From 171685205775dc8216fc2cd4fe3ee3c9d838134d Mon Sep 17 00:00:00 2001
From: firest <enlanubo@gmail.com>
Date: Wed, 12 Jun 2024 10:13:43 +0800
Subject: [PATCH] fix(authz_mnesia): improve field names and changes

---
 .../src/emqx_authz_api_mnesia.erl             | 24 ++++++++++++-------
 .../src/emqx_authz_mnesia_schema.erl          |  8 +++----
 .../test/emqx_authz_api_mnesia_SUITE.erl      |  2 +-
 changes/ce/fix-13196.en.md                    |  2 +-
 rel/i18n/emqx_authz_mnesia_schema.hocon       |  4 ++--
 5 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/apps/emqx_auth_mnesia/src/emqx_authz_api_mnesia.erl b/apps/emqx_auth_mnesia/src/emqx_authz_api_mnesia.erl
index 0cefe929d..7e95a6500 100644
--- a/apps/emqx_auth_mnesia/src/emqx_authz_api_mnesia.erl
+++ b/apps/emqx_auth_mnesia/src/emqx_authz_api_mnesia.erl
@@ -478,11 +478,14 @@ users(post, #{body := Body}) when is_list(Body) ->
                 Body
             ),
             {204};
-        {error, rules_too_long} ->
+        {error, {Username, too_many_rules}} ->
             {400, #{
                 code => <<"BAD_REQUEST">>,
                 message =>
-                    <<"The length of rules exceeds the maximum limit.">>
+                    binfmt(
+                        <<"The rules length of User '~ts' exceeds the maximum limit.">>,
+                        [Username]
+                    )
             }};
         {error, {already_exists, Exists}} ->
             {409, #{
@@ -522,11 +525,14 @@ clients(post, #{body := Body}) when is_list(Body) ->
                 Body
             ),
             {204};
-        {error, rules_too_long} ->
+        {error, {ClientId, too_many_rules}} ->
             {400, #{
                 code => <<"BAD_REQUEST">>,
                 message =>
-                    <<"The length of rules exceeds the maximum limit.">>
+                    binfmt(
+                        <<"The rules length of Client '~ts' exceeds the maximum limit.">>,
+                        [ClientId]
+                    )
             }};
         {error, {already_exists, Exists}} ->
             {409, #{
@@ -724,7 +730,7 @@ rules_example({ExampleName, ExampleType}) ->
 ensure_rules_len(Rules) ->
     emqx_authz_api_sources:with_source(
         ?AUTHZ_TYPE_BIN,
-        fun(#{<<"max_rules_len">> := MaxLen}) ->
+        fun(#{<<"max_rules">> := MaxLen}) ->
             ensure_rules_len(Rules, MaxLen)
         end
     ).
@@ -734,13 +740,13 @@ ensure_rules_len(Rules, MaxLen) ->
         true ->
             ok;
         _ ->
-            {error, rules_too_long}
+            {error, too_many_rules}
     end.
 
 ensure_rules_is_valid(Key, Type, Cfgs) ->
     MaxLen = emqx_authz_api_sources:with_source(
         ?AUTHZ_TYPE_BIN,
-        fun(#{<<"max_rules_len">> := MaxLen}) ->
+        fun(#{<<"max_rules">> := MaxLen}) ->
             MaxLen
         end
     ),
@@ -753,8 +759,8 @@ ensure_rules_is_valid(Key, Type, MaxLen, [Cfg | Cfgs]) ->
             case ensure_rules_len(Rules, MaxLen) of
                 ok ->
                     ensure_rules_is_valid(Key, Type, MaxLen, Cfgs);
-                Error ->
-                    Error
+                {error, Reason} ->
+                    {error, {Id, Reason}}
             end;
         _ ->
             {error, {already_exists, Id}}
diff --git a/apps/emqx_auth_mnesia/src/emqx_authz_mnesia_schema.erl b/apps/emqx_auth_mnesia/src/emqx_authz_mnesia_schema.erl
index 72b71b39a..1076be2f3 100644
--- a/apps/emqx_auth_mnesia/src/emqx_authz_mnesia_schema.erl
+++ b/apps/emqx_auth_mnesia/src/emqx_authz_mnesia_schema.erl
@@ -30,7 +30,7 @@
     namespace/0
 ]).
 
--define(MAX_RULES_LEN, 100).
+-define(MAX_RULES, 100).
 
 namespace() -> "authz".
 
@@ -39,12 +39,12 @@ type() -> ?AUTHZ_TYPE.
 fields(builtin_db) ->
     emqx_authz_schema:authz_common_fields(?AUTHZ_TYPE) ++
         [
-            {max_rules_len,
+            {max_rules,
                 ?HOCON(
                     pos_integer(),
                     #{
-                        default => ?MAX_RULES_LEN,
-                        desc => ?DESC(max_rules_len)
+                        default => ?MAX_RULES,
+                        desc => ?DESC(max_rules)
                     }
                 )}
         ].
diff --git a/apps/emqx_auth_mnesia/test/emqx_authz_api_mnesia_SUITE.erl b/apps/emqx_auth_mnesia/test/emqx_authz_api_mnesia_SUITE.erl
index 6eb467d67..4ba4c7075 100644
--- a/apps/emqx_auth_mnesia/test/emqx_authz_api_mnesia_SUITE.erl
+++ b/apps/emqx_auth_mnesia/test/emqx_authz_api_mnesia_SUITE.erl
@@ -36,7 +36,7 @@ init_per_suite(Config) ->
             {emqx_conf,
                 "authorization.cache { enable = false },"
                 "authorization.no_match = deny,"
-                "authorization.sources = [{type = built_in_database, max_rules_len = 5}]"},
+                "authorization.sources = [{type = built_in_database, max_rules = 5}]"},
             emqx,
             emqx_auth,
             emqx_auth_mnesia,
diff --git a/changes/ce/fix-13196.en.md b/changes/ce/fix-13196.en.md
index b0fed0eae..26950ffc0 100644
--- a/changes/ce/fix-13196.en.md
+++ b/changes/ce/fix-13196.en.md
@@ -1 +1 @@
-In the built-in database of authorization, added a limit for the length of rules per client/user, and the default values is 100.
+In the built-in database of authorization, added a limit for the number of rules per client/user, and the default values is 100.
diff --git a/rel/i18n/emqx_authz_mnesia_schema.hocon b/rel/i18n/emqx_authz_mnesia_schema.hocon
index 2c36dac20..efc80dd34 100644
--- a/rel/i18n/emqx_authz_mnesia_schema.hocon
+++ b/rel/i18n/emqx_authz_mnesia_schema.hocon
@@ -6,7 +6,7 @@ builtin_db.desc:
 builtin_db.label:
 """Builtin Database"""
 
-max_rules_len.desc:
-"""Maximum rule length per client/user. Note that performance may decrease as rule length increases."""
+max_rules.desc:
+"""Maximum number of rules per client/user. Note that performance may decrease as number of rules increases."""
 
 }