yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

acl doc

This commit is contained in:
Ery Lee 2015-03-24 20:46:14 +08:00
parent 2a9653f8a8
commit 3c0c394621
7 changed files with 138 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
CHANGELOG.md
View File

@ -2,6 +2,22 @@
eMQTTD ChangeLog
==================
0.6.0-alpha (2015-03-28)
-------------------------
ACL
Plugin Architecture
0.5.4-alpha (2015-03-24)
-------------------------
TODO: static, dynamic topics
emqttd_pubsub to remove unused dynamic trie nodes...
0.5.4-alpha (2015-03-22)
-------------------------

30
TODO
View File

@ -1,18 +1,10 @@
v0.9.0-alpha (2015-03-20)
0.5.5
-------------------------
emqtt_sm, emqtt_cm, emqtt_pubsub performance issue...
static, dynmaic, bridge types of topic and trie node
v0.8.0-alpha (2015-03-20)
-------------------------
try_to_remove topic node
MQTT/WebSocket
v0.7.0-alpha (2015-03-20)
-------------------------
Admin Console
v0.6.0-alpha (2015-03-20)
-------------------------
@ -31,12 +23,26 @@ Mnesia ACL
MySQL ACL
0.6.0
=====
Tsung MQTT Test
v0.9.0-alpha (2015-03-20)
-------------------------
emqtt_sm, emqtt_cm, emqtt_pubsub performance issue...
v0.8.0-alpha (2015-03-20)
-------------------------
MQTT/WebSocket
v0.7.0-alpha (2015-03-20)
-------------------------
Admin Console
one million connections test...

10
apps/emqttd/include/emqttd.hrl
View File

@ -80,8 +80,14 @@
%% MQTT Authorization
%%------------------------------------------------------------------------------
%%{subscribe, From, Topic}
%%{publish, From, Topic}
%% {subscribe, From, Topic}
%% {publish, From, Topic}
%%TODO: ClientId | Username --> Pub | Sub --> Topics
%%------------------------------------------------------------------------------
%% MQTT Plugin
%%------------------------------------------------------------------------------
-record(mqtt_plugin, {name, version, attrs, description}).

29
apps/emqttd/src/emqttd_acl.erl
View File

@ -22,33 +22,23 @@
%%% @doc
%%% emqttd ACL.
%%%
%%% Two types of authorization:
%%%
%%% subscribe topic
%%% publish to topic
%%%
%%% @end
%%%-----------------------------------------------------------------------------
-module(emqttd_acl).
%%TODO: 0.6.0...
% Three types of authorization
%
% 1. connection from
% 2. subscribe topic
% 3. publish to topic
%
-behaviour(gen_server).
-define(SERVER, ?MODULE).
%% ------------------------------------------------------------------
%% API Function Exports
%% ------------------------------------------------------------------
-export([start_link/0]).
%% ------------------------------------------------------------------
%% gen_server Function Exports
%% ------------------------------------------------------------------
-export([start_link/0, allow/3]).
%% gen_server callbacks
-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
terminate/2, code_change/3]).
@ -59,6 +49,11 @@
start_link() ->
gen_server:start_link({local, ?SERVER}, ?MODULE, [], []).
allow(subscribe, User, Topic) ->
true;
allow(publish, User, Topic) ->
true.
%% ------------------------------------------------------------------
%% gen_server Function Definitions
%% ------------------------------------------------------------------

50
apps/emqttd/src/emqttd_plugin.erl
View File

@ -27,4 +27,52 @@
-module(emqttd_plugin).
-record(plugin, {name, app, attrs}).
-behaviour(gen_server).
-define(SERVER, ?MODULE).
%% API Function Exports
-export([start_link/0, allow/3]).
%% gen_server callbacks
-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
terminate/2, code_change/3]).
%% ------------------------------------------------------------------
%% API Function Definitions
%% ------------------------------------------------------------------
start_link() ->
gen_server:start_link({local, ?SERVER}, ?MODULE, [], []).
allow(subscribe, User, Topic) ->
true;
allow(publish, User, Topic) ->
true.
%% ------------------------------------------------------------------
%% gen_server Function Definitions
%% ------------------------------------------------------------------
init(Args) ->
{ok, Args}.
handle_call(_Request, _From, State) ->
{reply, ok, State}.
handle_cast(_Msg, State) ->
{noreply, State}.
handle_info(_Info, State) ->
{noreply, State}.
terminate(_Reason, _State) ->
ok.
code_change(_OldVsn, State, _Extra) ->
{ok, State}.
%% ------------------------------------------------------------------
%% Internal Function Definitions
%% ------------------------------------------------------------------

30
doc/acl.md Normal file
View File

@ -0,0 +1,30 @@
# ACL
## Protocol
Authentication of users and devices
Authorization of access to Server resources
An implementation may restrict access to Server resources based on information provided by the Client such as User Name, Client Identifier, the hostname/IP address of the Client, or the outcome of authentication mechanisms.
Identify a MQTT User: Peername, ClientId, Username
## Access Rule
allow | deny Who subscribe | publish Topic | all
allow {clientid, {regexp, "abcd"}} subscribe "anna"
deny {clientid, "xxxx"} publish "#"
allow {clientid, "abcd"} publish "#"
allow {peername, "127.0.0.1"} subscribe "$SYS/#"
allow {peername, "127.0.0.1"} subscribe all
allow {clientid, "clientid"} subscribe "#"
allow {clientid, {regexp, "abcd"}} publish "anna"
allow all subscribe all
deny all subscribe all
allow all
deny all

5
doc/topic.md
View File

@ -15,3 +15,8 @@ bridge:
cretated when bridge...
## Create Topics
emqttd_pubsub:create(Type, Name)
emqttd_pubsub:create(#topic{name = Name, node= node(), type = Type}).