feat(authz api): get api support paging

Signed-off-by: zhanghongtong <rory-z@outlook.com>
2021-08-10 15:59:58 +08:00 · 2021-08-10 15:59:58 +08:00 · 69a0fafd6b
parent c821528af9
commit 69a0fafd6b
2 changed files with 55 additions and 19 deletions
--- a/apps/emqx_authz/src/emqx_authz_api.erl
+++ b/apps/emqx_authz/src/emqx_authz_api.erl
@ -45,17 +45,34 @@
        ]).

 api_spec() ->
-    {[ authorization_api(),
-       authorization_api2()
+    {[ api(),
+       once_api()
     ], definitions()}.

 definitions() -> emqx_authz_api_schema:definitions().

-authorization_api() ->
+api() ->
    Metadata = #{
        get => #{
            description => "List authorization rules",
-            parameters => [],
+            parameters => [
+                #{
+                    name => page,
+                    in => query,
+                    schema => #{
+                       type => integer
+                    },
+                    required => false
+                },
+                #{
+                    name => limit,
+                    in => query,
+                    schema => #{
+                       type => integer
+                    },
+                    required => false
+                }
+            ],
            responses => #{
                <<"200">> => #{
                    description => <<"OK">>,
@ -128,7 +145,7 @@ authorization_api() ->
    },
    {"/authorization", Metadata, authorization}.

-authorization_api2() ->
+once_api() ->
    Metadata = #{
        get => #{
            description => "List authorization rules",
@ -210,7 +227,7 @@ authorization_api2() ->
    },
    {"/authorization/:id", Metadata, authorization_once}.

-authorization(get, _Request) ->
+authorization(get, Request) ->
    Rules = lists:foldl(fun (#{type := _Type, enable := true, annotations := #{id := Id} = Annotations} = Rule, AccIn) ->
                                NRule = case emqx_resource:health_check(Id) of
                                    ok ->
@ -222,7 +239,21 @@ authorization(get, _Request) ->
                            (Rule, AccIn) ->
                                lists:append(AccIn, [Rule])
                        end, [], emqx_authz:lookup()),
-    {200, #{rules => Rules}};
+    Query = cowboy_req:parse_qs(Request),
+    case lists:keymember(<<"page">>, 1, Query) andalso lists:keymember(<<"limit">>, 1, Query) of
+        true ->
+            {<<"page">>, Page} = lists:keyfind(<<"page">>, 1, Query),
+            {<<"limit">>, Limit} = lists:keyfind(<<"limit">>, 1, Query),
+            Index = (binary_to_integer(Page) - 1) * binary_to_integer(Limit),
+            {_, Rules1} = lists:split(Index, Rules),
+            case binary_to_integer(Limit) < length(Rules1) of
+                true ->
+                    {Rules2, _} = lists:split(binary_to_integer(Limit), Rules1),
+                    {200, #{rules => Rules2}};
+                false -> {200, #{rules => Rules1}}
+            end;
+        false -> {200, #{rules => Rules}}
+    end;
 authorization(post, Request) ->
    {ok, Body, _} = cowboy_req:read_body(Request),
    RawConfig = jsx:decode(Body, [return_maps]),
--- a/apps/emqx_authz/test/emqx_authz_api_SUITE.erl
+++ b/apps/emqx_authz/test/emqx_authz_api_SUITE.erl
@ -75,28 +75,33 @@ t_post(_) ->
    {ok, 200, Result1} = request(get, uri(["authorization"]), []),
    ?assertEqual([], get_rules(Result1)),

-    {ok, 201, _} = request(post, uri(["authorization"]),
-                           #{<<"action">> => <<"all">>, <<"permission">> => <<"deny">>,
-                             <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}),
-    {ok, 201, _} = request(post, uri(["authorization"]),
-                           #{<<"action">> => <<"all">>, <<"permission">> => <<"deny">>,
-                             <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}),
-    {ok, 201, _} = request(post, uri(["authorization"]),
-                           #{<<"action">> => <<"all">>, <<"permission">> => <<"deny">>,
-                             <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}),
+    lists:foreach(fun(_) ->
+                        {ok, 201, _} = request(post, uri(["authorization"]),
+                                         #{<<"action">> => <<"all">>,
+                                           <<"permission">> => <<"deny">>,
+                                           <<"principal">> => <<"all">>,
+                                           <<"topics">> => [<<"#">>]}
+                                        )
+                  end, lists:seq(1, 20)),
    {ok, 200, Result2} = request(get, uri(["authorization"]), []),
-    ?assertEqual(3, length(get_rules(Result2))),
+    ?assertEqual(20, length(get_rules(Result2))),
+
+    lists:foreach(fun(Page) ->
+                          Query = "?page=" ++ integer_to_list(Page) ++ "&&limit=10",
+                          Url = uri(["authorization" ++ Query]),
+                          {ok, 200, Result} = request(get, Url, []),
+                          ?assertEqual(10, length(get_rules(Result)))
+                  end, lists:seq(1, 2)),

    {ok, 204, _} = request(put, uri(["authorization"]),
                           [ #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
                           , #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
                           , #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
-                           , #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
                           ]),

    {ok, 200, Result3} = request(get, uri(["authorization"]), []),
    Rules = get_rules(Result3),
-    ?assertEqual(4, length(Rules)),
+    ?assertEqual(3, length(Rules)),

    lists:foreach(fun(#{<<"permission">> := Allow}) ->
                          ?assertEqual(<<"allow">>, Allow)