refactor(authz): prepend and append only allow one source

2022-03-21 19:41:27 +08:00 · 2022-03-21 19:41:27 +08:00 · c2e1c38fdf
parent 843e12ad16
commit c2e1c38fdf
3 changed files with 19 additions and 18 deletions
--- a/apps/emqx_authz/src/emqx_authz.erl
+++ b/apps/emqx_authz/src/emqx_authz.erl
@ -142,12 +142,12 @@ do_pre_config_update({?CMD_MOVE, Type, ?CMD_MOVE_AFTER(After)}, Sources) ->
    {S1, Front1, Rear1} = take(Type, Sources),
    {S2, Front2, Rear2} = take(After, Front1 ++ Rear1),
    Front2 ++ [S2, S1] ++ Rear2;
-do_pre_config_update({?CMD_PREPEND, NewSources}, Sources) ->
-    NSources = NewSources ++ Sources,
+do_pre_config_update({?CMD_PREPEND, NewSource}, Sources) ->
+    NSources = [NewSource] ++ Sources,
    ok = check_dup_types(NSources),
    NSources;
-do_pre_config_update({?CMD_APPEND, NewSources}, Sources) ->
-    NSources = Sources ++ NewSources,
+do_pre_config_update({?CMD_APPEND, NewSource}, Sources) ->
+    NSources = Sources ++ [NewSource],
    ok = check_dup_types(NSources),
    NSources;
 do_pre_config_update({{?CMD_REPLACE, Type}, #{<<"enable">> := Enable} = Source}, Sources)
@ -186,12 +186,12 @@ do_post_config_update({?CMD_MOVE, _Type, _Where} = Cmd, _NewSources) ->
    MovedSources = do_pre_config_update(Cmd, InitedSources),
    ok = emqx_hooks:put('client.authorize', {?MODULE, authorize, [MovedSources]}, -1),
    ok = emqx_authz_cache:drain_cache();
-do_post_config_update({?CMD_PREPEND, Sources}, _NewSources) ->
-    InitedSources = init_sources(check_sources(Sources)),
+do_post_config_update({?CMD_PREPEND, Source}, _NewSources) ->
+    InitedSources = init_sources(check_sources([Source])),
    ok = emqx_hooks:put('client.authorize', {?MODULE, authorize, [InitedSources ++ lookup()]}, -1),
    ok = emqx_authz_cache:drain_cache();
-do_post_config_update({?CMD_APPEND, Sources}, _NewSources) ->
-    InitedSources = init_sources(check_sources(Sources)),
+do_post_config_update({?CMD_APPEND, Source}, _NewSources) ->
+    InitedSources = init_sources(check_sources([Source])),
    emqx_hooks:put('client.authorize', {?MODULE, authorize, [lookup() ++ InitedSources]}, -1),
    ok = emqx_authz_cache:drain_cache();
 do_post_config_update({{?CMD_REPLACE, Type}, Source}, _NewSources) when is_map(Source) ->
--- a/apps/emqx_authz/src/emqx_authz_api_sources.erl
+++ b/apps/emqx_authz/src/emqx_authz_api_sources.erl
@ -95,7 +95,7 @@ schema("/authorization/sources/:type") ->
     , put =>
           #{ description => <<"Update source">>
            , parameters => parameters_field()
-            , 'requestBody' => mk( hoconsc:union(authz_sources_type_refs()))
+            , 'requestBody' => mk(hoconsc:union(authz_sources_type_refs()))
            , responses =>
                  #{ 204 => <<"Authorization source updated successfully">>
                   , 400 => emqx_dashboard_swagger:error_codes([?BAD_REQUEST], <<"Bad Request">>)
@ -170,12 +170,12 @@ sources(get, _) ->
    {200, #{sources => Sources}};
 sources(post, #{body := #{<<"type">> := <<"file">>, <<"rules">> := Rules}}) ->
    {ok, Filename} = write_file(acl_conf_file(), Rules),
-    update_config(?CMD_PREPEND, [#{<<"type">> => <<"file">>,
-                                   <<"enable">> => true, <<"path">> => Filename}]);
+    update_config(?CMD_PREPEND, #{<<"type">> => <<"file">>,
+                                  <<"enable">> => true, <<"path">> => Filename});
 sources(post, #{body := Body}) when is_map(Body) ->
    case maybe_write_certs(Body) of
        Config when is_map(Config) ->
-            update_config(?CMD_PREPEND, [Config]);
+            update_config(?CMD_PREPEND, Config);
        {error, Reason} ->
            {400, #{code => <<"BAD_REQUEST">>,
                    message => bin(Reason)}}
--- a/apps/emqx_authz/test/emqx_authz_SUITE.erl
+++ b/apps/emqx_authz/test/emqx_authz_SUITE.erl
@ -125,12 +125,13 @@ set_special_configs(_App) ->
 %%------------------------------------------------------------------------------

 t_update_source(_) ->
+    %% replace all
    {ok, _} = emqx_authz:update(?CMD_REPLACE, [?SOURCE3]),
-    {ok, _} = emqx_authz:update(?CMD_PREPEND, [?SOURCE2]),
-    {ok, _} = emqx_authz:update(?CMD_PREPEND, [?SOURCE1]),
-    {ok, _} = emqx_authz:update(?CMD_APPEND, [?SOURCE4]),
-    {ok, _} = emqx_authz:update(?CMD_APPEND, [?SOURCE5]),
-    {ok, _} = emqx_authz:update(?CMD_APPEND, [?SOURCE6]),
+    {ok, _} = emqx_authz:update(?CMD_PREPEND, ?SOURCE2),
+    {ok, _} = emqx_authz:update(?CMD_PREPEND, ?SOURCE1),
+    {ok, _} = emqx_authz:update(?CMD_APPEND, ?SOURCE4),
+    {ok, _} = emqx_authz:update(?CMD_APPEND, ?SOURCE5),
+    {ok, _} = emqx_authz:update(?CMD_APPEND, ?SOURCE6),

    ?assertMatch([ #{type := http,  enable := true}
                 , #{type := mongodb, enable := true}
@ -170,7 +171,7 @@ t_delete_source(_) ->
    ?assertMatch([ #{type := http,  enable := true}
                 ], emqx_conf:get([authorization, sources], [])),

-    {ok, _} = emqx_authz:update({?CMD_DELETE, http},  #{}),
+    {ok, _} = emqx_authz:update({?CMD_DELETE, http}, #{}),

    ?assertMatch([], emqx_conf:get([authorization, sources], [])).