diff --git a/apps/emqx/src/emqx_topic.erl b/apps/emqx/src/emqx_topic.erl index 5e0f2d43b..a58c179b7 100644 --- a/apps/emqx/src/emqx_topic.erl +++ b/apps/emqx/src/emqx_topic.erl @@ -54,11 +54,11 @@ wildcard(Topic) when is_binary(Topic) -> wildcard(words(Topic)); wildcard([]) -> false; -wildcard(['#'|_]) -> +wildcard(['#' | _]) -> true; -wildcard(['+'|_]) -> +wildcard(['+' | _]) -> true; -wildcard([_H|T]) -> +wildcard([_H | T]) -> wildcard(T). %% @doc Match Topic name with filter. @@ -73,17 +73,17 @@ match(Name, Filter) when is_binary(Name), is_binary(Filter) -> match(words(Name), words(Filter)); match([], []) -> true; -match([H|T1], [H|T2]) -> +match([H | T1], [H | T2]) -> match(T1, T2); -match([_H|T1], ['+'|T2]) -> +match([_H | T1], ['+' | T2]) -> match(T1, T2); match(_, ['#']) -> true; -match([_H1|_], [_H2|_]) -> +match([_H1 | _], [_H2 | _]) -> false; -match([_H1|_], []) -> +match([_H1 | _], []) -> false; -match([], [_H|_T2]) -> +match([], [_H | _T2]) -> false. %% @doc Validate topic name or filter @@ -110,13 +110,13 @@ validate2([]) -> true; validate2(['#']) -> % end with '#' true; -validate2(['#'|Words]) when length(Words) > 0 -> +validate2(['#' | Words]) when length(Words) > 0 -> error('topic_invalid_#'); -validate2([''|Words]) -> +validate2(['' | Words]) -> validate2(Words); -validate2(['+'|Words]) -> +validate2(['+' | Words]) -> validate2(Words); -validate2([W|Words]) -> +validate2([W | Words]) -> validate3(W) andalso validate2(Words). validate3(<<>>) -> @@ -164,7 +164,7 @@ word(<<"#">>) -> '#'; word(Bin) -> Bin. %% @doc '$SYS' Topic. --spec(systop(atom()|string()|binary()) -> topic()). +-spec(systop(atom() | string() | binary()) -> topic()). systop(Name) when is_atom(Name); is_list(Name) -> iolist_to_binary(lists:concat(["$SYS/brokers/", node(), "/", Name])); systop(Name) when is_binary(Name) -> @@ -175,10 +175,10 @@ feed_var(Var, Val, Topic) -> feed_var(Var, Val, words(Topic), []). feed_var(_Var, _Val, [], Acc) -> join(lists:reverse(Acc)); -feed_var(Var, Val, [Var|Words], Acc) -> - feed_var(Var, Val, Words, [Val|Acc]); -feed_var(Var, Val, [W|Words], Acc) -> - feed_var(Var, Val, Words, [W|Acc]). +feed_var(Var, Val, [Var | Words], Acc) -> + feed_var(Var, Val, Words, [Val | Acc]); +feed_var(Var, Val, [W | Words], Acc) -> + feed_var(Var, Val, Words, [W | Acc]). -spec(join(list(binary())) -> binary()). join([]) -> diff --git a/apps/emqx/test/emqx_topic_SUITE.erl b/apps/emqx/test/emqx_topic_SUITE.erl index e0d80c4a5..49108f83e 100644 --- a/apps/emqx/test/emqx_topic_SUITE.erl +++ b/apps/emqx/test/emqx_topic_SUITE.erl @@ -184,9 +184,11 @@ t_feed_var(_) -> ?assertEqual(<<"$queue/client/clientId">>, feed_var(<<"$c">>, <<"clientId">>, <<"$queue/client/$c">>)), ?assertEqual(<<"username/test/client/x">>, - feed_var(?PH_USERNAME, <<"test">>, <<"username/", ?PH_USERNAME/binary, "/client/x">>)), + feed_var( ?PH_USERNAME, <<"test">> + , <<"username/", ?PH_USERNAME/binary, "/client/x">>)), ?assertEqual(<<"username/test/client/clientId">>, - feed_var(?PH_CLIENTID, <<"clientId">>, <<"username/test/client/", ?PH_CLIENTID/binary>>)). + feed_var( ?PH_CLIENTID, <<"clientId">> + , <<"username/test/client/", ?PH_CLIENTID/binary>>)). long_topic() -> iolist_to_binary([[integer_to_list(I), "/"] || I <- lists:seq(0, 66666)]). diff --git a/apps/emqx_authz/src/emqx_authz.erl b/apps/emqx_authz/src/emqx_authz.erl index a5efbe8f7..2bcb7971d 100644 --- a/apps/emqx_authz/src/emqx_authz.erl +++ b/apps/emqx_authz/src/emqx_authz.erl @@ -66,11 +66,14 @@ move(Type, Cmd) -> move(Type, Cmd, #{}). move(Type, #{<<"before">> := Before}, Opts) -> - emqx:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_BEFORE(type(Before))}, Opts); + emqx:update_config( ?CONF_KEY_PATH + , {?CMD_MOVE, type(Type), ?CMD_MOVE_BEFORE(type(Before))}, Opts); move(Type, #{<<"after">> := After}, Opts) -> - emqx:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_AFTER(type(After))}, Opts); + emqx:update_config( ?CONF_KEY_PATH + , {?CMD_MOVE, type(Type), ?CMD_MOVE_AFTER(type(After))}, Opts); move(Type, Position, Opts) -> - emqx:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), Position}, Opts). + emqx:update_config( ?CONF_KEY_PATH + , {?CMD_MOVE, type(Type), Position}, Opts). update(Cmd, Sources) -> update(Cmd, Sources, #{}). @@ -157,7 +160,8 @@ do_post_update({{?CMD_REPLACE, Type}, Source}, _NewSources) when is_map(Source) {OldSource, Front, Rear} = take(Type, OldInitedSources), ok = ensure_resource_deleted(OldSource), InitedSources = init_sources(check_sources([Source])), - ok = emqx_hooks:put('client.authorize', {?MODULE, authorize, [Front ++ InitedSources ++ Rear]}, -1), + ok = emqx_hooks:put( 'client.authorize' + , {?MODULE, authorize, [Front ++ InitedSources ++ Rear]}, -1), ok = emqx_authz_cache:drain_cache(); do_post_update({{?CMD_DELETE, Type}, _Source}, _NewSources) -> OldInitedSources = lookup(), @@ -269,7 +273,7 @@ init_source(#{type := DB, {error, Reason} -> error({load_config_error, Reason}); Id -> Source#{annotations => #{id => Id, - query => Mod:parse_query(SQL) + query => erlang:apply(Mod, parse_query, [SQL]) } } end. @@ -279,22 +283,36 @@ init_source(#{type := DB, %%-------------------------------------------------------------------- %% @doc Check AuthZ --spec(authorize(emqx_types:clientinfo(), emqx_types:all(), emqx_types:topic(), allow | deny, sources()) +-spec(authorize( emqx_types:clientinfo() + , emqx_types:all() + , emqx_types:topic() + , allow | deny + , sources()) -> {stop, allow} | {ok, deny}). authorize(#{username := Username, peerhost := IpAddress } = Client, PubSub, Topic, DefaultResult, Sources) -> case do_authorize(Client, PubSub, Topic, Sources) of {matched, allow} -> - ?SLOG(info, #{msg => "authorization_permission_allowed", username => Username, ipaddr => IpAddress, topic => Topic}), + ?SLOG(info, #{msg => "authorization_permission_allowed", + username => Username, + ipaddr => IpAddress, + topic => Topic}), emqx_metrics:inc(?AUTHZ_METRICS(allow)), {stop, allow}; {matched, deny} -> - ?SLOG(info, #{msg => "authorization_permission_denied", username => Username, ipaddr => IpAddress, topic => Topic}), + ?SLOG(info, #{msg => "authorization_permission_denied", + username => Username, + ipaddr => IpAddress, + topic => Topic}), emqx_metrics:inc(?AUTHZ_METRICS(deny)), {stop, deny}; nomatch -> - ?SLOG(info, #{msg => "authorization_failed_nomatch", username => Username, ipaddr => IpAddress, topic => Topic, reason => "no-match rule"}), + ?SLOG(info, #{msg => "authorization_failed_nomatch", + username => Username, + ipaddr => IpAddress, + topic => Topic, + reason => "no-match rule"}), {stop, DefaultResult} end. @@ -311,7 +329,7 @@ do_authorize(Client, PubSub, Topic, [#{type := file} = F | Tail]) -> do_authorize(Client, PubSub, Topic, [Connector = #{type := Type} | Tail] ) -> Mod = authz_module(Type), - case Mod:authorize(Client, PubSub, Topic, Connector) of + case erlang:apply(Mod, authorize, [Client, PubSub, Topic, Connector]) of nomatch -> do_authorize(Client, PubSub, Topic, Tail); Matched -> Matched end. @@ -383,7 +401,8 @@ type(postgresql) -> postgresql; type(<<"postgresql">>) -> postgresql; type('built-in-database') -> 'built-in-database'; type(<<"built-in-database">>) -> 'built-in-database'; -type(Unknown) -> error({unknown_authz_source_type, Unknown}). % should never happend if the input is type-checked by hocon schema +%% should never happend if the input is type-checked by hocon schema +type(Unknown) -> error({unknown_authz_source_type, Unknown}). %% @doc where the acl.conf file is stored. acl_conf_file() ->