From e1274e1117e884a426281830767a5ba4898f242d Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 19 Jan 2022 17:58:49 +0800 Subject: [PATCH 1/3] feat(acl): internal acl should support metrics(client.acl.ignore/allow/deny). --- .../src/emqx_mod_acl_internal.erl | 30 ++++++++++++++++--- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl b/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl index 8956229ea..0f999848e 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl @@ -38,12 +38,26 @@ -type(acl_rules() :: #{publish => [emqx_access_rule:rule()], subscribe => [emqx_access_rule:rule()]}). +-record(acl_metrics, { + allow = 'client.acl.allow', + deny = 'client.acl.deny', + ignore = 'client.acl.ignore' + }). + +-define(METRICS(Type), tl(tuple_to_list(#Type{}))). +-define(METRICS(Type, K), #Type{}#Type.K). + +-define(ACL_METRICS, ?METRICS(acl_metrics)). +-define(ACL_METRICS(K), ?METRICS(acl_metrics, K)). + + %%-------------------------------------------------------------------- %% API %%-------------------------------------------------------------------- load(Env) -> Rules = rules_from_file(proplists:get_value(acl_file, Env)), + register_metrics(), emqx_hooks:add('client.check_acl', {?MODULE, check_acl, [Rules]}, -1). unload(_Env) -> @@ -68,9 +82,15 @@ description() -> -> {ok, allow} | {ok, deny} | ok). check_acl(Client, PubSub, Topic, _AclResult, Rules) -> case match(Client, Topic, lookup(PubSub, Rules)) of - {matched, allow} -> {ok, allow}; - {matched, deny} -> {ok, deny}; - nomatch -> ok + {matched, allow} -> + emqx_metrics:inc(?ACL_METRICS(allow)), + {ok, allow}; + {matched, deny} -> + emqx_metrics:inc(?ACL_METRICS(deny)), + {ok, deny}; + nomatch -> + emqx_metrics:inc(?ACL_METRICS(ignore)), + ok end. %%-------------------------------------------------------------------- @@ -107,6 +127,9 @@ rules_from_file(AclFile) -> #{} end. +register_metrics() -> + lists:foreach(fun emqx_metrics:ensure/1, ?ACL_METRICS). + filter(_PubSub, {allow, all}) -> true; filter(_PubSub, {deny, all}) -> @@ -119,4 +142,3 @@ filter(subscribe, {_AllowDeny, _Who, subscribe, _Topics}) -> true; filter(_PubSub, {_AllowDeny, _Who, _, _Topics}) -> false. - From 6378cd1f9a6f8692eb6a188e6478c0c1c46e4024 Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 19 Jan 2022 18:05:51 +0800 Subject: [PATCH 2/3] chore(version): bump emqx_modules to 4.3.4 --- lib-ce/emqx_modules/src/emqx_modules.app.src | 2 +- .../emqx_modules/src/emqx_modules.appup.src | 21 +++++++++++++------ 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/lib-ce/emqx_modules/src/emqx_modules.app.src b/lib-ce/emqx_modules/src/emqx_modules.app.src index bcb05fe31..47a3d8888 100644 --- a/lib-ce/emqx_modules/src/emqx_modules.app.src +++ b/lib-ce/emqx_modules/src/emqx_modules.app.src @@ -1,6 +1,6 @@ {application, emqx_modules, [{description, "EMQ X Module Management"}, - {vsn, "4.3.3"}, + {vsn, "4.3.4"}, {modules, []}, {applications, [kernel,stdlib]}, {mod, {emqx_modules_app, []}}, diff --git a/lib-ce/emqx_modules/src/emqx_modules.appup.src b/lib-ce/emqx_modules/src/emqx_modules.appup.src index f52ba1a61..edcf71345 100644 --- a/lib-ce/emqx_modules/src/emqx_modules.appup.src +++ b/lib-ce/emqx_modules/src/emqx_modules.appup.src @@ -1,32 +1,41 @@ %% -*-: erlang -*- {VSN, [ + {"4.3.3", [ + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} + ]}, {"4.3.2", [ - {load_module, emqx_mod_presence, brutal_purge, soft_purge, []} + {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.1", [ {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, - {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []} + {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []}, + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.0", [ {update, emqx_mod_delayed, {advanced, []}}, {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, - {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []} + {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []}, + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {<<".*">>, []} ], [ {"4.3.2", [ - {load_module, emqx_mod_presence, brutal_purge, soft_purge, []} + {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.1", [ {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, - {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []} + {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []}, + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.0", [ {update, emqx_mod_delayed, {advanced, []}}, {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, - {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []} + {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []}, + {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {<<".*">>, []} ] From 4317845482d46831ff3d3d1682399152b477f6ea Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 19 Jan 2022 19:10:23 +0800 Subject: [PATCH 3/3] fix(test): test case failed by unload --- lib-ce/emqx_modules/src/emqx_modules.appup.src | 4 ++++ lib-ce/emqx_modules/test/emqx_mod_acl_internal_SUITE.erl | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib-ce/emqx_modules/src/emqx_modules.appup.src b/lib-ce/emqx_modules/src/emqx_modules.appup.src index edcf71345..8ea2c5ebe 100644 --- a/lib-ce/emqx_modules/src/emqx_modules.appup.src +++ b/lib-ce/emqx_modules/src/emqx_modules.appup.src @@ -2,21 +2,25 @@ {VSN, [ {"4.3.3", [ + {apply, {emqx_metrics, ensure, [['client.acl.allow', 'client.acl.ignore', 'client.acl.deny']]}}, {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.2", [ {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, + {apply, {emqx_metrics, ensure, [['client.acl.allow', 'client.acl.ignore', 'client.acl.deny']]}}, {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.1", [ {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []}, + {apply, {emqx_metrics, ensure, [['client.acl.allow', 'client.acl.ignore', 'client.acl.deny']]}}, {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {"4.3.0", [ {update, emqx_mod_delayed, {advanced, []}}, {load_module, emqx_mod_presence, brutal_purge, soft_purge, []}, {load_module, emqx_mod_api_topic_metrics, brutal_purge, soft_purge, []}, + {apply, {emqx_metrics, ensure, [['client.acl.allow', 'client.acl.ignore', 'client.acl.deny']]}}, {load_module, emqx_mod_acl_internal, brutal_purge, soft_purge, []} ]}, {<<".*">>, []} diff --git a/lib-ce/emqx_modules/test/emqx_mod_acl_internal_SUITE.erl b/lib-ce/emqx_modules/test/emqx_mod_acl_internal_SUITE.erl index 3edcd31fa..858badc53 100644 --- a/lib-ce/emqx_modules/test/emqx_mod_acl_internal_SUITE.erl +++ b/lib-ce/emqx_modules/test/emqx_mod_acl_internal_SUITE.erl @@ -38,10 +38,12 @@ t_load_unload(_) -> ?assertEqual({error,already_exists}, emqx_mod_acl_internal:load([])). t_check_acl(_) -> + emqx_mod_acl_internal:load([]), Rules=#{publish => [{allow,all}], subscribe => [{deny, all}]}, ?assertEqual({ok, allow}, emqx_mod_acl_internal:check_acl(clientinfo(), publish, <<"t">>, [], Rules)), ?assertEqual({ok, deny}, emqx_mod_acl_internal:check_acl(clientinfo(), subscribe, <<"t">>, [], Rules)), - ?assertEqual(ok, emqx_mod_acl_internal:check_acl(clientinfo(), connect, <<"t">>, [], Rules)). + ?assertEqual(ok, emqx_mod_acl_internal:check_acl(clientinfo(), connect, <<"t">>, [], Rules)), + emqx_mod_acl_internal:unload([]). t_reload_acl(_) -> ?assertEqual(ok, emqx_mod_acl_internal:reload([])).