From 56917fee5fa94eb1ef8340021fbb9b9db3c5769a Mon Sep 17 00:00:00 2001 From: firest Date: Tue, 26 Sep 2023 14:15:41 +0800 Subject: [PATCH] fix(sso): Improved SSO user deletion command --- .../emqx_dashboard/include/emqx_dashboard.hrl | 1 + .../src/emqx_dashboard_admin.erl | 2 +- .../emqx_dashboard/src/emqx_dashboard_api.erl | 2 +- .../src/emqx_dashboard_token.erl | 2 +- .../src/emqx_dashboard_sso_cli.erl | 30 +++++++++++-------- 5 files changed, 22 insertions(+), 15 deletions(-) diff --git a/apps/emqx_dashboard/include/emqx_dashboard.hrl b/apps/emqx_dashboard/include/emqx_dashboard.hrl index 3e089ccbf..9013436e7 100644 --- a/apps/emqx_dashboard/include/emqx_dashboard.hrl +++ b/apps/emqx_dashboard/include/emqx_dashboard.hrl @@ -24,6 +24,7 @@ -define(ROLE_SUPERUSER, <<"administrator">>). -define(ROLE_DEFAULT, ?ROLE_SUPERUSER). +-define(BACKEND_LOCAL, local). -define(SSO_USERNAME(Backend, Name), {Backend, Name}). -type dashboard_sso_backend() :: atom(). diff --git a/apps/emqx_dashboard/src/emqx_dashboard_admin.erl b/apps/emqx_dashboard/src/emqx_dashboard_admin.erl index e262cf389..e9aac164b 100644 --- a/apps/emqx_dashboard/src/emqx_dashboard_admin.erl +++ b/apps/emqx_dashboard/src/emqx_dashboard_admin.erl @@ -427,7 +427,7 @@ flatten_username(#{username := ?SSO_USERNAME(Backend, Name)} = Data) -> backend => Backend }; flatten_username(#{username := Username} = Data) when is_binary(Username) -> - Data#{backend => local}. + Data#{backend => ?BACKEND_LOCAL}. -spec add_sso_user(dashboard_sso_backend(), binary(), dashboard_user_role(), binary()) -> {ok, map()} | {error, any()}. diff --git a/apps/emqx_dashboard/src/emqx_dashboard_api.erl b/apps/emqx_dashboard/src/emqx_dashboard_api.erl index 9ee07dc06..8a81f2116 100644 --- a/apps/emqx_dashboard/src/emqx_dashboard_api.erl +++ b/apps/emqx_dashboard/src/emqx_dashboard_api.erl @@ -379,7 +379,7 @@ sso_parameters() -> sso_parameters(Params) -> emqx_dashboard_sso_api:sso_parameters(Params). -username(#{query_string := #{<<"backend">> := local}}, Username) -> +username(#{query_string := #{<<"backend">> := ?BACKEND_LOCAL}}, Username) -> Username; username(#{query_string := #{<<"backend">> := Backend}}, Username) -> ?SSO_USERNAME(Backend, Username); diff --git a/apps/emqx_dashboard/src/emqx_dashboard_token.erl b/apps/emqx_dashboard/src/emqx_dashboard_token.erl index 866da971b..1c840e90c 100644 --- a/apps/emqx_dashboard/src/emqx_dashboard_token.erl +++ b/apps/emqx_dashboard/src/emqx_dashboard_token.erl @@ -191,7 +191,7 @@ token_ttl() -> format(Token, ?SSO_USERNAME(Backend, Name), Role, ExpTime) -> format(Token, Backend, Name, Role, ExpTime); format(Token, Username, Role, ExpTime) -> - format(Token, local, Username, Role, ExpTime). + format(Token, ?BACKEND_LOCAL, Username, Role, ExpTime). format(Token, Backend, Username, Role, ExpTime) -> #?ADMIN_JWT{ diff --git a/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_cli.erl b/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_cli.erl index 308d37f5c..2fe4f8937 100644 --- a/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_cli.erl +++ b/apps/emqx_dashboard_sso/src/emqx_dashboard_sso_cli.erl @@ -34,16 +34,13 @@ admins(["passwd", Username, Password]) -> print_error(Reason) end; admins(["del", Username]) -> - case emqx_dashboard_admin:remove_user(bin(Username)) of - {ok, _} -> - emqx_ctl:print("ok~n"); - {error, Reason} -> - print_error(Reason) - end; -admins(["del", Username, Backend]) -> - case emqx_dashboard_admin:remove_user(?SSO_USERNAME(atom(Backend), bin(Username))) of - {ok, _} -> - emqx_ctl:print("ok~n"); + delete_user(bin(Username)); +admins(["del", Username, BackendName]) -> + case atom(BackendName) of + {ok, ?BACKEND_LOCAL} -> + delete_user(bin(Username)); + {ok, Backend} -> + delete_user(?SSO_USERNAME(Backend, bin(Username))); {error, Reason} -> print_error(Reason) end; @@ -52,9 +49,18 @@ admins(_) -> [ {"admins add ", "Add dashboard user"}, {"admins passwd ", "Reset dashboard user password"}, - {"admins del ", "Delete dashboard user"} + {"admins del ", + "Delete dashboard user, can be omitted, the default value is 'local'"} ] ). atom(S) -> - erlang:list_to_atom(S). + emqx_utils:safe_to_existing_atom(S). + +delete_user(Username) -> + case emqx_dashboard_admin:remove_user(Username) of + {ok, _} -> + emqx_ctl:print("ok~n"); + {error, Reason} -> + print_error(Reason) + end.