Merge pull request #7758 from lafirest/fix/authn_user_search
fix(authn): Add support for query by is_superuser to the mensia backend
This commit is contained in:
commit
a7354401df
|
@ -225,4 +225,12 @@ emqx_authn_api {
|
|||
zh: """模糊用户名"""
|
||||
}
|
||||
}
|
||||
|
||||
is_superuser {
|
||||
desc {
|
||||
en: """Is superuser"""
|
||||
zh: """是否是超级用户"""
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -440,6 +440,12 @@ schema("/authentication/:id/users") ->
|
|||
in => query,
|
||||
desc => ?DESC(like_clientid),
|
||||
required => false
|
||||
})},
|
||||
{is_superuser,
|
||||
mk(boolean(), #{
|
||||
in => query,
|
||||
desc => ?DESC(is_superuser),
|
||||
required => false
|
||||
})}
|
||||
],
|
||||
responses => #{
|
||||
|
@ -478,7 +484,13 @@ schema("/listeners/:listener_id/authentication/:id/users") ->
|
|||
param_listener_id(),
|
||||
param_auth_id(),
|
||||
ref(emqx_dashboard_swagger, page),
|
||||
ref(emqx_dashboard_swagger, limit)
|
||||
ref(emqx_dashboard_swagger, limit),
|
||||
{is_superuser,
|
||||
mk(boolean(), #{
|
||||
in => query,
|
||||
desc => ?DESC(is_superuser),
|
||||
required => false
|
||||
})}
|
||||
],
|
||||
responses => #{
|
||||
200 => emqx_dashboard_swagger:schema_with_example(
|
||||
|
|
|
@ -74,7 +74,8 @@
|
|||
-define(AUTHN_QSCHEMA, [
|
||||
{<<"like_username">>, binary},
|
||||
{<<"like_clientid">>, binary},
|
||||
{<<"user_group">>, binary}
|
||||
{<<"user_group">>, binary},
|
||||
{<<"is_superuser">>, atom}
|
||||
]).
|
||||
-define(QUERY_FUN, {?MODULE, query}).
|
||||
|
||||
|
@ -469,21 +470,26 @@ format_user_info(#user_info{user_id = {_, UserID}, is_superuser = IsSuperuser})
|
|||
#{user_id => UserID, is_superuser => IsSuperuser}.
|
||||
|
||||
ms_from_qstring(QString) ->
|
||||
[Ms] = lists:foldl(
|
||||
fun
|
||||
({user_group, '=:=', UserGroup}, AccIn) ->
|
||||
[group_match_spec(UserGroup) | AccIn];
|
||||
(_, AccIn) ->
|
||||
AccIn
|
||||
end,
|
||||
[],
|
||||
QString
|
||||
),
|
||||
Ms.
|
||||
case lists:keytake(user_group, 1, QString) of
|
||||
{value, {user_group, '=:=', UserGroup}, QString2} ->
|
||||
group_match_spec(UserGroup, QString2);
|
||||
_ ->
|
||||
[]
|
||||
end.
|
||||
|
||||
group_match_spec(UserGroup) ->
|
||||
ets:fun2ms(
|
||||
fun(#user_info{user_id = {Group, _}} = User) when Group =:= UserGroup ->
|
||||
group_match_spec(UserGroup, []).
|
||||
|
||||
group_match_spec(UserGroup, QString) ->
|
||||
case lists:keyfind(is_superuser, 1, QString) of
|
||||
false ->
|
||||
ets:fun2ms(fun(#user_info{user_id = {Group, _}} = User) when Group =:= UserGroup ->
|
||||
User
|
||||
end
|
||||
).
|
||||
end);
|
||||
{is_superuser, '=:=', Value} ->
|
||||
ets:fun2ms(fun(#user_info{user_id = {Group, _}, is_superuser = IsSuper} = User) when
|
||||
Group =:= UserGroup, IsSuper =:= Value
|
||||
->
|
||||
User
|
||||
end)
|
||||
end.
|
||||
|
|
|
@ -356,7 +356,43 @@ test_authenticator_users(PathPrefix) ->
|
|||
?assertEqual(
|
||||
[<<"u1">>, <<"u2">>, <<"u3">>],
|
||||
lists:usort([UserId || #{<<"user_id">> := UserId} <- Page1Users ++ Page2Users])
|
||||
).
|
||||
),
|
||||
|
||||
{ok, 200, Super1Data} = request(get, UsersUri ++ "?page=1&limit=3&is_superuser=true"),
|
||||
|
||||
#{
|
||||
<<"data">> := Super1Users,
|
||||
<<"meta">> :=
|
||||
#{
|
||||
<<"page">> := 1,
|
||||
<<"limit">> := 3,
|
||||
<<"count">> := 1
|
||||
}
|
||||
} = jiffy:decode(Super1Data, [return_maps]),
|
||||
|
||||
?assertEqual(
|
||||
[<<"u2">>],
|
||||
lists:usort([UserId || #{<<"user_id">> := UserId} <- Super1Users])
|
||||
),
|
||||
|
||||
{ok, 200, Super2Data} = request(get, UsersUri ++ "?page=1&limit=3&is_superuser=false"),
|
||||
|
||||
#{
|
||||
<<"data">> := Super2Users,
|
||||
<<"meta">> :=
|
||||
#{
|
||||
<<"page">> := 1,
|
||||
<<"limit">> := 3,
|
||||
<<"count">> := 2
|
||||
}
|
||||
} = jiffy:decode(Super2Data, [return_maps]),
|
||||
|
||||
?assertEqual(
|
||||
[<<"u1">>, <<"u3">>],
|
||||
lists:usort([UserId || #{<<"user_id">> := UserId} <- Super2Users])
|
||||
),
|
||||
|
||||
ok.
|
||||
|
||||
test_authenticator_user(PathPrefix) ->
|
||||
UsersUri = uri(PathPrefix ++ [?CONF_NS, "password_based:built_in_database", "users"]),
|
||||
|
|
Loading…
Reference in New Issue