test: add emqx_access_control:authorize case for exhook
This commit is contained in:
firest
parent
71aaf5c538
commit
63a6cd15c1
|
|
@ -23,6 +23,7 @@
|
||||||
|
|
||||||
-include_lib("eunit/include/eunit.hrl").
|
-include_lib("eunit/include/eunit.hrl").
|
||||||
-include_lib("common_test/include/ct.hrl").
|
-include_lib("common_test/include/ct.hrl").
|
||||||
|
-include_lib("emqx/include/emqx_hooks.hrl").
|
||||||
|
|
||||||
-define(DEFAULT_CLUSTER_NAME_ATOM, emqxcl).
|
-define(DEFAULT_CLUSTER_NAME_ATOM, emqxcl).
|
||||||
|
|
||||||
|
|
@ -105,7 +106,10 @@ load_cfg(Cfg) ->
|
||||||
%%--------------------------------------------------------------------
|
%%--------------------------------------------------------------------
|
||||||
|
|
||||||
t_access_failed_if_no_server_running(Config) ->
|
t_access_failed_if_no_server_running(Config) ->
|
||||||
emqx_exhook_mgr:disable(<<"default">>),
|
meck:expect(emqx_metrics_worker, inc, fun(_, _, _) -> ok end),
|
||||||
|
meck:expect(emqx_metrics, inc, fun(_) -> ok end),
|
||||||
|
emqx_hooks:add('client.authorize', {emqx_authz, authorize, [[]]}, ?HP_AUTHZ),
|
||||||
|
|
||||||
ClientInfo = #{
|
ClientInfo = #{
|
||||||
clientid => <<"user-id-1">>,
|
clientid => <<"user-id-1">>,
|
||||||
username => <<"usera">>,
|
username => <<"usera">>,
|
||||||
|
|
@ -114,6 +118,25 @@ t_access_failed_if_no_server_running(Config) ->
|
||||||
protocol => mqtt,
|
protocol => mqtt,
|
||||||
mountpoint => undefined
|
mountpoint => undefined
|
||||||
},
|
},
|
||||||
|
?assertMatch(
|
||||||
|
allow,
|
||||||
|
emqx_access_control:authorize(
|
||||||
|
ClientInfo#{username => <<"gooduser">>},
|
||||||
|
publish,
|
||||||
|
<<"acl/1">>
|
||||||
|
)
|
||||||
|
),
|
||||||
|
|
||||||
|
?assertMatch(
|
||||||
|
deny,
|
||||||
|
emqx_access_control:authorize(
|
||||||
|
ClientInfo#{username => <<"baduser">>},
|
||||||
|
publish,
|
||||||
|
<<"acl/2">>
|
||||||
|
)
|
||||||
|
),
|
||||||
|
|
||||||
|
emqx_exhook_mgr:disable(<<"default">>),
|
||||||
?assertMatch(
|
?assertMatch(
|
||||||
{stop, {error, not_authorized}},
|
{stop, {error, not_authorized}},
|
||||||
emqx_exhook_handler:on_client_authenticate(ClientInfo, #{auth_result => success})
|
emqx_exhook_handler:on_client_authenticate(ClientInfo, #{auth_result => success})
|
||||||
|
|
@ -122,7 +145,7 @@ t_access_failed_if_no_server_running(Config) ->
|
||||||
?assertMatch(
|
?assertMatch(
|
||||||
{stop, #{result := deny, from := exhook}},
|
{stop, #{result := deny, from := exhook}},
|
||||||
emqx_exhook_handler:on_client_authorize(ClientInfo, publish, <<"t/1">>, #{
|
emqx_exhook_handler:on_client_authorize(ClientInfo, publish, <<"t/1">>, #{
|
||||||
result => allow, from => exhookk
|
result => allow, from => exhook
|
||||||
})
|
})
|
||||||
),
|
),
|
||||||
|
|
||||||
|
|
@ -132,6 +155,7 @@ t_access_failed_if_no_server_running(Config) ->
|
||||||
emqx_exhook_handler:on_message_publish(Message)
|
emqx_exhook_handler:on_message_publish(Message)
|
||||||
),
|
),
|
||||||
emqx_exhook_mgr:enable(<<"default">>),
|
emqx_exhook_mgr:enable(<<"default">>),
|
||||||
|
emqx_hooks:del('client.authorize', {emqx_authz, authorize}),
|
||||||
assert_get_basic_usage_info(Config).
|
assert_get_basic_usage_info(Config).
|
||||||
|
|
||||||
t_lookup(_) ->
|
t_lookup(_) ->
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue