fix: use minirest filter
This commit is contained in:
parent
4e0e755b28
commit
ea9228108b
|
@ -18,6 +18,7 @@
|
|||
|
||||
-behaviour(minirest_api).
|
||||
|
||||
-include("emqx_auth_mnesia.hrl").
|
||||
-include_lib("emqx_auth/include/emqx_authz.hrl").
|
||||
-include_lib("emqx/include/logger.hrl").
|
||||
-include_lib("hocon/include/hoconsc.hrl").
|
||||
|
@ -55,6 +56,9 @@
|
|||
format_result/1
|
||||
]).
|
||||
|
||||
%% minirest filter callback
|
||||
-export([is_configured_authz_source/2]).
|
||||
|
||||
-define(BAD_REQUEST, 'BAD_REQUEST').
|
||||
-define(NOT_FOUND, 'NOT_FOUND').
|
||||
-define(ALREADY_EXISTS, 'ALREADY_EXISTS').
|
||||
|
@ -85,6 +89,7 @@ paths() ->
|
|||
schema("/authorization/sources/built_in_database/rules/users") ->
|
||||
#{
|
||||
'operationId' => users,
|
||||
filter => fun ?MODULE:is_configured_authz_source/2,
|
||||
get =>
|
||||
#{
|
||||
tags => [<<"authorization">>],
|
||||
|
@ -131,6 +136,7 @@ schema("/authorization/sources/built_in_database/rules/users") ->
|
|||
schema("/authorization/sources/built_in_database/rules/clients") ->
|
||||
#{
|
||||
'operationId' => clients,
|
||||
filter => fun ?MODULE:is_configured_authz_source/2,
|
||||
get =>
|
||||
#{
|
||||
tags => [<<"authorization">>],
|
||||
|
@ -177,6 +183,7 @@ schema("/authorization/sources/built_in_database/rules/clients") ->
|
|||
schema("/authorization/sources/built_in_database/rules/users/:username") ->
|
||||
#{
|
||||
'operationId' => user,
|
||||
filter => fun ?MODULE:is_configured_authz_source/2,
|
||||
get =>
|
||||
#{
|
||||
tags => [<<"authorization">>],
|
||||
|
@ -230,6 +237,7 @@ schema("/authorization/sources/built_in_database/rules/users/:username") ->
|
|||
schema("/authorization/sources/built_in_database/rules/clients/:clientid") ->
|
||||
#{
|
||||
'operationId' => client,
|
||||
filter => fun ?MODULE:is_configured_authz_source/2,
|
||||
get =>
|
||||
#{
|
||||
tags => [<<"authorization">>],
|
||||
|
@ -283,6 +291,7 @@ schema("/authorization/sources/built_in_database/rules/clients/:clientid") ->
|
|||
schema("/authorization/sources/built_in_database/rules/all") ->
|
||||
#{
|
||||
'operationId' => all,
|
||||
filter => fun ?MODULE:is_configured_authz_source/2,
|
||||
get =>
|
||||
#{
|
||||
tags => [<<"authorization">>],
|
||||
|
@ -317,6 +326,7 @@ schema("/authorization/sources/built_in_database/rules/all") ->
|
|||
schema("/authorization/sources/built_in_database/rules") ->
|
||||
#{
|
||||
'operationId' => rules,
|
||||
filter => fun ?MODULE:is_configured_authz_source/2,
|
||||
delete =>
|
||||
#{
|
||||
tags => [<<"authorization">>],
|
||||
|
@ -426,17 +436,15 @@ fields(rules) ->
|
|||
%% HTTP API
|
||||
%%--------------------------------------------------------------------
|
||||
|
||||
-define(IF_CONFIGURED_AUTHZ_SOURCE(EXPR),
|
||||
is_configured_authz_source(Params, _Meta) ->
|
||||
emqx_authz_api_sources:with_source(
|
||||
<<"built_in_database">>,
|
||||
?AUTHZ_TYPE_BIN,
|
||||
fun(_Source) ->
|
||||
EXPR
|
||||
{ok, Params}
|
||||
end
|
||||
)
|
||||
).
|
||||
).
|
||||
|
||||
users(get, #{query_string := QueryString}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case
|
||||
emqx_mgmt_api:node_query(
|
||||
node(),
|
||||
|
@ -456,10 +464,8 @@ users(get, #{query_string := QueryString}) ->
|
|||
{500, #{code => <<"NODE_DOWN">>, message => Message}};
|
||||
Result ->
|
||||
{200, Result}
|
||||
end
|
||||
);
|
||||
end;
|
||||
users(post, #{body := Body}) when is_list(Body) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case ensure_all_not_exists(<<"username">>, username, Body) of
|
||||
[] ->
|
||||
lists:foreach(
|
||||
|
@ -474,11 +480,9 @@ users(post, #{body := Body}) when is_list(Body) ->
|
|||
code => <<"ALREADY_EXISTS">>,
|
||||
message => binfmt("Users '~ts' already exist", [binjoin(Exists)])
|
||||
}}
|
||||
end
|
||||
).
|
||||
end.
|
||||
|
||||
clients(get, #{query_string := QueryString}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case
|
||||
emqx_mgmt_api:node_query(
|
||||
node(),
|
||||
|
@ -498,10 +502,8 @@ clients(get, #{query_string := QueryString}) ->
|
|||
{500, #{code => <<"NODE_DOWN">>, message => Message}};
|
||||
Result ->
|
||||
{200, Result}
|
||||
end
|
||||
);
|
||||
end;
|
||||
clients(post, #{body := Body}) when is_list(Body) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case ensure_all_not_exists(<<"clientid">>, clientid, Body) of
|
||||
[] ->
|
||||
lists:foreach(
|
||||
|
@ -516,11 +518,9 @@ clients(post, #{body := Body}) when is_list(Body) ->
|
|||
code => <<"ALREADY_EXISTS">>,
|
||||
message => binfmt("Clients '~ts' already exist", [binjoin(Exists)])
|
||||
}}
|
||||
end
|
||||
).
|
||||
end.
|
||||
|
||||
user(get, #{bindings := #{username := Username}}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case emqx_authz_mnesia:get_rules({username, Username}) of
|
||||
not_found ->
|
||||
{404, #{code => <<"NOT_FOUND">>, message => <<"Not Found">>}};
|
||||
|
@ -529,31 +529,23 @@ user(get, #{bindings := #{username := Username}}) ->
|
|||
username => Username,
|
||||
rules => format_rules(Rules)
|
||||
}}
|
||||
end
|
||||
);
|
||||
end;
|
||||
user(put, #{
|
||||
bindings := #{username := Username},
|
||||
body := #{<<"username">> := Username, <<"rules">> := Rules}
|
||||
}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
begin
|
||||
emqx_authz_mnesia:store_rules({username, Username}, Rules),
|
||||
{204}
|
||||
end
|
||||
);
|
||||
{204};
|
||||
user(delete, #{bindings := #{username := Username}}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case emqx_authz_mnesia:get_rules({username, Username}) of
|
||||
not_found ->
|
||||
{404, #{code => <<"NOT_FOUND">>, message => <<"Username Not Found">>}};
|
||||
{ok, _Rules} ->
|
||||
emqx_authz_mnesia:delete_rules({username, Username}),
|
||||
{204}
|
||||
end
|
||||
).
|
||||
end.
|
||||
|
||||
client(get, #{bindings := #{clientid := ClientID}}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case emqx_authz_mnesia:get_rules({clientid, ClientID}) of
|
||||
not_found ->
|
||||
{404, #{code => <<"NOT_FOUND">>, message => <<"Not Found">>}};
|
||||
|
@ -562,31 +554,23 @@ client(get, #{bindings := #{clientid := ClientID}}) ->
|
|||
clientid => ClientID,
|
||||
rules => format_rules(Rules)
|
||||
}}
|
||||
end
|
||||
);
|
||||
end;
|
||||
client(put, #{
|
||||
bindings := #{clientid := ClientID},
|
||||
body := #{<<"clientid">> := ClientID, <<"rules">> := Rules}
|
||||
}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
begin
|
||||
emqx_authz_mnesia:store_rules({clientid, ClientID}, Rules),
|
||||
{204}
|
||||
end
|
||||
);
|
||||
{204};
|
||||
client(delete, #{bindings := #{clientid := ClientID}}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case emqx_authz_mnesia:get_rules({clientid, ClientID}) of
|
||||
not_found ->
|
||||
{404, #{code => <<"NOT_FOUND">>, message => <<"ClientID Not Found">>}};
|
||||
{ok, _Rules} ->
|
||||
emqx_authz_mnesia:delete_rules({clientid, ClientID}),
|
||||
{204}
|
||||
end
|
||||
).
|
||||
end.
|
||||
|
||||
all(get, _) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case emqx_authz_mnesia:get_rules(all) of
|
||||
not_found ->
|
||||
{200, #{rules => []}};
|
||||
|
@ -594,25 +578,15 @@ all(get, _) ->
|
|||
{200, #{
|
||||
rules => format_rules(Rules)
|
||||
}}
|
||||
end
|
||||
);
|
||||
end;
|
||||
all(post, #{body := #{<<"rules">> := Rules}}) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
begin
|
||||
emqx_authz_mnesia:store_rules(all, Rules),
|
||||
{204}
|
||||
end
|
||||
);
|
||||
{204};
|
||||
all(delete, _) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
begin
|
||||
emqx_authz_mnesia:store_rules(all, []),
|
||||
{204}
|
||||
end
|
||||
).
|
||||
{204}.
|
||||
|
||||
rules(delete, _) ->
|
||||
?IF_CONFIGURED_AUTHZ_SOURCE(
|
||||
case emqx_authz_api_sources:get_raw_source(<<"built_in_database">>) of
|
||||
[#{<<"enable">> := false}] ->
|
||||
ok = emqx_authz_mnesia:purge_rules(),
|
||||
|
@ -628,8 +602,7 @@ rules(delete, _) ->
|
|||
code => <<"BAD_REQUEST">>,
|
||||
message => <<"'built_in_database' type source is not found.">>
|
||||
}}
|
||||
end
|
||||
).
|
||||
end.
|
||||
|
||||
%%--------------------------------------------------------------------
|
||||
%% QueryString to MatchSpec
|
||||
|
|
|
@ -415,7 +415,9 @@ run_examples(Code, Examples) when is_number(Code) ->
|
|||
run_examples(
|
||||
fun
|
||||
({ok, ResCode, _}) when Code =:= ResCode -> true;
|
||||
(_) -> false
|
||||
(_Res) ->
|
||||
ct:pal("check failed: ~p", [_Res]),
|
||||
false
|
||||
end,
|
||||
Examples
|
||||
).
|
||||
|
@ -455,7 +457,9 @@ make_examples(ApiMod, Replacements) ->
|
|||
end,
|
||||
{replace_parts(to_parts(Path), Replacements), Op, Body}
|
||||
end,
|
||||
lists:sort(fun op_sort/2, maps:to_list(maps:remove('operationId', Schema)))
|
||||
lists:sort(
|
||||
fun op_sort/2, maps:to_list(maps:with([get, put, post, delete], Schema))
|
||||
)
|
||||
)
|
||||
end,
|
||||
Paths
|
||||
|
|
Loading…
Reference in New Issue