diff --git a/apps/emqx/src/emqx_authentication.erl b/apps/emqx/src/emqx_authentication.erl index 5a219d043..35f4139c4 100644 --- a/apps/emqx/src/emqx_authentication.erl +++ b/apps/emqx/src/emqx_authentication.erl @@ -550,11 +550,12 @@ handle_update_authenticator(Chain, AuthenticatorID, Config) -> #authenticator{provider = Provider, state = ST} = Authenticator -> case AuthenticatorID =:= authenticator_id(Config) of true -> - case Provider:update(Config, ST) of + NConfig = insert_user_group(Chain, Config), + case Provider:update(NConfig, ST) of {ok, NewST} -> NewAuthenticator = Authenticator#authenticator{ state = NewST, - enable = maps:get(enable, Config) + enable = maps:get(enable, NConfig) }, NewAuthenticators = replace_authenticator( AuthenticatorID, @@ -603,7 +604,8 @@ handle_create_authenticator(Chain, Config, Providers) -> true -> {error, {already_exists, {authenticator, AuthenticatorID}}}; false -> - case do_create_authenticator(AuthenticatorID, Config, Providers) of + NConfig = insert_user_group(Chain, Config), + case do_create_authenticator(AuthenticatorID, NConfig, Providers) of {ok, Authenticator} -> NAuthenticators = Authenticators ++ @@ -861,6 +863,17 @@ authn_type(#{mechanism := Mechanism, backend := Backend}) -> authn_type(#{mechanism := Mechanism}) -> Mechanism. +insert_user_group( + Chain, + Config = #{ + mechanism := password_based, + backend := built_in_database + } +) -> + Config#{user_group => Chain#chain.name}; +insert_user_group(_Chain, Config) -> + Config. + to_list(undefined) -> []; to_list(M) when M =:= #{} -> []; to_list(M) when is_map(M) -> [M]; diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl index ef9d154d1..88a7aca77 100644 --- a/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl +++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl @@ -128,23 +128,26 @@ user_id_type(_) -> undefined. refs() -> [hoconsc:ref(?MODULE, ?CONF_NS)]. +create(_AuthenticatorID, Config) -> + create(Config). + create( - AuthenticatorID, #{ user_id_type := Type, - password_hash_algorithm := Algorithm + password_hash_algorithm := Algorithm, + user_group := UserGroup } ) -> ok = emqx_authn_password_hashing:init(Algorithm), State = #{ - user_group => AuthenticatorID, + user_group => UserGroup, user_id_type => Type, password_hash_algorithm => Algorithm }, {ok, State}. -update(Config, #{user_group := ID}) -> - create(ID, Config). +update(Config, _State) -> + create(Config). authenticate(#{auth_method := _}, _) -> ignore; diff --git a/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl index 0c3f1a9e8..4d26b8878 100644 --- a/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl +++ b/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl @@ -96,9 +96,9 @@ t_update(_) -> t_destroy(_) -> Config = config(), - OtherId = list_to_binary([?AUTHN_ID, <<"-other">>]), + OtherConfig = Config#{user_group => <<"stomp:global">>}, {ok, State0} = emqx_authn_mnesia:create(?AUTHN_ID, Config), - {ok, StateOther} = emqx_authn_mnesia:create(OtherId, Config), + {ok, StateOther} = emqx_authn_mnesia:create(?AUTHN_ID, OtherConfig), User = #{user_id => <<"u">>, password => <<"p">>}, @@ -282,5 +282,6 @@ config() -> password_hash_algorithm => #{ name => bcrypt, salt_rounds => 8 - } + }, + user_group => <<"global:mqtt">> }. diff --git a/apps/emqx_management/test/emqx_mgmt_cli_SUITE.erl b/apps/emqx_management/test/emqx_mgmt_cli_SUITE.erl index 82091b00b..4445dba94 100644 --- a/apps/emqx_management/test/emqx_mgmt_cli_SUITE.erl +++ b/apps/emqx_management/test/emqx_mgmt_cli_SUITE.erl @@ -36,13 +36,23 @@ end_per_suite(_) -> set_special_configs(emqx_dashboard) -> Config = #{ - default_username => <<"admin">>, - default_password => <<"public">>, - listeners => [#{ - protocol => http, - port => 18083 - }] - }, + default_username => <<"admin">>, + default_password => <<"public">>, + listeners => + #{ + http => + #{ + backlog => 512, + bind => 18083, + enable => true, + inet6 => false, + ipv6_v6only => false, + max_connections => 512, + num_acceptors => 4, + send_timeout => 5000 + } + } + }, emqx_config:put([dashboard], Config), ok; set_special_configs(_App) -> @@ -52,7 +62,6 @@ t_status(_Config) -> emqx_ctl:run_command([]), emqx_ctl:run_command(["status"]), ok. - %% -------------------------------------------------------------------------------------------------------------- t_broker(_Config) -> %% broker # Show broker version, uptime and description @@ -62,7 +71,6 @@ t_broker(_Config) -> %% broker metrics # Show broker metrics emqx_ctl:run_command(["broker", "metrics"]), ok. - %% -------------------------------------------------------------------------------------------------------------- t_cluster(_Config) -> %% cluster join # Join the cluster @@ -71,7 +79,6 @@ t_cluster(_Config) -> %% cluster status # Cluster status emqx_ctl:run_command(["cluster", "status"]), ok. - %% -------------------------------------------------------------------------------------------------------------- t_clients(_Config) -> %% clients list # List all clients @@ -79,14 +86,12 @@ t_clients(_Config) -> %% clients show # Show a client %% clients kick # Kick out a client ok. - %% -------------------------------------------------------------------------------------------------------------- t_routes(_Config) -> %% routes list # List all routes emqx_ctl:run_command(["routes", "list"]), %% routes show # Show a route ok. - %% -------------------------------------------------------------------------------------------------------------- t_subscriptions(_Config) -> %% subscriptions list # List all subscriptions @@ -95,7 +100,6 @@ t_subscriptions(_Config) -> %% subscriptions add # Add a static subscription manually %% subscriptions del # Delete a static subscription manually ok. - %% -------------------------------------------------------------------------------------------------------------- t_plugins(_Config) -> %% plugins [Name-Vsn] # e.g. 'start emqx_plugin_template-5.0-rc.1' @@ -118,7 +122,6 @@ t_plugins(_Config) -> %% # e.g. plugins disable foo-0.1.0 front %% # plugins enable bar-0.2.0 before foo-0.1.0 ok. - %% -------------------------------------------------------------------------------------------------------------- t_vm(_Config) -> %% vm all # Show info of Erlang VM @@ -134,13 +137,11 @@ t_vm(_Config) -> %% vm ports # Show Ports of Erlang VM emqx_ctl:run_command(["vm", "ports"]), ok. - %% -------------------------------------------------------------------------------------------------------------- t_mnesia(_Config) -> %% mnesia # Mnesia system info emqx_ctl:run_command(["mnesia"]), ok. - %% -------------------------------------------------------------------------------------------------------------- t_log(_Config) -> %% log set-level # Set the overall log level @@ -153,7 +154,6 @@ t_log(_Config) -> %% log handlers stop # Stop a log handler %% log handlers set-level # Set log level of a log handler ok. - %% -------------------------------------------------------------------------------------------------------------- t_trace(_Config) -> %% trace list # List all traces started on local node @@ -165,7 +165,6 @@ t_trace(_Config) -> %% trace start ip_address [] # Traces for a client ip on local node %% trace stop ip_addresss # Stop tracing for a client ip on local node ok. - %% -------------------------------------------------------------------------------------------------------------- t_traces(_Config) -> %% traces list # List all cluster traces started @@ -176,7 +175,6 @@ t_traces(_Config) -> %% traces stop # Stop trace in cluster %% traces delete # Delete trace in cluster ok. - %% -------------------------------------------------------------------------------------------------------------- t_listeners(_Config) -> %% listeners # List listeners @@ -185,7 +183,6 @@ t_listeners(_Config) -> %% listeners start # Start a listener %% listeners restart # Restart a listener ok. - %% -------------------------------------------------------------------------------------------------------------- t_authz(_Config) -> %% authz cache-clean all # Clears authorization cache on all nodes @@ -193,7 +190,6 @@ t_authz(_Config) -> %% authz cache-clean node # Clears authorization cache on given node %% authz cache-clean # Clears authorization cache for given client ok. - %% -------------------------------------------------------------------------------------------------------------- t_olp(_Config) -> %% olp status # Return OLP status if system is overloaded @@ -201,7 +197,6 @@ t_olp(_Config) -> %% olp enable # Enable overload protection %% olp disable # Disable overload protection ok. - %% -------------------------------------------------------------------------------------------------------------- t_admin(_Config) -> %% admins add # Add dashboard user