yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add authz skipped trace

This commit is contained in:
JimMoen 2024-07-29 17:24:01 +08:00
parent 2d6b2bff8e
commit d7cac74bed
No known key found for this signature in database
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/emqx_auth/src/emqx_authz/emqx_authz.erl
View File

@ -477,9 +477,14 @@ authorize_deny(
sources() sources()
) -> ) ->
authz_result(). authz_result().
authorize(Client, PubSub, Topic, _DefaultResult, Sources) -> authorize(#{username := Username} = Client, PubSub, Topic, _DefaultResult, Sources) ->
case maps:get(is_superuser, Client, false) of case maps:get(is_superuser, Client, false) of
true -> true ->
?TRACE("AUTHZ", "authorization_skipped_as_superuser", #{
username => Username,
topic => Topic,
action => emqx_access_control:format_action(PubSub)
}),
emqx_metrics:inc(?METRIC_SUPERUSER), emqx_metrics:inc(?METRIC_SUPERUSER),
{stop, #{result => allow, from => superuser}}; {stop, #{result => allow, from => superuser}};
false -> false ->

1
changes/ce/feat-13534.en.md Normal file
View File

@ -0,0 +1 @@
Add trace logging when superuser skipped authz check.