yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(telemetry): move authn/authz info fns to their own apps

This commit is contained in:
Thales Macedo Garitezi 2022-03-30 13:31:36 -03:00
parent b07b705621
commit c0d2243e72
No known key found for this signature in database
GPG Key ID: DD279F8152A9B6DD
5 changed files with 58 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/emqx_authn/include/emqx_authn.hrl
View File

@ -34,6 +34,8 @@
-define(CONF_NS_ATOM, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_ATOM). -define(CONF_NS_ATOM, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_ATOM).
-define(CONF_NS_BINARY, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_BINARY). -define(CONF_NS_BINARY, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_BINARY).
-type authenticator_id() :: binary().
-endif. -endif.
-define(RESOURCE_GROUP, <<"emqx_authn">>). -define(RESOURCE_GROUP, <<"emqx_authn">>).

38
apps/emqx_authn/src/emqx_authn.erl
View File

@ -20,7 +20,9 @@
providers/0, providers/0,
check_config/1, check_config/1,
check_config/2, check_config/2,
check_configs/1 check_configs/1,
%% for telemetry information
get_enabled_authns/0
]). ]).
-include("emqx_authn.hrl"). -include("emqx_authn.hrl").
@ -77,3 +79,37 @@ atom(Bin) ->
_:_ -> _:_ ->
throw({unknown_auth_provider, Bin}) throw({unknown_auth_provider, Bin})
end. end.
-spec get_enabled_authns() ->
#{
authenticators => [authenticator_id()],
overridden_listeners => #{authenticator_id() => pos_integer()}
}.
get_enabled_authns() ->
%% at the moment of writing, `emqx_authentication:list_chains/0'
%% result is always wrapped in `{ok, _}', and it cannot return any
%% error values.
{ok, Chains} = emqx_authentication:list_chains(),
AuthnTypes = lists:usort([
Type
|| #{authenticators := As} <- Chains,
#{id := Type} <- As
]),
OverriddenListeners =
lists:foldl(
fun
(#{name := ?GLOBAL}, Acc) ->
Acc;
(#{authenticators := As}, Acc) ->
lists:foldl(fun tally_authenticators/2, Acc, As)
end,
#{},
Chains
),
#{
authenticators => AuthnTypes,
overridden_listeners => OverriddenListeners
}.
tally_authenticators(#{id := AuthenticatorName}, Acc) ->
maps:update_with(AuthenticatorName, fun(N) -> N + 1 end, 1, Acc).

7
apps/emqx_authz/src/emqx_authz.erl
View File

@ -33,7 +33,9 @@
lookup/1, lookup/1,
move/2, move/2,
update/2, update/2,
authorize/5 authorize/5,
%% for telemetry information
get_enabled_authzs/0
]). ]).
-export([post_config_update/5, pre_config_update/3]). -export([post_config_update/5, pre_config_update/3]).
@ -336,6 +338,9 @@ do_authorize(
Matched -> {Matched, Type} Matched -> {Matched, Type}
end. end.
get_enabled_authzs() ->
lists:usort([Type || #{type := Type} <- lookup()]).
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
%% Internal function %% Internal function
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------

9
apps/emqx_authz/test/emqx_authz_SUITE.erl
View File

@ -57,7 +57,7 @@ end_per_suite(_Config) ->
} }
), ),
ok = stop_apps([emqx_resource]), ok = stop_apps([emqx_resource]),
emqx_common_test_helpers:stop_apps([emqx_authz, emqx_conf]), emqx_common_test_helpers:stop_apps([emqx_connector, emqx_authz, emqx_conf]),
meck:unload(emqx_resource), meck:unload(emqx_resource),
ok. ok.
@ -279,5 +279,12 @@ t_move_source(_) ->
ok. ok.
t_get_enabled_authzs_none_enabled(_Config) ->
?assertEqual([], emqx_authz:get_enabled_authzs()).
t_get_enabled_authzs_some_enabled(_Config) ->
{ok, _} = emqx_authz:update(?CMD_REPLACE, [?SOURCE4]),
?assertEqual([postgresql], emqx_authz:get_enabled_authzs()).
stop_apps(Apps) -> stop_apps(Apps) ->
lists:foreach(fun application:stop/1, Apps). lists:foreach(fun application:stop/1, Apps).

28
apps/emqx_modules/src/emqx_telemetry.erl
View File

@ -454,35 +454,17 @@ advanced_mqtt_features() ->
maps:map(fun(_K, V) -> bool2int(V) end, AdvancedFeatures). maps:map(fun(_K, V) -> bool2int(V) end, AdvancedFeatures).
get_authn_authz_info() -> get_authn_authz_info() ->
%% at the moment of writing, `emqx_authentication:list_chains/0' #{
%% result is always wrapped in `{ok, _}', and it cannot return any authenticators := AuthnTypes,
%% error values. overridden_listeners := OverriddenListeners
{ok, Chains} = emqx_authentication:list_chains(), } = emqx_authn:get_enabled_authns(),
AuthnTypes = lists:usort([ AuthzTypes = emqx_authz:get_enabled_authzs(),
Type
|| #{authenticators := As} <- Chains,
#{id := Type} <- As
]),
OverriddenListeners = lists:foldl(
fun
(#{name := 'mqtt:global'}, Acc) ->
Acc;
(#{authenticators := As}, Acc) ->
lists:foldl(fun tally_authenticators/2, Acc, As)
end,
#{},
Chains
),
AuthzTypes = lists:usort([Type || #{type := Type} <- emqx_authz:lookup()]),
#{ #{
authn => AuthnTypes, authn => AuthnTypes,
authn_listener => OverriddenListeners, authn_listener => OverriddenListeners,
authz => AuthzTypes authz => AuthzTypes
}. }.
tally_authenticators(#{id := AuthenticatorName}, Acc) ->
maps:update_with(AuthenticatorName, fun(N) -> N + 1 end, 1, Acc).
bin(L) when is_list(L) -> bin(L) when is_list(L) ->
list_to_binary(L); list_to_binary(L);
bin(A) when is_atom(A) -> bin(A) when is_atom(A) ->