Merge pull request #11407 from lafirest/fix/config_name_example
fix(ldap): improve configuration name and docs
This commit is contained in:
lafirest
GitHub
commit
524d33a1fa
|
|
@ -54,10 +54,11 @@ fields(config) ->
|
||||||
{pool_size, fun ?ECS:pool_size/1},
|
{pool_size, fun ?ECS:pool_size/1},
|
||||||
{username, fun ensure_username/1},
|
{username, fun ensure_username/1},
|
||||||
{password, fun ?ECS:password/1},
|
{password, fun ?ECS:password/1},
|
||||||
{base_object,
|
{base_dn,
|
||||||
?HOCON(binary(), #{
|
?HOCON(binary(), #{
|
||||||
desc => ?DESC(base_object),
|
desc => ?DESC(base_dn),
|
||||||
required => true,
|
required => true,
|
||||||
|
example => <<"uid=${username},ou=testdevice,dc=emqx,dc=io">>,
|
||||||
validator => fun emqx_schema:non_empty_string/1
|
validator => fun emqx_schema:non_empty_string/1
|
||||||
})},
|
})},
|
||||||
{filter,
|
{filter,
|
||||||
|
|
@ -66,6 +67,7 @@ fields(config) ->
|
||||||
#{
|
#{
|
||||||
desc => ?DESC(filter),
|
desc => ?DESC(filter),
|
||||||
default => <<"(objectClass=mqttUser)">>,
|
default => <<"(objectClass=mqttUser)">>,
|
||||||
|
example => <<"(& (objectClass=mqttUser) (uid=${username}))">>,
|
||||||
validator => fun emqx_schema:non_empty_string/1
|
validator => fun emqx_schema:non_empty_string/1
|
||||||
}
|
}
|
||||||
)}
|
)}
|
||||||
|
|
@ -229,9 +231,9 @@ log(Level, Format, Args) ->
|
||||||
).
|
).
|
||||||
|
|
||||||
prepare_template(Config, State) ->
|
prepare_template(Config, State) ->
|
||||||
do_prepare_template(maps:to_list(maps:with([base_object, filter], Config)), State).
|
do_prepare_template(maps:to_list(maps:with([base_dn, filter], Config)), State).
|
||||||
|
|
||||||
do_prepare_template([{base_object, V} | T], State) ->
|
do_prepare_template([{base_dn, V} | T], State) ->
|
||||||
do_prepare_template(T, State#{base_tokens => emqx_placeholder:preproc_tmpl(V)});
|
do_prepare_template(T, State#{base_tokens => emqx_placeholder:preproc_tmpl(V)});
|
||||||
do_prepare_template([{filter, V} | T], State) ->
|
do_prepare_template([{filter, V} | T], State) ->
|
||||||
do_prepare_template(T, State#{filter_tokens => emqx_placeholder:preproc_tmpl(V)});
|
do_prepare_template(T, State#{filter_tokens => emqx_placeholder:preproc_tmpl(V)});
|
||||||
|
|
|
||||||
|
|
@ -154,7 +154,7 @@ ldap_config(Config) ->
|
||||||
" password = public\n"
|
" password = public\n"
|
||||||
" pool_size = 8\n"
|
" pool_size = 8\n"
|
||||||
" server = \"~s:~b\"\n"
|
" server = \"~s:~b\"\n"
|
||||||
" base_object=\"uid=${username},ou=testdevice,dc=emqx,dc=io\"\n"
|
" base_dn=\"uid=${username},ou=testdevice,dc=emqx,dc=io\"\n"
|
||||||
" filter =\"(objectClass=mqttUser)\"\n"
|
" filter =\"(objectClass=mqttUser)\"\n"
|
||||||
" ~ts\n"
|
" ~ts\n"
|
||||||
"",
|
"",
|
||||||
|
|
|
||||||
|
|
@ -167,7 +167,7 @@ t_update(_Config) ->
|
||||||
CorrectConfig = raw_ldap_auth_config(),
|
CorrectConfig = raw_ldap_auth_config(),
|
||||||
IncorrectConfig =
|
IncorrectConfig =
|
||||||
CorrectConfig#{
|
CorrectConfig#{
|
||||||
<<"base_object">> => <<"ou=testdevice,dc=emqx,dc=io">>
|
<<"base_dn">> => <<"ou=testdevice,dc=emqx,dc=io">>
|
||||||
},
|
},
|
||||||
|
|
||||||
{ok, _} = emqx:update_config(
|
{ok, _} = emqx:update_config(
|
||||||
|
|
@ -208,7 +208,7 @@ raw_ldap_auth_config() ->
|
||||||
<<"mechanism">> => <<"password_based">>,
|
<<"mechanism">> => <<"password_based">>,
|
||||||
<<"backend">> => <<"ldap">>,
|
<<"backend">> => <<"ldap">>,
|
||||||
<<"server">> => ldap_server(),
|
<<"server">> => ldap_server(),
|
||||||
<<"base_object">> => <<"uid=${username},ou=testdevice,dc=emqx,dc=io">>,
|
<<"base_dn">> => <<"uid=${username},ou=testdevice,dc=emqx,dc=io">>,
|
||||||
<<"username">> => <<"cn=root,dc=emqx,dc=io">>,
|
<<"username">> => <<"cn=root,dc=emqx,dc=io">>,
|
||||||
<<"password">> => <<"public">>,
|
<<"password">> => <<"public">>,
|
||||||
<<"pool_size">> => 8
|
<<"pool_size">> => 8
|
||||||
|
|
|
||||||
|
|
@ -138,7 +138,7 @@ raw_ldap_authz_config() ->
|
||||||
<<"enable">> => <<"true">>,
|
<<"enable">> => <<"true">>,
|
||||||
<<"type">> => <<"ldap">>,
|
<<"type">> => <<"ldap">>,
|
||||||
<<"server">> => ldap_server(),
|
<<"server">> => ldap_server(),
|
||||||
<<"base_object">> => <<"uid=${username},ou=testdevice,dc=emqx,dc=io">>,
|
<<"base_dn">> => <<"uid=${username},ou=testdevice,dc=emqx,dc=io">>,
|
||||||
<<"username">> => <<"cn=root,dc=emqx,dc=io">>,
|
<<"username">> => <<"cn=root,dc=emqx,dc=io">>,
|
||||||
<<"password">> => <<"public">>,
|
<<"password">> => <<"public">>,
|
||||||
<<"pool_size">> => 8
|
<<"pool_size">> => 8
|
||||||
|
|
|
||||||
|
|
@ -8,16 +8,17 @@ The LDAP default port 389 is used if `[:Port]` is not specified."""
|
||||||
server.label:
|
server.label:
|
||||||
"""Server Host"""
|
"""Server Host"""
|
||||||
|
|
||||||
base_object.desc:
|
base_dn.desc:
|
||||||
"""The name of the base object entry (or possibly the root) relative to
|
"""The name of the base object entry (or possibly the root) relative to
|
||||||
which the Search is to be performed."""
|
which the Search is to be performed."""
|
||||||
|
|
||||||
base_object.label:
|
base_dn.label:
|
||||||
"""Base Object"""
|
"""Base DN"""
|
||||||
|
|
||||||
filter.desc:
|
filter.desc:
|
||||||
"""The filter that defines the conditions that must be fulfilled in order
|
"""The filter that defines the conditions that must be fulfilled in order
|
||||||
for the Search to match a given entry."""
|
for the Search to match a given entry.<br>
|
||||||
|
The syntax of the filter follows RFC 4515 and also supports placeholders."""
|
||||||
|
|
||||||
filter.label:
|
filter.label:
|
||||||
"""Filter"""
|
"""Filter"""
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue