Merge pull request #7758 from lafirest/fix/authn_user_search
fix(authn): Add support for query by is_superuser to the mensia backend
This commit is contained in:
JianBo He
GitHub
commit
a7354401df
|
|
@ -225,4 +225,12 @@ emqx_authn_api {
|
||||||
zh: """模糊用户名"""
|
zh: """模糊用户名"""
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
is_superuser {
|
||||||
|
desc {
|
||||||
|
en: """Is superuser"""
|
||||||
|
zh: """是否是超级用户"""
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -440,6 +440,12 @@ schema("/authentication/:id/users") ->
|
||||||
in => query,
|
in => query,
|
||||||
desc => ?DESC(like_clientid),
|
desc => ?DESC(like_clientid),
|
||||||
required => false
|
required => false
|
||||||
|
})},
|
||||||
|
{is_superuser,
|
||||||
|
mk(boolean(), #{
|
||||||
|
in => query,
|
||||||
|
desc => ?DESC(is_superuser),
|
||||||
|
required => false
|
||||||
})}
|
})}
|
||||||
],
|
],
|
||||||
responses => #{
|
responses => #{
|
||||||
|
|
@ -478,7 +484,13 @@ schema("/listeners/:listener_id/authentication/:id/users") ->
|
||||||
param_listener_id(),
|
param_listener_id(),
|
||||||
param_auth_id(),
|
param_auth_id(),
|
||||||
ref(emqx_dashboard_swagger, page),
|
ref(emqx_dashboard_swagger, page),
|
||||||
ref(emqx_dashboard_swagger, limit)
|
ref(emqx_dashboard_swagger, limit),
|
||||||
|
{is_superuser,
|
||||||
|
mk(boolean(), #{
|
||||||
|
in => query,
|
||||||
|
desc => ?DESC(is_superuser),
|
||||||
|
required => false
|
||||||
|
})}
|
||||||
],
|
],
|
||||||
responses => #{
|
responses => #{
|
||||||
200 => emqx_dashboard_swagger:schema_with_example(
|
200 => emqx_dashboard_swagger:schema_with_example(
|
||||||
|
|
|
||||||
|
|
@ -74,7 +74,8 @@
|
||||||
-define(AUTHN_QSCHEMA, [
|
-define(AUTHN_QSCHEMA, [
|
||||||
{<<"like_username">>, binary},
|
{<<"like_username">>, binary},
|
||||||
{<<"like_clientid">>, binary},
|
{<<"like_clientid">>, binary},
|
||||||
{<<"user_group">>, binary}
|
{<<"user_group">>, binary},
|
||||||
|
{<<"is_superuser">>, atom}
|
||||||
]).
|
]).
|
||||||
-define(QUERY_FUN, {?MODULE, query}).
|
-define(QUERY_FUN, {?MODULE, query}).
|
||||||
|
|
||||||
|
|
@ -469,21 +470,26 @@ format_user_info(#user_info{user_id = {_, UserID}, is_superuser = IsSuperuser})
|
||||||
#{user_id => UserID, is_superuser => IsSuperuser}.
|
#{user_id => UserID, is_superuser => IsSuperuser}.
|
||||||
|
|
||||||
ms_from_qstring(QString) ->
|
ms_from_qstring(QString) ->
|
||||||
[Ms] = lists:foldl(
|
case lists:keytake(user_group, 1, QString) of
|
||||||
fun
|
{value, {user_group, '=:=', UserGroup}, QString2} ->
|
||||||
({user_group, '=:=', UserGroup}, AccIn) ->
|
group_match_spec(UserGroup, QString2);
|
||||||
[group_match_spec(UserGroup) | AccIn];
|
_ ->
|
||||||
(_, AccIn) ->
|
[]
|
||||||
AccIn
|
end.
|
||||||
end,
|
|
||||||
[],
|
|
||||||
QString
|
|
||||||
),
|
|
||||||
Ms.
|
|
||||||
|
|
||||||
group_match_spec(UserGroup) ->
|
group_match_spec(UserGroup) ->
|
||||||
ets:fun2ms(
|
group_match_spec(UserGroup, []).
|
||||||
fun(#user_info{user_id = {Group, _}} = User) when Group =:= UserGroup ->
|
|
||||||
|
group_match_spec(UserGroup, QString) ->
|
||||||
|
case lists:keyfind(is_superuser, 1, QString) of
|
||||||
|
false ->
|
||||||
|
ets:fun2ms(fun(#user_info{user_id = {Group, _}} = User) when Group =:= UserGroup ->
|
||||||
User
|
User
|
||||||
end
|
end);
|
||||||
).
|
{is_superuser, '=:=', Value} ->
|
||||||
|
ets:fun2ms(fun(#user_info{user_id = {Group, _}, is_superuser = IsSuper} = User) when
|
||||||
|
Group =:= UserGroup, IsSuper =:= Value
|
||||||
|
->
|
||||||
|
User
|
||||||
|
end)
|
||||||
|
end.
|
||||||
|
|
|
||||||
|
|
@ -356,7 +356,43 @@ test_authenticator_users(PathPrefix) ->
|
||||||
?assertEqual(
|
?assertEqual(
|
||||||
[<<"u1">>, <<"u2">>, <<"u3">>],
|
[<<"u1">>, <<"u2">>, <<"u3">>],
|
||||||
lists:usort([UserId || #{<<"user_id">> := UserId} <- Page1Users ++ Page2Users])
|
lists:usort([UserId || #{<<"user_id">> := UserId} <- Page1Users ++ Page2Users])
|
||||||
).
|
),
|
||||||
|
|
||||||
|
{ok, 200, Super1Data} = request(get, UsersUri ++ "?page=1&limit=3&is_superuser=true"),
|
||||||
|
|
||||||
|
#{
|
||||||
|
<<"data">> := Super1Users,
|
||||||
|
<<"meta">> :=
|
||||||
|
#{
|
||||||
|
<<"page">> := 1,
|
||||||
|
<<"limit">> := 3,
|
||||||
|
<<"count">> := 1
|
||||||
|
}
|
||||||
|
} = jiffy:decode(Super1Data, [return_maps]),
|
||||||
|
|
||||||
|
?assertEqual(
|
||||||
|
[<<"u2">>],
|
||||||
|
lists:usort([UserId || #{<<"user_id">> := UserId} <- Super1Users])
|
||||||
|
),
|
||||||
|
|
||||||
|
{ok, 200, Super2Data} = request(get, UsersUri ++ "?page=1&limit=3&is_superuser=false"),
|
||||||
|
|
||||||
|
#{
|
||||||
|
<<"data">> := Super2Users,
|
||||||
|
<<"meta">> :=
|
||||||
|
#{
|
||||||
|
<<"page">> := 1,
|
||||||
|
<<"limit">> := 3,
|
||||||
|
<<"count">> := 2
|
||||||
|
}
|
||||||
|
} = jiffy:decode(Super2Data, [return_maps]),
|
||||||
|
|
||||||
|
?assertEqual(
|
||||||
|
[<<"u1">>, <<"u3">>],
|
||||||
|
lists:usort([UserId || #{<<"user_id">> := UserId} <- Super2Users])
|
||||||
|
),
|
||||||
|
|
||||||
|
ok.
|
||||||
|
|
||||||
test_authenticator_user(PathPrefix) ->
|
test_authenticator_user(PathPrefix) ->
|
||||||
UsersUri = uri(PathPrefix ++ [?CONF_NS, "password_based:built_in_database", "users"]),
|
UsersUri = uri(PathPrefix ++ [?CONF_NS, "password_based:built_in_database", "users"]),
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue