yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(authz api): get api support paging 

Signed-off-by: zhanghongtong <rory-z@outlook.com>
This commit is contained in:
zhanghongtong 2021-08-10 15:59:58 +08:00 committed by Rory Z
parent c821528af9
commit 69a0fafd6b
2 changed files with 55 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
apps/emqx_authz/src/emqx_authz_api.erl
View File

@ -45,17 +45,34 @@
]). ]).
api_spec() -> api_spec() ->
{[ authorization_api(), {[ api(),
authorization_api2() once_api()
], definitions()}. ], definitions()}.
definitions() -> emqx_authz_api_schema:definitions(). definitions() -> emqx_authz_api_schema:definitions().
authorization_api() -> api() ->
Metadata = #{ Metadata = #{
get => #{ get => #{
description => "List authorization rules", description => "List authorization rules",
parameters => [], parameters => [
#{
name => page,
in => query,
schema => #{
type => integer
},
required => false
},
#{
name => limit,
in => query,
schema => #{
type => integer
},
required => false
}
],
responses => #{ responses => #{
<<"200">> => #{ <<"200">> => #{
description => <<"OK">>, description => <<"OK">>,
@ -128,7 +145,7 @@ authorization_api() ->
}, },
{"/authorization", Metadata, authorization}. {"/authorization", Metadata, authorization}.
authorization_api2() -> once_api() ->
Metadata = #{ Metadata = #{
get => #{ get => #{
description => "List authorization rules", description => "List authorization rules",
@ -210,7 +227,7 @@ authorization_api2() ->
}, },
{"/authorization/:id", Metadata, authorization_once}. {"/authorization/:id", Metadata, authorization_once}.
authorization(get, _Request) -> authorization(get, Request) ->
Rules = lists:foldl(fun (#{type := _Type, enable := true, annotations := #{id := Id} = Annotations} = Rule, AccIn) -> Rules = lists:foldl(fun (#{type := _Type, enable := true, annotations := #{id := Id} = Annotations} = Rule, AccIn) ->
NRule = case emqx_resource:health_check(Id) of NRule = case emqx_resource:health_check(Id) of
ok -> ok ->
@ -222,7 +239,21 @@ authorization(get, _Request) ->
(Rule, AccIn) -> (Rule, AccIn) ->
lists:append(AccIn, [Rule]) lists:append(AccIn, [Rule])
end, [], emqx_authz:lookup()), end, [], emqx_authz:lookup()),
{200, #{rules => Rules}}; Query = cowboy_req:parse_qs(Request),
case lists:keymember(<<"page">>, 1, Query) andalso lists:keymember(<<"limit">>, 1, Query) of
true ->
{<<"page">>, Page} = lists:keyfind(<<"page">>, 1, Query),
{<<"limit">>, Limit} = lists:keyfind(<<"limit">>, 1, Query),
Index = (binary_to_integer(Page) - 1) * binary_to_integer(Limit),
{_, Rules1} = lists:split(Index, Rules),
case binary_to_integer(Limit) < length(Rules1) of
true ->
{Rules2, _} = lists:split(binary_to_integer(Limit), Rules1),
{200, #{rules => Rules2}};
false -> {200, #{rules => Rules1}}
end;
false -> {200, #{rules => Rules}}
end;
authorization(post, Request) -> authorization(post, Request) ->
{ok, Body, _} = cowboy_req:read_body(Request), {ok, Body, _} = cowboy_req:read_body(Request),
RawConfig = jsx:decode(Body, [return_maps]), RawConfig = jsx:decode(Body, [return_maps]),

29
apps/emqx_authz/test/emqx_authz_api_SUITE.erl
View File

@ -75,28 +75,33 @@ t_post(_) ->
{ok, 200, Result1} = request(get, uri(["authorization"]), []), {ok, 200, Result1} = request(get, uri(["authorization"]), []),
?assertEqual([], get_rules(Result1)), ?assertEqual([], get_rules(Result1)),
{ok, 201, _} = request(post, uri(["authorization"]), lists:foreach(fun(_) ->
#{<<"action">> => <<"all">>, <<"permission">> => <<"deny">>, {ok, 201, _} = request(post, uri(["authorization"]),
<<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}), #{<<"action">> => <<"all">>,
{ok, 201, _} = request(post, uri(["authorization"]), <<"permission">> => <<"deny">>,
#{<<"action">> => <<"all">>, <<"permission">> => <<"deny">>, <<"principal">> => <<"all">>,
<<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}), <<"topics">> => [<<"#">>]}
{ok, 201, _} = request(post, uri(["authorization"]), )
#{<<"action">> => <<"all">>, <<"permission">> => <<"deny">>, end, lists:seq(1, 20)),
<<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}),
{ok, 200, Result2} = request(get, uri(["authorization"]), []), {ok, 200, Result2} = request(get, uri(["authorization"]), []),
?assertEqual(3, length(get_rules(Result2))), ?assertEqual(20, length(get_rules(Result2))),
lists:foreach(fun(Page) ->
Query = "?page=" ++ integer_to_list(Page) ++ "&&limit=10",
Url = uri(["authorization" ++ Query]),
{ok, 200, Result} = request(get, Url, []),
?assertEqual(10, length(get_rules(Result)))
end, lists:seq(1, 2)),
{ok, 204, _} = request(put, uri(["authorization"]), {ok, 204, _} = request(put, uri(["authorization"]),
[ #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]} [ #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
, #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]} , #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
, #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]} , #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
, #{<<"action">> => <<"all">>, <<"permission">> => <<"allow">>, <<"principal">> => <<"all">>, <<"topics">> => [<<"#">>]}
]), ]),
{ok, 200, Result3} = request(get, uri(["authorization"]), []), {ok, 200, Result3} = request(get, uri(["authorization"]), []),
Rules = get_rules(Result3), Rules = get_rules(Result3),
?assertEqual(4, length(Rules)), ?assertEqual(3, length(Rules)),
lists:foreach(fun(#{<<"permission">> := Allow}) -> lists:foreach(fun(#{<<"permission">> := Allow}) ->
?assertEqual(<<"allow">>, Allow) ?assertEqual(<<"allow">>, Allow)