fix(rbac): update changes && fix CI errors

This commit is contained in:
firest 2023-10-17 13:44:37 +08:00
parent e095de7367
commit db3915d472
3 changed files with 12 additions and 2 deletions

View File

@ -17,7 +17,6 @@
-module(emqx_common_test_http).
-include_lib("common_test/include/ct.hrl").
-include_lib("emqx_dashboard/include/emqx_dashboard_rbac.hrl").
-export([
request_api/3,
@ -34,6 +33,9 @@
-define(DEFAULT_APP_ID, <<"default_appid">>).
-define(DEFAULT_APP_SECRET, <<"default_app_secret">>).
%% from emqx_dashboard/include/emqx_dashboard_rbac.hrl
-define(ROLE_API_SUPERUSER, <<"api_administrator">>).
request_api(Method, Url, Auth) ->
request_api(Method, Url, [], Auth, []).

View File

@ -212,7 +212,7 @@ listener_name(Protocol) ->
-if(?EMQX_RELEASE_EDITION =/= ee).
%% dialyzer complains about the `unauthorized_role' clause...
-dialyzer({no_match, [authorize/1]}).
-dialyzer({no_match, [authorize/1, api_key_authorize/3]}).
-endif.
authorize(Req) ->

View File

@ -0,0 +1,8 @@
Implemented a preliminary Role-Based Access Control for the REST API.
In this version, there are three predefined roles:
- Administrator: This role could access all resources.
- Viewer: This role can only view resources and data, corresponding to all GET requests in the REST API.
- Publisher: This role is special for MQTT messages publish, it can only access publish-related endpoints.