Merge pull request #10317 from zmstone/0403-refactor-hide-listener-level-authentication

0403 refactor hide listener level authentication

apps/emqx/src/emqx_schema.erl

@@ -1880,7 +1880,9 @@ mqtt_listener(Bind) ->
                         default => <<"3s">>
                     }
                 )},
-            {?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME, authentication(listener)}
+            {?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME, (authentication(listener))#{
+                importance => ?IMPORTANCE_HIDDEN
+            }}
         ].
 
 base_listener(Bind) ->

apps/emqx_authz/src/emqx_authz.app.src

@@ -1,7 +1,7 @@
 %% -*- mode: erlang -*-
 {application, emqx_authz, [
     {description, "An OTP application"},
-    {vsn, "0.1.15"},
+    {vsn, "0.1.16"},
     {registered, []},
     {mod, {emqx_authz_app, []}},
     {applications, [

apps/emqx_authz/src/emqx_authz_schema.erl

@@ -492,7 +492,9 @@ authz_fields() ->
                 ?ARRAY(?UNION(UnionMemberSelector)),
                 #{
                     default => [],
-                    desc => ?DESC(sources)
+                    desc => ?DESC(sources),
+                    %% doc_lift is force a root level reference instead of nesting sub-structs
+                    extra => #{doc_lift => true}
                 }
             )}
     ].

apps/emqx_gateway/src/emqx_gateway_schema.erl

@@ -580,6 +580,8 @@ authentication_schema() ->
         #{
             required => {false, recursively},
             desc => ?DESC(gateway_common_authentication),
+            %% we do not expose this to the user for now
+            importance => ?IMPORTANCE_HIDDEN,
             examples => emqx_authn_api:authenticator_examples()
         }
     ).

changes/ce/fix-10317.en.md

@@ -0,0 +1 @@
+Do not expose listener level authentications before extensive verification.

changes/ce/fix-10317.zh.md

@@ -0,0 +1 @@
+在大量验证完成前不暴露监听器级的认证功能。