fix(authz): fix configuration could be updated with incorrect values

when updating the configuration, first check with emqx_resouce:create_dry_run/2 Signed-off-by: zhanghongtong <rory-z@outlook.com>
2021-10-20 17:53:06 +08:00 · 2021-10-20 17:53:06 +08:00 · 198ae4c782
parent 0d53ea9db7
commit 198ae4c782
2 changed files with 18 additions and 6 deletions
--- a/apps/emqx_authz/src/emqx_authz.erl
+++ b/apps/emqx_authz/src/emqx_authz.erl
@ -101,6 +101,21 @@ do_update({?CMD_APPEND, Sources}, Conf) when is_list(Sources), is_list(Conf) ->
    NConf = Conf ++ Sources,
    ok = check_dup_types(NConf),
    NConf;
+do_update({{?CMD_REPLACE, Type}, #{<<"enable">> := true} = Source},
+          Conf) when is_map(Source), is_list(Conf),
+                     Type =:= mongodb;
+                     Type =:= mysql;
+                     Type =:= postgresql;
+                     Type =:= redis ->
+    {_Old, Front, Rear} = take(Type, Conf),
+    [NSource] = check_sources([Source]),
+    case emqx_resource:create_dry_run(connector_module(Type), NSource) of
+        ok ->
+            NConf = Front ++ [Source | Rear],
+            ok = check_dup_types(NConf),
+            NConf;
+        Error -> Error
+    end;
 do_update({{?CMD_REPLACE, Type}, Source}, Conf) when is_map(Source), is_list(Conf) ->
    {_Old, Front, Rear} = take(Type, Conf),
    NConf = Front ++ [Source | Rear],
@ -318,12 +333,6 @@ find_action_in_hooks() ->
 gen_id(Type) ->
    iolist_to_binary([io_lib:format("~ts_~ts",[?APP, Type])]).

-create_resource(#{type := DB,
-                  annotations := #{id := ResourceID}} = Source) ->
-    case emqx_resource:recreate(ResourceID, connector_module(DB), Source, []) of
-        {ok, _} -> ResourceID;
-        {error, Reason} -> {error, Reason}
-    end;
 create_resource(#{type := DB} = Source) ->
    ResourceID = gen_id(DB),
    case emqx_resource:create(ResourceID, connector_module(DB), Source) of
--- a/apps/emqx_authz/test/emqx_authz_api_sources_SUITE.erl
+++ b/apps/emqx_authz/test/emqx_authz_api_sources_SUITE.erl
@ -206,6 +206,9 @@ t_api(_) ->
    ?assert(filelib:is_file(filename:join([emqx:get_config([node, data_dir]), "certs", "cert-fake.pem"]))),
    ?assert(filelib:is_file(filename:join([emqx:get_config([node, data_dir]), "certs", "key-fake.pem"]))),

+    {ok, 400, _} = request(put, uri(["authorization", "sources", "mysql"]),  ?SOURCE3#{<<"server">> := <<"192.169.1.100:3306">>}),
+    {ok, 400, _} = request(put, uri(["authorization", "sources", "postgresql"]),  ?SOURCE4#{<<"server">> := <<"fake">>}),
+
    lists:foreach(fun(#{<<"type">> := Type}) ->
                    {ok, 204, _} = request(delete, uri(["authorization", "sources", binary_to_list(Type)]), [])
                  end, Sources),