yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(authz connector): match directly using the results returned by sql 

Signed-off-by: zhanghongtong <rory-z@outlook.com>
This commit is contained in:
zhanghongtong 2021-07-09 14:28:48 +08:00 committed by Rory Z
parent 088e615818
commit 3195561a79
3 changed files with 3 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apps/emqx_authz/src/emqx_authz_mongo.erl
View File

@ -60,8 +60,7 @@ match(Client, PubSub, Topic,
<<"permission">> := Permission, <<"permission">> := Permission,
<<"action">> := Action <<"action">> := Action
}) -> }) ->
Rule = #{<<"principal">> => all, Rule = #{<<"permission">> => Permission,
<<"permission">> => Permission,
<<"topics">> => Topics, <<"topics">> => Topics,
<<"action">> => Action <<"action">> => Action
}, },

19
apps/emqx_authz/src/emqx_authz_mysql.erl
View File

@ -77,13 +77,9 @@ format_result(Columns, Row) ->
match(Client, PubSub, Topic, match(Client, PubSub, Topic,
#{<<"permission">> := Permission, #{<<"permission">> := Permission,
<<"action">> := Action, <<"action">> := Action,
<<"clientid">> := ClientId,
<<"username">> := Username,
<<"ipaddress">> := IpAddress,
<<"topic">> := TopicFilter <<"topic">> := TopicFilter
}) -> }) ->
Rule = #{<<"principal">> => principal(IpAddress, Username, ClientId), Rule = #{<<"topics">> => [TopicFilter],
<<"topics">> => [TopicFilter],
<<"action">> => Action, <<"action">> => Action,
<<"permission">> => Permission <<"permission">> => Permission
}, },
@ -99,19 +95,6 @@ match(Client, PubSub, Topic,
false -> nomatch false -> nomatch
end. end.
principal(CIDR, Username, ClientId) ->
Cols = [{<<"ipaddress">>, CIDR}, {<<"username">>, Username}, {<<"clientid">>, ClientId}],
case [#{C => V} || {C, V} <- Cols, not empty(V)] of
[] -> throw(undefined_who);
[Who] -> Who;
Conds -> #{<<"and">> => Conds}
end.
empty(null) -> true;
empty("") -> true;
empty(<<>>) -> true;
empty(_) -> false.
replvar(Params, ClientInfo) -> replvar(Params, ClientInfo) ->
replvar(Params, ClientInfo, []). replvar(Params, ClientInfo, []).

19
apps/emqx_authz/src/emqx_authz_pgsql.erl
View File

@ -81,13 +81,9 @@ format_result(Columns, Row) ->
match(Client, PubSub, Topic, match(Client, PubSub, Topic,
#{<<"permission">> := Permission, #{<<"permission">> := Permission,
<<"action">> := Action, <<"action">> := Action,
<<"clientid">> := ClientId,
<<"username">> := Username,
<<"ipaddress">> := IpAddress,
<<"topic">> := TopicFilter <<"topic">> := TopicFilter
}) -> }) ->
Rule = #{<<"principal">> => principal(IpAddress, Username, ClientId), Rule = #{<<"topics">> => [TopicFilter],
<<"topics">> => [TopicFilter],
<<"action">> => Action, <<"action">> => Action,
<<"permission">> => Permission <<"permission">> => Permission
}, },
@ -103,19 +99,6 @@ match(Client, PubSub, Topic,
false -> nomatch false -> nomatch
end. end.
principal(CIDR, Username, ClientId) ->
Cols = [{<<"ipaddress">>, CIDR}, {<<"username">>, Username}, {<<"clientid">>, ClientId}],
case [#{C => V} || {C, V} <- Cols, not empty(V)] of
[] -> throw(undefined_who);
[Who] -> Who;
Conds -> #{<<"and">> => Conds}
end.
empty(null) -> true;
empty("") -> true;
empty(<<>>) -> true;
empty(_) -> false.
replvar(Params, ClientInfo) -> replvar(Params, ClientInfo) ->
replvar(Params, ClientInfo, []). replvar(Params, ClientInfo, []).