fix(authz_mnesia): improve field names and changes
This commit is contained in:
firest
parent
3ae26c8a54
commit
1716852057
|
|
@ -478,11 +478,14 @@ users(post, #{body := Body}) when is_list(Body) ->
|
|||
Body
|
||||
),
|
||||
{204};
|
||||
{error, rules_too_long} ->
|
||||
{error, {Username, too_many_rules}} ->
|
||||
{400, #{
|
||||
code => <<"BAD_REQUEST">>,
|
||||
message =>
|
||||
<<"The length of rules exceeds the maximum limit.">>
|
||||
binfmt(
|
||||
<<"The rules length of User '~ts' exceeds the maximum limit.">>,
|
||||
[Username]
|
||||
)
|
||||
}};
|
||||
{error, {already_exists, Exists}} ->
|
||||
{409, #{
|
||||
|
|
@ -522,11 +525,14 @@ clients(post, #{body := Body}) when is_list(Body) ->
|
|||
Body
|
||||
),
|
||||
{204};
|
||||
{error, rules_too_long} ->
|
||||
{error, {ClientId, too_many_rules}} ->
|
||||
{400, #{
|
||||
code => <<"BAD_REQUEST">>,
|
||||
message =>
|
||||
<<"The length of rules exceeds the maximum limit.">>
|
||||
binfmt(
|
||||
<<"The rules length of Client '~ts' exceeds the maximum limit.">>,
|
||||
[ClientId]
|
||||
)
|
||||
}};
|
||||
{error, {already_exists, Exists}} ->
|
||||
{409, #{
|
||||
|
|
@ -724,7 +730,7 @@ rules_example({ExampleName, ExampleType}) ->
|
|||
ensure_rules_len(Rules) ->
|
||||
emqx_authz_api_sources:with_source(
|
||||
?AUTHZ_TYPE_BIN,
|
||||
fun(#{<<"max_rules_len">> := MaxLen}) ->
|
||||
fun(#{<<"max_rules">> := MaxLen}) ->
|
||||
ensure_rules_len(Rules, MaxLen)
|
||||
end
|
||||
).
|
||||
|
|
@ -734,13 +740,13 @@ ensure_rules_len(Rules, MaxLen) ->
|
|||
true ->
|
||||
ok;
|
||||
_ ->
|
||||
{error, rules_too_long}
|
||||
{error, too_many_rules}
|
||||
end.
|
||||
|
||||
ensure_rules_is_valid(Key, Type, Cfgs) ->
|
||||
MaxLen = emqx_authz_api_sources:with_source(
|
||||
?AUTHZ_TYPE_BIN,
|
||||
fun(#{<<"max_rules_len">> := MaxLen}) ->
|
||||
fun(#{<<"max_rules">> := MaxLen}) ->
|
||||
MaxLen
|
||||
end
|
||||
),
|
||||
|
|
@ -753,8 +759,8 @@ ensure_rules_is_valid(Key, Type, MaxLen, [Cfg | Cfgs]) ->
|
|||
case ensure_rules_len(Rules, MaxLen) of
|
||||
ok ->
|
||||
ensure_rules_is_valid(Key, Type, MaxLen, Cfgs);
|
||||
Error ->
|
||||
Error
|
||||
{error, Reason} ->
|
||||
{error, {Id, Reason}}
|
||||
end;
|
||||
_ ->
|
||||
{error, {already_exists, Id}}
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
namespace/0
|
||||
]).
|
||||
|
||||
-define(MAX_RULES_LEN, 100).
|
||||
-define(MAX_RULES, 100).
|
||||
|
||||
namespace() -> "authz".
|
||||
|
||||
|
|
@ -39,12 +39,12 @@ type() -> ?AUTHZ_TYPE.
|
|||
fields(builtin_db) ->
|
||||
emqx_authz_schema:authz_common_fields(?AUTHZ_TYPE) ++
|
||||
[
|
||||
{max_rules_len,
|
||||
{max_rules,
|
||||
?HOCON(
|
||||
pos_integer(),
|
||||
#{
|
||||
default => ?MAX_RULES_LEN,
|
||||
desc => ?DESC(max_rules_len)
|
||||
default => ?MAX_RULES,
|
||||
desc => ?DESC(max_rules)
|
||||
}
|
||||
)}
|
||||
].
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ init_per_suite(Config) ->
|
|||
{emqx_conf,
|
||||
"authorization.cache { enable = false },"
|
||||
"authorization.no_match = deny,"
|
||||
"authorization.sources = [{type = built_in_database, max_rules_len = 5}]"},
|
||||
"authorization.sources = [{type = built_in_database, max_rules = 5}]"},
|
||||
emqx,
|
||||
emqx_auth,
|
||||
emqx_auth_mnesia,
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
In the built-in database of authorization, added a limit for the length of rules per client/user, and the default values is 100.
|
||||
In the built-in database of authorization, added a limit for the number of rules per client/user, and the default values is 100.
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ builtin_db.desc:
|
|||
builtin_db.label:
|
||||
"""Builtin Database"""
|
||||
|
||||
max_rules_len.desc:
|
||||
"""Maximum rule length per client/user. Note that performance may decrease as rule length increases."""
|
||||
max_rules.desc:
|
||||
"""Maximum number of rules per client/user. Note that performance may decrease as number of rules increases."""
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue