> auth_username_cli(["add", Username, Password]) ->
case add_user({username, iolist_to_binary(Username)}, iolist_to_binary(Password)) of case add_user({username, iolist_to_binary(Username)}, iolist_to_binary(Password)) of
@ -168,7 +182,7 @@ auth_username_cli(["del", Username]) ->
end; end;
auth_username_cli(_) -> auth_username_cli(_) ->
emqx_ctl:usage([{"users list", "List username auth rules"}, emqx_ctl:usage([{"user list", "List username auth rules"},
{"users add <Username> <Password>", "Add username auth rule"}, {"user add <Username> <Password>", "Add username auth rule"},
{"users update <Username> <NewPassword>", "Update username auth rule"}, {"user update <Username> <NewPassword>", "Update username auth rule"},
{"users del <Username>", "Delete username auth rule"}]). {"user del <Username>", "Delete username auth rule"}]).