From 1e2eac0fce9ba80c6d2e13196daad689af9ad296 Mon Sep 17 00:00:00 2001 From: JianBo He Date: Mon, 22 Nov 2021 17:09:08 +0800 Subject: [PATCH] test(gw): add tests for authm data-mgmt --- apps/emqx_authn/src/emqx_authn_api.erl | 7 +- .../src/emqx_gateway_api_authn.erl | 4 +- apps/emqx_gateway/src/emqx_gateway_http.erl | 2 +- .../test/emqx_gateway_api_SUITE.erl | 103 ++++++++++++++++++ 4 files changed, 109 insertions(+), 7 deletions(-) diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl index 74b1990fa..dcd65dd21 100644 --- a/apps/emqx_authn/src/emqx_authn_api.erl +++ b/apps/emqx_authn/src/emqx_authn_api.erl @@ -796,11 +796,12 @@ add_user(_, _, #{<<"user_id">> := _}) -> add_user(_, _, _) -> serialize_error({missing_parameter, user_id}). -update_user(ChainName, AuthenticatorID, UserID, UserInfo) -> - case maps:with([<<"password">>, <<"is_superuser">>], UserInfo) =:= #{} of +update_user(ChainName, AuthenticatorID, UserID, UserInfo0) -> + case maps:with([<<"password">>, <<"is_superuser">>], UserInfo0) =:= #{} of true -> serialize_error({missing_parameter, password}); false -> + UserInfo = emqx_map_lib:safe_atom_key_map(UserInfo0), case emqx_authentication:update_user(ChainName, AuthenticatorID, UserID, UserInfo) of {ok, User} -> {200, User}; @@ -907,7 +908,7 @@ serialize_error({bad_ssl_config, Details}) -> message => binfmt("bad_ssl_config ~p", [Details])}}; serialize_error({missing_parameter, Detail}) -> {400, #{code => <<"MISSING_PARAMETER">>, - message => binfmt("Missing required parameter", [Detail])}}; + message => binfmt("Missing required parameter: ~p", [Detail])}}; serialize_error({invalid_parameter, Name}) -> {400, #{code => <<"INVALID_PARAMETER">>, message => binfmt("Invalid value for '~p'", [Name])}}; diff --git a/apps/emqx_gateway/src/emqx_gateway_api_authn.erl b/apps/emqx_gateway/src/emqx_gateway_api_authn.erl index cd6c46b29..105a96989 100644 --- a/apps/emqx_gateway/src/emqx_gateway_api_authn.erl +++ b/apps/emqx_gateway/src/emqx_gateway_api_authn.erl @@ -286,9 +286,7 @@ schema("/gateway/:name/authentication/users/:uid") -> , 404 => error_codes([?NOT_FOUND], <<"Not Found">>) , 500 => error_codes([?INTERNAL_ERROR], <<"Ineternal Server Error">>) - , 200 => emqx_dashboard_swagger:schema_with_example( - ref(emqx_authn_api, response_user), - emqx_authn_api:response_user_examples()) + , 204 => <<"User Deleted">> } } }; diff --git a/apps/emqx_gateway/src/emqx_gateway_http.erl b/apps/emqx_gateway/src/emqx_gateway_http.erl index 345335ff3..0d2f765c5 100644 --- a/apps/emqx_gateway/src/emqx_gateway_http.erl +++ b/apps/emqx_gateway/src/emqx_gateway_http.erl @@ -335,7 +335,7 @@ with_authn(GwName0, Fun) -> -spec with_listener_authn(binary(), binary(), function()) -> any(). with_listener_authn(GwName0, Id, Fun) -> - with_gateway(GwName0, fun(GwName) -> + with_gateway(GwName0, fun(GwName, _GwConf) -> Authn = emqx_gateway_http:authn(GwName, Id), Fun(GwName, Authn) end). diff --git a/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl b/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl index 0998cab31..e49a78e73 100644 --- a/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl +++ b/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl @@ -207,6 +207,50 @@ t_authn(_) -> {204, _} = request(get, "/gateway/stomp/authentication"), {204, _} = request(delete, "/gateway/stomp"). +t_authn_data_mgmt(_) -> + GwConf = #{name => <<"stomp">>}, + {204, _} = request(post, "/gateway", GwConf), + {204, _} = request(get, "/gateway/stomp/authentication"), + + AuthConf = #{mechanism => <<"password-based">>, + backend => <<"built-in-database">>, + user_id_type => <<"clientid">> + }, + {204, _} = request(post, "/gateway/stomp/authentication", AuthConf), + {200, ConfResp} = request(get, "/gateway/stomp/authentication"), + assert_confs(AuthConf, ConfResp), + + User1 = #{ user_id => <<"test">> + , password => <<"123456">> + , is_superuser => false + }, + {201, _} = request(post, "/gateway/stomp/authentication/users", User1), + {200, #{data := [UserRespd1]}} = request(get, "/gateway/stomp/authentication/users"), + assert_confs(UserRespd1, User1), + + {200, UserRespd2} = request(get, + "/gateway/stomp/authentication/users/test"), + assert_confs(UserRespd2, User1), + + {200, UserRespd3} = request(put, + "/gateway/stomp/authentication/users/test", + #{password => <<"654321">>, + is_superuser => true}), + assert_confs(UserRespd3, User1#{is_superuser => true}), + + {200, UserRespd4} = request(get, + "/gateway/stomp/authentication/users/test"), + assert_confs(UserRespd4, User1#{is_superuser => true}), + + {204, _} = request(delete, "/gateway/stomp/authentication/users/test"), + + {200, #{data := []}} = request(get, + "/gateway/stomp/authentication/users"), + + {204, _} = request(delete, "/gateway/stomp/authentication"), + {204, _} = request(get, "/gateway/stomp/authentication"), + {204, _} = request(delete, "/gateway/stomp"). + t_listeners(_) -> GwConf = #{name => <<"stomp">>}, {204, _} = request(post, "/gateway", GwConf), @@ -262,6 +306,65 @@ t_listeners_authn(_) -> assert_confs(AuthConf2, ConfResp3), {204, _} = request(delete, "/gateway/stomp"). +t_listeners_authn_data_mgmt(_) -> + GwConf = #{name => <<"stomp">>, + listeners => [ + #{name => <<"def">>, + type => <<"tcp">>, + bind => <<"61613">> + }]}, + {204, _} = request(post, "/gateway", GwConf), + {200, ConfResp} = request(get, "/gateway/stomp"), + assert_confs(GwConf, ConfResp), + + AuthConf = #{mechanism => <<"password-based">>, + backend => <<"built-in-database">>, + user_id_type => <<"clientid">> + }, + Path = "/gateway/stomp/listeners/stomp:tcp:def/authentication", + {204, _} = request(post, Path, AuthConf), + {200, ConfResp2} = request(get, Path), + assert_confs(AuthConf, ConfResp2), + + User1 = #{ user_id => <<"test">> + , password => <<"123456">> + , is_superuser => false + }, + {201, _} = request(post, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users", + User1), + + {200, + #{data := [UserRespd1]} } = request( + get, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users"), + assert_confs(UserRespd1, User1), + + {200, UserRespd2} = request( + get, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test"), + assert_confs(UserRespd2, User1), + + {200, UserRespd3} = request( + put, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test", + #{password => <<"654321">>, is_superuser => true}), + assert_confs(UserRespd3, User1#{is_superuser => true}), + + {200, UserRespd4} = request( + get, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test"), + assert_confs(UserRespd4, User1#{is_superuser => true}), + + {204, _} = request( + delete, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test"), + + {200, #{data := []}} = request( + get, + "/gateway/stomp/listeners/stomp:tcp:def/authentication/users"), + {204, _} = request(delete, "/gateway/stomp"). + %%-------------------------------------------------------------------- %% Asserts