yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add credentials/1 function

This commit is contained in:
Feng Lee 2018-08-27 09:28:49 +08:00
parent a369fb6960
commit 3f811aa9ca
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/emqx_protocol.erl
View File

@ -18,6 +18,7 @@
-include("emqx_mqtt.hrl"). -include("emqx_mqtt.hrl").
-export([init/2, info/1, caps/1, stats/1]). -export([init/2, info/1, caps/1, stats/1]).
-export([credentials/1]).
-export([client/1, client_id/1]). -export([client/1, client_id/1]).
-export([session/1]). -export([session/1]).
-export([parser/1]). -export([parser/1]).
@ -134,6 +135,15 @@ info(#pstate{zone = Zone,
caps(#pstate{zone = Zone}) -> caps(#pstate{zone = Zone}) ->
emqx_mqtt_caps:get_caps(Zone). emqx_mqtt_caps:get_caps(Zone).
credentials(#pstate{zone = Zone,
client_id = ClientId,
username = Username,
peername = Peername}) ->
#{zone => Zone,
client_id => ClientId,
username => Username,
peername => Peername}.
client(#pstate{zone = Zone, client(#pstate{zone = Zone,
client_id = ClientId, client_id = ClientId,
client_pid = ClientPid, client_pid = ClientPid,
@ -219,7 +229,7 @@ process(?CONNECT_PACKET(
connack( connack(
case check_connect(Connect, PState1) of case check_connect(Connect, PState1) of
{ok, PState2} -> {ok, PState2} ->
case authenticate(client(PState2), Password) of case authenticate(credentials(PState2), Password) of
{ok, IsSuper} -> {ok, IsSuper} ->
%% Maybe assign a clientId %% Maybe assign a clientId
PState3 = maybe_assign_client_id(PState2#pstate{is_super = IsSuper}), PState3 = maybe_assign_client_id(PState2#pstate{is_super = IsSuper}),
@ -449,8 +459,8 @@ try_open_session(#pstate{zone = Zone,
Other -> Other Other -> Other
end. end.
authenticate(Client, Password) -> authenticate(Credentials, Password) ->
case emqx_access_control:authenticate(Client, Password) of case emqx_access_control:authenticate(Credentials, Password) of
ok -> {ok, false}; ok -> {ok, false};
{ok, IsSuper} -> {ok, IsSuper}; {ok, IsSuper} -> {ok, IsSuper};
{error, Error} -> {error, Error} {error, Error} -> {error, Error}
@ -511,7 +521,7 @@ check_pub_acl(_Packet, #pstate{is_super = IsSuper, enable_acl = EnableAcl})
ok; ok;
check_pub_acl(#mqtt_packet{variable = #mqtt_packet_publish{topic_name = Topic}}, PState) -> check_pub_acl(#mqtt_packet{variable = #mqtt_packet_publish{topic_name = Topic}}, PState) ->
case emqx_access_control:check_acl(client(PState), publish, Topic) of case emqx_access_control:check_acl(credentials(PState), publish, Topic) of
allow -> ok; allow -> ok;
deny -> {error, ?RC_NOT_AUTHORIZED} deny -> {error, ?RC_NOT_AUTHORIZED}
end. end.
@ -541,10 +551,10 @@ check_sub_acl(TopicFilters, #pstate{is_super = IsSuper, enable_acl = EnableAcl})
{ok, TopicFilters}; {ok, TopicFilters};
check_sub_acl(TopicFilters, PState) -> check_sub_acl(TopicFilters, PState) ->
Client = client(PState), Credentials = credentials(PState),
lists:foldr( lists:foldr(
fun({Topic, SubOpts}, {Ok, Acc}) -> fun({Topic, SubOpts}, {Ok, Acc}) ->
case emqx_access_control:check_acl(Client, subscribe, Topic) of case emqx_access_control:check_acl(Credentials, subscribe, Topic) of
allow -> {Ok, [{Topic, SubOpts}|Acc]}; allow -> {Ok, [{Topic, SubOpts}|Acc]};
deny -> {error, [{Topic, SubOpts#{rc := ?RC_NOT_AUTHORIZED}}|Acc]} deny -> {error, [{Topic, SubOpts#{rc := ?RC_NOT_AUTHORIZED}}|Acc]}
end end