From 112433da8746c626820b18487eae0c55c9362ac2 Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 3 Jul 2024 12:40:45 +0800 Subject: [PATCH] fix: don't destory when authz'source unchanged --- apps/emqx_auth/src/emqx_authz/emqx_authz.erl | 38 +++++++++++++------ .../test/emqx_authz_mnesia_SUITE.erl | 24 ++++++++++++ 2 files changed, 50 insertions(+), 12 deletions(-) diff --git a/apps/emqx_auth/src/emqx_authz/emqx_authz.erl b/apps/emqx_auth/src/emqx_authz/emqx_authz.erl index e7594ed6b..43bf65a2a 100644 --- a/apps/emqx_auth/src/emqx_authz/emqx_authz.erl +++ b/apps/emqx_auth/src/emqx_authz/emqx_authz.erl @@ -317,18 +317,32 @@ do_post_config_update(?ROOT_KEY, _Conf, NewConf) -> overwrite_entire_sources(Sources) -> PrevSources = lookup(), - NewSourcesTypes = lists:map(fun type/1, Sources), - EnsureDelete = fun(S) -> - TypeName = type(S), - Opts = - case lists:member(TypeName, NewSourcesTypes) of - true -> #{clear_metric => false}; - false -> #{clear_metric => true} - end, - ensure_deleted(S, Opts) - end, - lists:foreach(EnsureDelete, PrevSources), - create_sources(Sources). + #{ + removed := Removed, + added := Added, + identical := Identical, + changed := Changed + } = emqx_utils:diff_lists(Sources, PrevSources, fun type/1), + lists:foreach( + fun(S) -> ensure_deleted(S, #{clear_metric => true}) end, + Removed + ), + AddedSources = create_sources(Added), + ChangedSources = lists:map( + fun({Old, New}) -> + update_source(type(New), Old, New) + end, + Changed + ), + New = Identical ++ AddedSources ++ ChangedSources, + lists:map( + fun(Type) -> + SearchFun = fun(S) -> type(S) =:= type(Type) end, + {value, Val} = lists:search(SearchFun, New), + Val + end, + Sources + ). %% @doc do source move do_move({?CMD_MOVE, Type, ?CMD_MOVE_FRONT}, Sources) -> diff --git a/apps/emqx_auth_mnesia/test/emqx_authz_mnesia_SUITE.erl b/apps/emqx_auth_mnesia/test/emqx_authz_mnesia_SUITE.erl index 31b81ac36..577976e85 100644 --- a/apps/emqx_auth_mnesia/test/emqx_authz_mnesia_SUITE.erl +++ b/apps/emqx_auth_mnesia/test/emqx_authz_mnesia_SUITE.erl @@ -256,6 +256,30 @@ t_destroy(_Config) -> emqx_access_control:authorize(ClientInfo, ?AUTHZ_PUBLISH, <<"t">>) ). +t_conf_cli_load(_Config) -> + ClientInfo = emqx_authz_test_lib:base_client_info(), + + ok = emqx_authz_mnesia:store_rules( + {username, <<"username">>}, + [#{<<"permission">> => <<"allow">>, <<"action">> => <<"publish">>, <<"topic">> => <<"t">>}] + ), + + ?assertEqual( + allow, + emqx_access_control:authorize(ClientInfo, ?AUTHZ_PUBLISH, <<"t">>) + ), + PrevRules = ets:tab2list(emqx_acl), + Hocon = emqx_conf_cli:get_config("authorization"), + Bin = iolist_to_binary(hocon_pp:do(Hocon, #{})), + ok = emqx_conf_cli:load_config(Bin, #{mode => merge}), + %% ensure emqx_acl table not clear + ?assertEqual(PrevRules, ets:tab2list(emqx_acl)), + %% still working + ?assertEqual( + allow, + emqx_access_control:authorize(ClientInfo, ?AUTHZ_PUBLISH, <<"t">>) + ). + %%------------------------------------------------------------------------------ %% Helpers %%------------------------------------------------------------------------------