diff --git a/apps/emqx/include/emqx_authentication.hrl b/apps/emqx/include/emqx_authentication.hrl index 5f0959094..4729225cf 100644 --- a/apps/emqx/include/emqx_authentication.hrl +++ b/apps/emqx/include/emqx_authentication.hrl @@ -28,4 +28,10 @@ %% and emqx_conf_schema for an examples -define(EMQX_AUTHENTICATION_SCHEMA_MODULE_PT_KEY, emqx_authentication_schema_module). +%% authentication move cmd +-define(CMD_MOVE_TOP, top). +-define(CMD_MOVE_BOTTOM, bottom). +-define(CMD_MOVE_BEFORE(Before), {before, Before}). +-define(CMD_MOVE_AFTER(After), {'after', After}). + -endif. diff --git a/apps/emqx/src/emqx_authentication.erl b/apps/emqx/src/emqx_authentication.erl index 8312b312f..bb191e0a2 100644 --- a/apps/emqx/src/emqx_authentication.erl +++ b/apps/emqx/src/emqx_authentication.erl @@ -100,7 +100,7 @@ -type chain_name() :: atom(). -type authenticator_id() :: binary(). --type position() :: top | bottom | {before, authenticator_id()}. +-type position() :: top | bottom | {before, authenticator_id()} | {'after', authenticator_id()}. -type authn_type() :: atom() | {atom(), atom()}. -type provider() :: module(). @@ -695,21 +695,29 @@ do_move_authenticator(ID, Authenticators, Position) -> {error, {not_found, {authenticator, ID}}}; {value, Authenticator, NAuthenticators} -> case Position of - top -> + ?CMD_MOVE_TOP -> {ok, [Authenticator | NAuthenticators]}; - bottom -> + ?CMD_MOVE_BOTTOM -> {ok, NAuthenticators ++ [Authenticator]}; - {before, ID0} -> - insert(Authenticator, NAuthenticators, ID0, []) + ?CMD_MOVE_BEFORE(RelatedID) -> + insert(Authenticator, NAuthenticators, ?CMD_MOVE_BEFORE(RelatedID), []); + ?CMD_MOVE_AFTER(RelatedID) -> + insert(Authenticator, NAuthenticators, ?CMD_MOVE_AFTER(RelatedID), []) end end. -insert(_, [], ID, _) -> - {error, {not_found, {authenticator, ID}}}; -insert(Authenticator, [#authenticator{id = ID} | _] = Authenticators, ID, Acc) -> - {ok, lists:reverse(Acc) ++ [Authenticator | Authenticators]}; -insert(Authenticator, [Authenticator0 | More], ID, Acc) -> - insert(Authenticator, More, ID, [Authenticator0 | Acc]). +insert(_, [], {_, RelatedID}, _) -> + {error, {not_found, {authenticator, RelatedID}}}; +insert(Authenticator, [#authenticator{id = RelatedID} = Related | Rest], + {Relative, RelatedID}, Acc) -> + case Relative of + before -> + {ok, lists:reverse(Acc) ++ [Authenticator, Related | Rest]}; + 'after' -> + {ok, lists:reverse(Acc) ++ [Related, Authenticator | Rest]} + end; +insert(Authenticator, [Authenticator0 | More], {Relative, RelatedID}, Acc) -> + insert(Authenticator, More, {Relative, RelatedID}, [Authenticator0 | Acc]). update_chain(ChainName, UpdateFun) -> case ets:lookup(?CHAINS_TAB, ChainName) of diff --git a/apps/emqx/src/emqx_authentication_config.erl b/apps/emqx/src/emqx_authentication_config.erl index 31c6ad8cd..e30002f5a 100644 --- a/apps/emqx/src/emqx_authentication_config.erl +++ b/apps/emqx/src/emqx_authentication_config.erl @@ -87,24 +87,36 @@ do_pre_config_update({update_authenticator, ChainName, AuthenticatorID, Config}, do_pre_config_update({move_authenticator, _ChainName, AuthenticatorID, Position}, OldConfig) -> case split_by_id(AuthenticatorID, OldConfig) of {error, Reason} -> {error, Reason}; - {ok, Part1, [Found | Part2]} -> + {ok, BeforeFound, [Found | AfterFound]} -> case Position of - top -> - {ok, [Found | Part1] ++ Part2}; - bottom -> - {ok, Part1 ++ Part2 ++ [Found]}; - {before, Before} -> - case split_by_id(Before, Part1 ++ Part2) of + ?CMD_MOVE_TOP -> + {ok, [Found | BeforeFound] ++ AfterFound}; + ?CMD_MOVE_BOTTOM -> + {ok, BeforeFound ++ AfterFound ++ [Found]}; + ?CMD_MOVE_BEFORE(BeforeRelatedID) -> + case split_by_id(BeforeRelatedID, BeforeFound ++ AfterFound) of {error, Reason} -> {error, Reason}; - {ok, NPart1, [NFound | NPart2]} -> - {ok, NPart1 ++ [Found, NFound | NPart2]} + {ok, BeforeNFound, [FoundRelated | AfterNFound]} -> + {ok, BeforeNFound ++ [Found, FoundRelated | AfterNFound]} + end; + ?CMD_MOVE_AFTER(AfterRelatedID) -> + case split_by_id(AfterRelatedID, BeforeFound ++ AfterFound) of + {error, Reason} -> + {error, Reason}; + {ok, BeforeNFound, [FoundRelated | AfterNFound]} -> + {ok, BeforeNFound ++ [FoundRelated, Found | AfterNFound]} end end end. --spec post_config_update(list(atom()), update_request(), map() | list(), emqx_config:raw_config(), emqx_config:app_envs()) - -> ok | {ok, map()} | {error, term()}. +-spec post_config_update(list(atom()), + update_request(), + map() | list(), + emqx_config:raw_config(), + emqx_config:app_envs() + ) + -> ok | {ok, map()} | {error, term()}. post_config_update(_, UpdateReq, NewConfig, OldConfig, AppEnvs) -> do_post_config_update(UpdateReq, check_configs(to_list(NewConfig)), OldConfig, AppEnvs). @@ -112,7 +124,8 @@ do_post_config_update({create_authenticator, ChainName, Config}, NewConfig, _Old NConfig = get_authenticator_config(authenticator_id(Config), NewConfig), _ = emqx_authentication:create_chain(ChainName), emqx_authentication:create_authenticator(ChainName, NConfig); -do_post_config_update({delete_authenticator, ChainName, AuthenticatorID}, _NewConfig, OldConfig, _AppEnvs) -> +do_post_config_update({delete_authenticator, ChainName, AuthenticatorID}, + _NewConfig, OldConfig, _AppEnvs) -> case emqx_authentication:delete_authenticator(ChainName, AuthenticatorID) of ok -> Config = get_authenticator_config(AuthenticatorID, to_list(OldConfig)), @@ -121,14 +134,16 @@ do_post_config_update({delete_authenticator, ChainName, AuthenticatorID}, _NewCo {error, Reason} -> {error, Reason} end; -do_post_config_update({update_authenticator, ChainName, AuthenticatorID, Config}, NewConfig, _OldConfig, _AppEnvs) -> +do_post_config_update({update_authenticator, ChainName, AuthenticatorID, Config}, + NewConfig, _OldConfig, _AppEnvs) -> case get_authenticator_config(authenticator_id(Config), NewConfig) of {error, not_found} -> {error, {not_found, {authenticator, AuthenticatorID}}}; NConfig -> emqx_authentication:update_authenticator(ChainName, AuthenticatorID, NConfig) end; -do_post_config_update({move_authenticator, ChainName, AuthenticatorID, Position}, _NewConfig, _OldConfig, _AppEnvs) -> +do_post_config_update({move_authenticator, ChainName, AuthenticatorID, Position}, + _NewConfig, _OldConfig, _AppEnvs) -> emqx_authentication:move_authenticator(ChainName, AuthenticatorID, Position). check_configs(Configs) -> diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl index 24de25dc8..6b53ebb5a 100644 --- a/apps/emqx_authn/src/emqx_authn_api.erl +++ b/apps/emqx_authn/src/emqx_authn_api.erl @@ -1060,11 +1060,17 @@ serialize_error(Reason) -> message => binfmt("~p", [Reason])}}. parse_position(<<"top">>) -> - {ok, top}; + {ok, ?CMD_MOVE_TOP}; parse_position(<<"bottom">>) -> - {ok, bottom}; + {ok, ?CMD_MOVE_BOTTOM}; +parse_position(<<"before:">>) -> + {error, {invalid_parameter, position}}; +parse_position(<<"after:">>) -> + {error, {invalid_parameter, position}}; parse_position(<<"before:", Before/binary>>) -> - {ok, {before, Before}}; + {ok, ?CMD_MOVE_BEFORE(Before)}; +parse_position(<<"after:", After/binary>>) -> + {ok, ?CMD_MOVE_AFTER(After)}; parse_position(_) -> {error, {invalid_parameter, position}}.