yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(authn-authz-api): fix authn/authz test cases fail

This commit is contained in:
Turtle 2021-08-24 17:35:38 +08:00 committed by turtleDeng
parent e0c05242a7
commit bc325e55fc
10 changed files with 65 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
apps/emqx_authn/src/emqx_authn_api.erl
View File

@ -21,13 +21,13 @@
-include("emqx_authn.hrl").
-export([ api_spec/0
, authentication/3
, authenticators/3
, authenticators2/3
, move/3
, import_users/3
, users/3
, users2/3
, authentication/2
, authenticators/2
, authenticators2/2
, move/2
, import_users/2
, users/2
, users2/2
]).
-define(EXAMPLE_1, #{name => <<"example 1">>,
@ -1289,22 +1289,19 @@ definitions() ->
, #{<<"error">> => ErrorDef}
].
authentication(post, _Params, Request) ->
{ok, Body, _} = cowboy_req:read_body(Request),
case emqx_json:decode(Body, [return_maps]) of
authentication(post, #{body := Config}) ->
case Config of
#{<<"enable">> := Enable} ->
{ok, _} = emqx_authn:update_config([authentication, enable], {enable, Enable}),
{204};
_ ->
serialize_error({missing_parameter, enable})
end;
authentication(get, _Params, _Request) ->
authentication(get, _Params) ->
Enabled = emqx_authn:is_enabled(),
{200, #{enabled => Enabled}}.
authenticators(post, _Params, Request) ->
{ok, Body, _} = cowboy_req:read_body(Request),
Config = emqx_json:decode(Body, [return_maps]),
authenticators(post, #{body := Config}) ->
case emqx_authn:update_config([authentication, authenticators], {create_authenticator, Config}) of
{ok, #{post_config_update := #{emqx_authn := #{id := ID, name := Name}},
raw_config := RawConfig}} ->
@ -1313,7 +1310,7 @@ authenticators(post, _Params, Request) ->
{error, {_, _, Reason}} ->
serialize_error(Reason)
end;
authenticators(get, _Params, _Request) ->
authenticators(get, _Params) ->
RawConfig = get_raw_config([authentication, authenticators]),
{ok, Authenticators} = emqx_authn:list_authenticators(?CHAIN),
NAuthenticators = lists:zipwith(fun(#{<<"name">> := Name} = Config, #{id := ID, name := Name}) ->
@ -1321,8 +1318,7 @@ authenticators(get, _Params, _Request) ->
end, RawConfig, Authenticators),
{200, NAuthenticators}.
authenticators2(get, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
authenticators2(get, #{bindings := #{id := AuthenticatorID}}) ->
case emqx_authn:lookup_authenticator(?CHAIN, AuthenticatorID) of
{ok, #{id := ID, name := Name}} ->
RawConfig = get_raw_config([authentication, authenticators]),
@ -1331,10 +1327,7 @@ authenticators2(get, _Params, Request) ->
{error, Reason} ->
serialize_error(Reason)
end;
authenticators2(put, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
Config = emqx_json:decode(Body, [return_maps]),
authenticators2(put, #{bindings := #{id := AuthenticatorID}, body := Config}) ->
case emqx_authn:update_config([authentication, authenticators],
{update_or_create_authenticator, AuthenticatorID, Config}) of
{ok, #{post_config_update := #{emqx_authn := #{id := ID, name := Name}},
@ -1344,8 +1337,7 @@ authenticators2(put, _Params, Request) ->
{error, {_, _, Reason}} ->
serialize_error(Reason)
end;
authenticators2(delete, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
authenticators2(delete, #{bindings := #{id := AuthenticatorID}}) ->
case emqx_authn:update_config([authentication, authenticators], {delete_authenticator, AuthenticatorID}) of
{ok, _} ->
{204};
@ -1353,10 +1345,8 @@ authenticators2(delete, _Params, Request) ->
serialize_error(Reason)
end.
move(post, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
case emqx_json:decode(Body, [return_maps]) of
move(post, #{bindings := #{id := AuthenticatorID}, body := Body}) ->
case Body of
#{<<"position">> := Position} ->
case emqx_authn:update_config([authentication, authenticators], {move_authenticator, AuthenticatorID, Position}) of
{ok, _} -> {204};
@ -1366,10 +1356,8 @@ move(post, _Params, Request) ->
serialize_error({missing_parameter, position})
end.
import_users(post, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
case emqx_json:decode(Body, [return_maps]) of
import_users(post, #{bindings := #{id := AuthenticatorID}, body := Body}) ->
case Body of
#{<<"filename">> := Filename} ->
case emqx_authn:import_users(?CHAIN, AuthenticatorID, Filename) of
ok -> {204};
@ -1379,12 +1367,9 @@ import_users(post, _Params, Request) ->
serialize_error({missing_parameter, filename})
end.
users(post, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
case emqx_json:decode(Body, [return_maps]) of
#{ <<"user_id">> := UserID
, <<"password">> := Password} = UserInfo ->
users(post, #{bindings := #{id := AuthenticatorID}, body := UserInfo}) ->
case UserInfo of
#{ <<"user_id">> := UserID, <<"password">> := Password} ->
Superuser = maps:get(<<"superuser">>, UserInfo, false),
case emqx_authn:add_user(?CHAIN, AuthenticatorID, #{ user_id => UserID
, password => Password
@ -1399,8 +1384,7 @@ users(post, _Params, Request) ->
_ ->
serialize_error({missing_parameter, user_id})
end;
users(get, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
users(get, #{bindings := #{id := AuthenticatorID}}) ->
case emqx_authn:list_users(?CHAIN, AuthenticatorID) of
{ok, Users} ->
{200, Users};
@ -1408,11 +1392,9 @@ users(get, _Params, Request) ->
serialize_error(Reason)
end.
users2(patch, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
UserID = cowboy_req:binding(user_id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
UserInfo = emqx_json:decode(Body, [return_maps]),
users2(patch, #{bindings := #{id := AuthenticatorID,
user_id := UserID},
body := UserInfo}) ->
NUserInfo = maps:with([<<"password">>, <<"superuser">>], UserInfo),
case NUserInfo =:= #{} of
true ->
@ -1425,18 +1407,14 @@ users2(patch, _Params, Request) ->
serialize_error(Reason)
end
end;
users2(get, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
UserID = cowboy_req:binding(user_id, Request),
users2(get, #{bindings := #{id := AuthenticatorID, user_id := UserID}}) ->
case emqx_authn:lookup_user(?CHAIN, AuthenticatorID, UserID) of
{ok, User} ->
{200, User};
{error, Reason} ->
serialize_error(Reason)
end;
users2(delete, _Params, Request) ->
AuthenticatorID = cowboy_req:binding(id, Request),
UserID = cowboy_req:binding(user_id, Request),
users2(delete, #{bindings := #{id := AuthenticatorID, user_id := UserID}}) ->
case emqx_authn:delete_user(?CHAIN, AuthenticatorID, UserID) of
ok ->
{204};

40
apps/emqx_authz/src/emqx_authz_api.erl
View File

@ -40,9 +40,9 @@
topics => [<<"#">>]}).
-export([ api_spec/0
, rules/3
, rule/3
, move_rule/3
, rules/2
, rule/2
, move_rule/2
]).
api_spec() ->
@ -418,7 +418,7 @@ move_rule_api() ->
},
{"/authorization/:id/move", Metadata, move_rule}.
rules(get, _Params, Request) ->
rules(get, #{query_string := Query}) ->
Rules = lists:foldl(fun (#{type := _Type, enable := true, annotations := #{id := Id} = Annotations} = Rule, AccIn) ->
NRule = case emqx_resource:health_check(Id) of
ok ->
@ -430,11 +430,10 @@ rules(get, _Params, Request) ->
(Rule, AccIn) ->
lists:append(AccIn, [Rule])
end, [], emqx_authz:lookup()),
Query = cowboy_req:parse_qs(Request),
case lists:keymember(<<"page">>, 1, Query) andalso lists:keymember(<<"limit">>, 1, Query) of
case maps:is_key(<<"page">>, Query) andalso maps:is_key(<<"limit">>, Query) of
true ->
{<<"page">>, Page} = lists:keyfind(<<"page">>, 1, Query),
{<<"limit">>, Limit} = lists:keyfind(<<"limit">>, 1, Query),
Page = maps:get(<<"page">>, Query),
Limit = maps:get(<<"limit">>, Query),
Index = (binary_to_integer(Page) - 1) * binary_to_integer(Limit),
{_, Rules1} = lists:split(Index, Rules),
case binary_to_integer(Limit) < length(Rules1) of
@ -445,18 +444,14 @@ rules(get, _Params, Request) ->
end;
false -> {200, #{rules => Rules}}
end;
rules(post, _Params, Request) ->
{ok, Body, _} = cowboy_req:read_body(Request),
RawConfig = jsx:decode(Body, [return_maps]),
rules(post, #{body := RawConfig}) ->
case emqx_authz:update(head, [RawConfig]) of
{ok, _} -> {204};
{error, Reason} ->
{400, #{code => <<"BAD_REQUEST">>,
messgae => atom_to_binary(Reason)}}
end;
rules(put, _Params, Request) ->
{ok, Body, _} = cowboy_req:read_body(Request),
RawConfig = jsx:decode(Body, [return_maps]),
rules(put, #{body := RawConfig}) ->
case emqx_authz:update(replace, RawConfig) of
{ok, _} -> {204};
{error, Reason} ->
@ -464,8 +459,7 @@ rules(put, _Params, Request) ->
messgae => atom_to_binary(Reason)}}
end.
rule(get, _Params, Request) ->
Id = cowboy_req:binding(id, Request),
rule(get, #{bindings := #{id := Id}}) ->
case emqx_authz:lookup(Id) of
{error, Reason} -> {404, #{messgae => atom_to_binary(Reason)}};
Rule ->
@ -481,10 +475,7 @@ rule(get, _Params, Request) ->
end
end;
rule(put, _Params, Request) ->
RuleId = cowboy_req:binding(id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
RawConfig = jsx:decode(Body, [return_maps]),
rule(put, #{bindings := #{id := RuleId}, body := RawConfig}) ->
case emqx_authz:update({replace_once, RuleId}, RawConfig) of
{ok, _} -> {204};
{error, not_found_rule} ->
@ -494,18 +485,15 @@ rule(put, _Params, Request) ->
{400, #{code => <<"BAD_REQUEST">>,
messgae => atom_to_binary(Reason)}}
end;
rule(delete, _Params, Request) ->
RuleId = cowboy_req:binding(id, Request),
rule(delete, #{bindings := #{id := RuleId}}) ->
case emqx_authz:update({replace_once, RuleId}, #{}) of
{ok, _} -> {204};
{error, Reason} ->
{400, #{code => <<"BAD_REQUEST">>,
messgae => atom_to_binary(Reason)}}
end.
move_rule(post, _Params, Request) ->
RuleId = cowboy_req:binding(id, Request),
{ok, Body, _} = cowboy_req:read_body(Request),
#{<<"position">> := Position} = jsx:decode(Body, [return_maps]),
move_rule(post, #{bindings := #{id := RuleId}, body := Body}) ->
#{<<"position">> := Position} = Body,
case emqx_authz:move(RuleId, Position) of
{ok, _} -> {204};
{error, not_found_rule} ->

3
apps/emqx_authz/test/emqx_authz_api_SUITE.erl
View File

@ -35,6 +35,8 @@
-define(API_VERSION, "v5").
-define(BASE_PATH, "api").
-define(CONF_DEFAULT, <<"authorization: {rules: []}">>).
-define(RULE1, #{<<"principal">> => <<"all">>,
<<"topics">> => [<<"#">>],
<<"action">> => <<"all">>,
@ -75,6 +77,7 @@ groups() ->
init_per_suite(Config) ->
ekka_mnesia:start(),
emqx_mgmt_auth:mnesia(boot),
ok = emqx_config:init_load(emqx_authz_schema, ?CONF_DEFAULT),
ok = emqx_ct_helpers:start_apps([emqx_management, emqx_authz], fun set_special_configs/1),
{ok, _} = emqx:update_config([zones, default, authorization, cache, enable], false),
{ok, _} = emqx:update_config([zones, default, authorization, enable], true),

2
apps/emqx_authz/test/emqx_authz_http_SUITE.erl
View File

@ -21,6 +21,7 @@
-include("emqx_authz.hrl").
-include_lib("eunit/include/eunit.hrl").
-include_lib("common_test/include/ct.hrl").
-define(CONF_DEFAULT, <<"authorization: {rules: []}">>).
all() ->
emqx_ct:all(?MODULE).
@ -33,6 +34,7 @@ init_per_suite(Config) ->
meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end),
meck:expect(emqx_resource, remove, fun(_) -> ok end ),
ok = emqx_config:init_load(emqx_authz_schema, ?CONF_DEFAULT),
ok = emqx_ct_helpers:start_apps([emqx_authz]),
{ok, _} = emqx:update_config([zones, default, authorization, cache, enable], false),

3
apps/emqx_authz/test/emqx_authz_mongo_SUITE.erl
View File

@ -22,6 +22,8 @@
-include_lib("eunit/include/eunit.hrl").
-include_lib("common_test/include/ct.hrl").
-define(CONF_DEFAULT, <<"authorization: {rules: []}">>).
all() ->
emqx_ct:all(?MODULE).
@ -33,6 +35,7 @@ init_per_suite(Config) ->
meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end),
meck:expect(emqx_resource, remove, fun(_) -> ok end ),
ok = emqx_config:init_load(emqx_authz_schema, ?CONF_DEFAULT),
ok = emqx_ct_helpers:start_apps([emqx_authz]),
{ok, _} = emqx:update_config([zones, default, authorization, cache, enable], false),
{ok, _} = emqx:update_config([zones, default, authorization, enable], true),

3
apps/emqx_authz/test/emqx_authz_mysql_SUITE.erl
View File

@ -22,6 +22,8 @@
-include_lib("eunit/include/eunit.hrl").
-include_lib("common_test/include/ct.hrl").
-define(CONF_DEFAULT, <<"authorization: {rules: []}">>).
all() ->
emqx_ct:all(?MODULE).
@ -33,6 +35,7 @@ init_per_suite(Config) ->
meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end ),
meck:expect(emqx_resource, remove, fun(_) -> ok end ),
ok = emqx_config:init_load(emqx_authz_schema, ?CONF_DEFAULT),
ok = emqx_ct_helpers:start_apps([emqx_authz]),
{ok, _} = emqx:update_config([zones, default, authorization, cache, enable], false),

3
apps/emqx_authz/test/emqx_authz_pgsql_SUITE.erl
View File

@ -22,6 +22,8 @@
-include_lib("eunit/include/eunit.hrl").
-include_lib("common_test/include/ct.hrl").
-define(CONF_DEFAULT, <<"authorization: {rules: []}">>).
all() ->
emqx_ct:all(?MODULE).
@ -33,6 +35,7 @@ init_per_suite(Config) ->
meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end ),
meck:expect(emqx_resource, remove, fun(_) -> ok end ),
ok = emqx_config:init_load(emqx_authz_schema, ?CONF_DEFAULT),
ok = emqx_ct_helpers:start_apps([emqx_authz]),
{ok, _} = emqx:update_config([zones, default, authorization, cache, enable], false),

2
apps/emqx_authz/test/emqx_authz_redis_SUITE.erl
View File

@ -21,6 +21,7 @@
-include("emqx_authz.hrl").
-include_lib("eunit/include/eunit.hrl").
-include_lib("common_test/include/ct.hrl").
-define(CONF_DEFAULT, <<"authorization: {rules: []}">>).
all() ->
emqx_ct:all(?MODULE).
@ -33,6 +34,7 @@ init_per_suite(Config) ->
meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end ),
meck:expect(emqx_resource, remove, fun(_) -> ok end ),
ok = emqx_config:init_load(emqx_authz_schema, ?CONF_DEFAULT),
ok = emqx_ct_helpers:start_apps([emqx_authz]),
{ok, _} = emqx:update_config([zones, default, authorization, cache, enable], false),

6
apps/emqx_management/src/emqx_mgmt_api_listeners.erl
View File

@ -265,11 +265,11 @@ list_listener(Params) ->
format(list_listener_(Params)).
list_listener_(#{node := Node, id := Identifier}) ->
emqx_mgmt:get_listener(Node, Identifier);
emqx_mgmt:get_listener(b2a(Node), b2a(Identifier));
list_listener_(#{id := Identifier}) ->
emqx_mgmt:list_listeners_by_id(Identifier);
emqx_mgmt:list_listeners_by_id(b2a(Identifier));
list_listener_(#{node := Node}) ->
emqx_mgmt:list_listeners(Node);
emqx_mgmt:list_listeners(b2a(Node));
list_listener_(#{}) ->
emqx_mgmt:list_listeners().

8
apps/emqx_management/src/emqx_mgmt_api_nodes.erl
View File

@ -118,13 +118,13 @@ node_stats_api() ->
nodes(get, _Params) ->
list(#{}).
node(get, #{bingings := #{node_name := NodeName}}) ->
node(get, #{bindings := #{node_name := NodeName}}) ->
get_node(binary_to_atom(NodeName, utf8)).
node_metrics(get, #{bingings := #{node_name := NodeName}}) ->
node_metrics(get, #{bindings := #{node_name := NodeName}}) ->
get_metrics(binary_to_atom(NodeName, utf8)).
node_stats(get, #{bingings := #{node_name := NodeName}}) ->
node_stats(get, #{bindings := #{node_name := NodeName}}) ->
get_stats(binary_to_atom(NodeName, utf8)).
%%%==============================================================================================
@ -135,7 +135,7 @@ list(#{}) ->
get_node(Node) ->
case emqx_mgmt:lookup_node(Node) of
#{node_status := 'ERROR'} ->
{error, _} ->
{400, #{code => 'SOURCE_ERROR', message => <<"rpc_failed">>}};
NodeInfo ->
{200, format(Node, NodeInfo)}