diff --git a/apps/emqx_management/src/emqx_mgmt.erl b/apps/emqx_management/src/emqx_mgmt.erl index fb4ca47ed..1f3c58f35 100644 --- a/apps/emqx_management/src/emqx_mgmt.erl +++ b/apps/emqx_management/src/emqx_mgmt.erl @@ -43,8 +43,10 @@ , lookup_client/3 , kickout_client/1 , list_acl_cache/1 + , clean_acl_cache/0 , clean_acl_cache/1 , clean_acl_cache/2 + , clean_acl_cache_all/1 , set_ratelimit_policy/2 , set_quota_policy/2 ]). @@ -231,6 +233,13 @@ kickout_client(Node, ClientId) -> list_acl_cache(ClientId) -> call_client(ClientId, list_acl_cache). +clean_acl_cache() -> + Results = [clean_acl_cache_all(Node) || Node <- ekka_mnesia:running_nodes()], + case lists:any(fun(Item) -> Item =:= ok end, Results) of + true -> ok; + false -> lists:last(Results) + end. + clean_acl_cache(ClientId) -> Results = [clean_acl_cache(Node, ClientId) || Node <- ekka_mnesia:running_nodes()], case lists:any(fun(Item) -> Item =:= ok end, Results) of @@ -249,6 +258,13 @@ clean_acl_cache(Node, ClientId) when Node =:= node() -> clean_acl_cache(Node, ClientId) -> rpc_call(Node, clean_acl_cache, [Node, ClientId]). +clean_acl_cache_all(Node) when Node =:= node() -> + _ = emqx_acl_cache:drain_cache(), + ok; + +clean_acl_cache_all(Node) -> + rpc_call(Node, clean_acl_cache, []). + set_ratelimit_policy(ClientId, Policy) -> call_client(ClientId, {ratelimit, Policy}). diff --git a/apps/emqx_management/src/emqx_mgmt_api_acl.erl b/apps/emqx_management/src/emqx_mgmt_api_acl.erl new file mode 100644 index 000000000..02b3a2910 --- /dev/null +++ b/apps/emqx_management/src/emqx_mgmt_api_acl.erl @@ -0,0 +1,50 @@ +%%-------------------------------------------------------------------- +%% Copyright (c) 2021 EMQ Technologies Co., Ltd. All Rights Reserved. +%% +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%% http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License. +%%-------------------------------------------------------------------- + +-module(emqx_mgmt_api_acl). + +-include("emqx_mgmt.hrl"). + +-import(minirest, [ return/0 + , return/1 + ]). +-rest_api(#{name => clean_acl_cache_all, + method => 'DELETE', + path => "/acl-cache/", + func => clean_all, + descr => "Clean acl cache on all nodes"}). + +-rest_api(#{name => clean_acl_cache_node, + method => 'DELETE', + path => "/:atom:node/acl-cache", + func => clean_node, + descr => "Clean acl cache on specific node"}). + +-export([ clean_all/2 + , clean_node/2 + ]). + +clean_all(_Bindings, _Params) -> + case emqx_mgmt:clean_acl_cache() of + ok -> return(); + {error, Reason} -> return({error, ?ERROR1, Reason}) + end. + +clean_node(#{node := Node}, _Params) -> + case emqx_mgmt:clean_acl_cache(Node) of + ok -> return(); + {error, Reason} -> return({error, ?ERROR1, Reason}) + end. diff --git a/apps/emqx_management/src/emqx_mgmt_cli.erl b/apps/emqx_management/src/emqx_mgmt_cli.erl index 6cf69209d..a4e3dae6d 100644 --- a/apps/emqx_management/src/emqx_mgmt_cli.erl +++ b/apps/emqx_management/src/emqx_mgmt_cli.erl @@ -39,6 +39,7 @@ , log/1 , mgmt/1 , data/1 + , acl/1 ]). -define(PROC_INFOKEYS, [status, @@ -576,6 +577,23 @@ data(_) -> emqx_ctl:usage([{"data import ", "Import data from the specified file"}, {"data export", "Export data"}]). +%%-------------------------------------------------------------------- +%% @doc acl Command + +acl(["cache-clean", "node", SNode]) -> + emqx_mgmt:clean_acl_cache_all(ekka_node:parse_name(SNode)); + +acl(["cache-clean", "all"]) -> + emqx_mgmt:clean_acl_cache(); + +acl(["cache-clean", ClientId]) -> + emqx_mgmt:clean_acl_cache(ClientId); + +acl(_) -> + emqx_ctl:usage([{"cache-clean all", "Clears acl cache on all nodes"}, + {"cache-clean node ", "Clears acl cache on given node"}, + {"cache-clean ", "Clears acl cache for given client"}]). + %%-------------------------------------------------------------------- %% Dump ETS %%--------------------------------------------------------------------