yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'emqx_config' of https://github.com/terry-xiaoyu/emqx into emqx_config

This commit is contained in:
Turtle 2021-07-17 17:10:07 +08:00
parent 7b38ae7f47 6915d9abeb
commit eadaa9e557
3 changed files with 71 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
apps/emqx_authz/src/emqx_authz_schema.erl
View File

@ -2,10 +2,6 @@
-include_lib("typerefl/include/types.hrl"). -include_lib("typerefl/include/types.hrl").
-type action() :: publish | subscribe | all.
-type permission() :: allow | deny.
-type url() :: emqx_http_lib:uri_map().
-reflect_type([ permission/0 -reflect_type([ permission/0
, action/0 , action/0
, url/0 , url/0
@ -13,6 +9,18 @@
-typerefl_from_string({url/0, emqx_http_lib, uri_parse}). -typerefl_from_string({url/0, emqx_http_lib, uri_parse}).
-type action() :: publish | subscribe | all.
-type permission() :: allow | deny.
-type url() :: #{
scheme := http | https,
host := string(),
port := non_neg_integer(),
path => string(),
query => string(),
fragment => string(),
userinfo => string()
}.
-export([ structs/0 -export([ structs/0
, fields/1 , fields/1
]). ]).
@ -51,9 +59,8 @@ fields(http_get) ->
end end
} }
} }
, {method, #{type => get, , {method, #{type => get, default => get }}
default => get , {request_timeout, #{type => timeout(), default => 30000 }}
}}
] ++ proplists:delete(base_url, emqx_connector_http:fields(config)); ] ++ proplists:delete(base_url, emqx_connector_http:fields(config));
fields(http_post) -> fields(http_post) ->
[ {url, #{type => url()}} [ {url, #{type => url()}}

68
apps/emqx_authz/test/emqx_authz_api_SUITE.erl
View File

@ -15,8 +15,8 @@
-module(emqx_authz_api_SUITE). -module(emqx_authz_api_SUITE).
% -compile(nowarn_export_all). -compile(nowarn_export_all).
% -compile(export_all). -compile(export_all).
% -include("emqx_authz.hrl"). % -include("emqx_authz.hrl").
% -include_lib("eunit/include/eunit.hrl"). % -include_lib("eunit/include/eunit.hrl").
@ -34,28 +34,28 @@
% -define(API_VERSION, "v4"). % -define(API_VERSION, "v4").
% -define(BASE_PATH, "api"). % -define(BASE_PATH, "api").
% all() -> all() ->
% %% TODO: V5 API %% TODO: V5 API
% %% emqx_ct:all(?MODULE). %% emqx_ct:all(?MODULE).
% [t_api_unit_test]. [t_api_unit_test].
% groups() -> groups() ->
% []. [].
% init_per_suite(Config) -> init_per_suite(Config) ->
% %% important! let emqx_schema include the current app! %% important! let emqx_schema include the current app!
% meck:new(emqx_schema, [non_strict, passthrough, no_history, no_link]), meck:new(emqx_schema, [non_strict, passthrough, no_history, no_link]),
% meck:expect(emqx_schema, includes, fun() -> ["emqx_authz"] end ), meck:expect(emqx_schema, includes, fun() -> ["emqx_authz"] end ),
% ok = emqx_ct_helpers:start_apps([emqx_authz, emqx_management], fun set_special_configs/1), ok = emqx_ct_helpers:start_apps([emqx_authz]),
%create_default_app(), %create_default_app(),
% Config. Config.
% end_per_suite(_Config) -> end_per_suite(_Config) ->
%delete_default_app(), %delete_default_app(),
% file:delete(filename:join(emqx:get_env(plugins_etc_dir), 'authz.conf')), file:delete(filename:join(emqx:get_env(plugins_etc_dir), 'authz.conf')),
% meck:unload(emqx_schema), meck:unload(emqx_schema),
% emqx_ct_helpers:stop_apps([emqx_authz, emqx_management]). emqx_ct_helpers:stop_apps([emqx_authz]).
% set_special_configs(emqx) -> % set_special_configs(emqx) ->
% application:set_env(emqx, allow_anonymous, true), % application:set_env(emqx, allow_anonymous, true),
@ -77,22 +77,22 @@
% %% Testcases % %% Testcases
% %%------------------------------------------------------------------------------ % %%------------------------------------------------------------------------------
% t_api_unit_test(_Config) -> t_api_unit_test(_Config) ->
% Rule1 = #{<<"principal">> => Rule1 = #{<<"principal">> =>
% #{<<"and">> => [#{<<"username">> => <<"^test?">>}, #{<<"and">> => [#{<<"username">> => <<"^test?">>},
% #{<<"clientid">> => <<"^test?">>} #{<<"clientid">> => <<"^test?">>}
% ]}, ]},
% <<"action">> => <<"subscribe">>, <<"action">> => <<"subscribe">>,
% <<"topics">> => [<<"%u">>], <<"topics">> => [<<"%u">>],
% <<"permission">> => <<"allow">> <<"permission">> => <<"allow">>
% }, },
% ok = emqx_authz_api:push_authz(#{}, Rule1), ok = emqx_authz_api:push_authz(#{}, Rule1),
% [#{action := subscribe, [#{action := subscribe,
% permission := allow, permission := allow,
% principal := principal :=
% #{'and' := [#{username := <<"^test?">>}, #{'and' := [#{username := <<"^test?">>},
% #{clientid := <<"^test?">>}]}, #{clientid := <<"^test?">>}]},
% topics := [<<"%u">>]}] = emqx_config:get([emqx_authz, rules]). topics := [<<"%u">>]}] = emqx_config:get([emqx_authz, rules]).
% t_api(_Config) -> % t_api(_Config) ->
% Rule1 = #{<<"principal">> => % Rule1 = #{<<"principal">> =>

48
apps/emqx_authz/test/emqx_authz_http_SUITE.erl
View File

@ -29,41 +29,33 @@ groups() ->
[]. [].
init_per_suite(Config) -> init_per_suite(Config) ->
%% important! let emqx_schema include the current app!
meck:new(emqx_schema, [non_strict, passthrough, no_history, no_link]),
meck:expect(emqx_schema, includes, fun() -> ["emqx_authz"] end ),
meck:new(emqx_resource, [non_strict, passthrough, no_history, no_link]), meck:new(emqx_resource, [non_strict, passthrough, no_history, no_link]),
meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end ), meck:expect(emqx_resource, create, fun(_, _, _) -> {ok, meck_data} end ),
ok = emqx_ct_helpers:start_apps([emqx_authz], fun set_special_configs/1), ok = emqx_ct_helpers:start_apps([emqx_authz]),
ok = emqx_config:update_config([zones, default, acl, cache, enable], false),
ok = emqx_config:update_config([zones, default, acl, enable], true),
Rules = [#{ <<"config">> => #{
<<"url">> => <<"https://fake.com:443/">>,
<<"headers">> => #{},
<<"method">> => <<"get">>,
<<"request_timeout">> => 5000
},
<<"principal">> => <<"all">>,
<<"type">> => <<"http">>}
],
ok = emqx_authz:update(replace, Rules),
Config. Config.
end_per_suite(_Config) -> end_per_suite(_Config) ->
file:delete(filename:join(emqx:get_env(plugins_etc_dir), 'authz.conf')), file:delete(filename:join(emqx:get_env(plugins_etc_dir), 'authz.conf')),
emqx_ct_helpers:stop_apps([emqx_authz, emqx_resource]), emqx_ct_helpers:stop_apps([emqx_authz, emqx_resource]),
meck:unload(emqx_schema),
meck:unload(emqx_resource). meck:unload(emqx_resource).
set_special_configs(emqx) ->
application:set_env(emqx, allow_anonymous, true),
application:set_env(emqx, enable_acl_cache, false),
application:set_env(emqx, acl_nomatch, deny),
application:set_env(emqx, plugins_loaded_file,
emqx_ct_helpers:deps_path(emqx, "test/loaded_plguins")),
ok;
set_special_configs(emqx_authz) ->
Rules = [#{config =>#{
url => #{host => "fake.com",
path => "/",
port => 443,
scheme => https},
headers => #{},
method => get,
request_timeout => 5000
},
principal => all,
type => http}
],
emqx_config:put([emqx_authz], #{rules => Rules}),
ok;
set_special_configs(_App) ->
ok.
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
%% Testcases %% Testcases
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
@ -73,7 +65,9 @@ t_authz(_) ->
username => <<"username">>, username => <<"username">>,
peerhost => {127,0,0,1}, peerhost => {127,0,0,1},
protocol => mqtt, protocol => mqtt,
mountpoint => <<"fake">> mountpoint => <<"fake">>,
zone => default,
listener => mqtt_tcp
}, },
meck:expect(emqx_resource, query, fun(_, _) -> {ok, 204, fake_headers} end), meck:expect(emqx_resource, query, fun(_, _) -> {ok, 204, fake_headers} end),