yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(authz): support sync configuration in the cluster

This commit is contained in:
zhouzb 2021-12-21 17:00:49 +08:00
parent a9b443ae34
commit 25b7719db5
3 changed files with 25 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
apps/emqx_authz/src/emqx_authz.erl
View File

@ -33,7 +33,6 @@
, move/2 , move/2
, move/3 , move/3
, update/2 , update/2
, update/3
, authorize/5 , authorize/5
]). ]).
@ -114,24 +113,18 @@ move(Type, Cmd) ->
move(Type, Cmd, #{}). move(Type, Cmd, #{}).
move(Type, #{<<"before">> := Before}, Opts) -> move(Type, #{<<"before">> := Before}, Opts) ->
emqx:update_config( ?CONF_KEY_PATH emqx_authz_utils:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_BEFORE(type(Before))}, Opts);
, {?CMD_MOVE, type(Type), ?CMD_MOVE_BEFORE(type(Before))}, Opts);
move(Type, #{<<"after">> := After}, Opts) -> move(Type, #{<<"after">> := After}, Opts) ->
emqx:update_config( ?CONF_KEY_PATH emqx_authz_utils:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_AFTER(type(After))}, Opts);
, {?CMD_MOVE, type(Type), ?CMD_MOVE_AFTER(type(After))}, Opts);
move(Type, Position, Opts) -> move(Type, Position, Opts) ->
emqx:update_config( ?CONF_KEY_PATH emqx_authz_utils:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), Position}, Opts).
, {?CMD_MOVE, type(Type), Position}, Opts).
update({?CMD_REPLACE, Type}, Sources) ->
emqx_authz_utils:update_config(?CONF_KEY_PATH, {{?CMD_REPLACE, type(Type)}, Sources});
update({?CMD_DELETE, Type}, Sources) ->
emqx_authz_utils:update_config(?CONF_KEY_PATH, {{?CMD_DELETE, type(Type)}, Sources});
update(Cmd, Sources) -> update(Cmd, Sources) ->
update(Cmd, Sources, #{}). emqx_authz_utils:update_config(?CONF_KEY_PATH, {Cmd, Sources}).
update({?CMD_REPLACE, Type}, Sources, Opts) ->
emqx:update_config(?CONF_KEY_PATH, {{?CMD_REPLACE, type(Type)}, Sources}, Opts);
update({?CMD_DELETE, Type}, Sources, Opts) ->
emqx:update_config(?CONF_KEY_PATH, {{?CMD_DELETE, type(Type)}, Sources}, Opts);
update(Cmd, Sources, Opts) ->
emqx:update_config(?CONF_KEY_PATH, {Cmd, Sources}, Opts).
do_update({?CMD_MOVE, Type, ?CMD_MOVE_TOP}, Conf) when is_list(Conf) -> do_update({?CMD_MOVE, Type, ?CMD_MOVE_TOP}, Conf) when is_list(Conf) ->
{Source, Front, Rear} = take(Type, Conf), {Source, Front, Rear} = take(Type, Conf),
@ -155,8 +148,8 @@ do_update({?CMD_APPEND, Sources}, Conf) when is_list(Sources), is_list(Conf) ->
NConf = Conf ++ Sources, NConf = Conf ++ Sources,
ok = check_dup_types(NConf), ok = check_dup_types(NConf),
NConf; NConf;
do_update({{?CMD_REPLACE, Type}, #{<<"enable">> := true} = Source}, Conf) when is_map(Source), do_update({{?CMD_REPLACE, Type}, #{<<"enable">> := true} = Source}, Conf)
is_list(Conf) -> when is_map(Source), is_list(Conf) ->
case create_dry_run(Type, Source) of case create_dry_run(Type, Source) of
ok -> ok ->
{_Old, Front, Rear} = take(Type, Conf), {_Old, Front, Rear} = take(Type, Conf),
@ -165,7 +158,8 @@ do_update({{?CMD_REPLACE, Type}, #{<<"enable">> := true} = Source}, Conf) when i
NConf; NConf;
{error, _} = Error -> Error {error, _} = Error -> Error
end; end;
do_update({{?CMD_REPLACE, Type}, Source}, Conf) when is_map(Source), is_list(Conf) -> do_update({{?CMD_REPLACE, Type}, Source}, Conf)
when is_map(Source), is_list(Conf) ->
{_Old, Front, Rear} = take(Type, Conf), {_Old, Front, Rear} = take(Type, Conf),
NConf = Front ++ [Source | Rear], NConf = Front ++ [Source | Rear],
ok = check_dup_types(NConf), ok = check_dup_types(NConf),

7
apps/emqx_authz/src/emqx_authz_api_settings.erl
View File

@ -54,8 +54,9 @@ settings(get, _Params) ->
settings(put, #{body := #{<<"no_match">> := NoMatch, settings(put, #{body := #{<<"no_match">> := NoMatch,
<<"deny_action">> := DenyAction, <<"deny_action">> := DenyAction,
<<"cache">> := Cache}}) -> <<"cache">> := Cache}}) ->
{ok, _} = emqx:update_config([authorization, no_match], NoMatch), {ok, _} = emqx_authz_utils:update_config([authorization, no_match], NoMatch),
{ok, _} = emqx:update_config([authorization, deny_action], DenyAction), {ok, _} = emqx_authz_utils:update_config(
{ok, _} = emqx:update_config([authorization, cache], Cache), [authorization, deny_action], DenyAction),
{ok, _} = emqx_authz_utils:update_config([authorization, cache], Cache),
ok = emqx_authz_cache:drain_cache(), ok = emqx_authz_cache:drain_cache(),
{200, authorization_settings()}. {200, authorization_settings()}.

12
apps/emqx_authz/src/emqx_authz_utils.erl
View File

@ -18,9 +18,11 @@
-include_lib("emqx/include/emqx_placeholder.hrl"). -include_lib("emqx/include/emqx_placeholder.hrl").
-export([cleanup_resources/0, -export([ cleanup_resources/0
make_resource_id/1, , make_resource_id/1
create_resource/2]). , create_resource/2
, update_config/2
]).
-define(RESOURCE_GROUP, <<"emqx_authz">>). -define(RESOURCE_GROUP, <<"emqx_authz">>).
@ -45,6 +47,10 @@ make_resource_id(Name) ->
NameBin = bin(Name), NameBin = bin(Name),
emqx_resource:generate_id(?RESOURCE_GROUP, NameBin). emqx_resource:generate_id(?RESOURCE_GROUP, NameBin).
update_config(Path, ConfigRequest) ->
emqx_conf:update(Path, ConfigRequest, #{rawconf_with_defaults => true,
override_to => cluster}).
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
%% Internal functions %% Internal functions
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------