yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(emqx_authz): rename config item 

rename sql to query for mysql and pgsql
rename find to selector for mongo

Signed-off-by: zhanghongtong <rory-z@outlook.com>
This commit is contained in:
zhanghongtong 2021-09-09 17:59:17 +08:00 committed by Rory Z
parent c8a6098f9c
commit ef0f94025a
12 changed files with 37 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/emqx_authz/etc/emqx_authz.conf
View File

@ -22,7 +22,7 @@ authorization {
# certfile: "{{ platform_etc_dir }}/certs/client-cert.pem"
# keyfile: "{{ platform_etc_dir }}/certs/client-key.pem"
# }
# sql: "select ipaddress, username, clientid, action, permission, topic from mqtt_authz where ipaddr = '%a' or username = '%u' or clientid = '%c'"
# query: "select ipaddress, username, clientid, action, permission, topic from mqtt_authz where ipaddr = '%a' or username = '%u' or clientid = '%c'"
# },
# {
# type: pgsql
@ -33,7 +33,7 @@ authorization {
# password: public
# auto_reconnect: true
# ssl: {enable: false}
# sql: "select ipaddress, username, clientid, action, permission, topic from mqtt_authz where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'"
# query: "select ipaddress, username, clientid, action, permission, topic from mqtt_authz where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'"
# },
# {
# type: redis
@ -53,7 +53,7 @@ authorization {
# database: mqtt
# ssl: {enable: false}
# collection: mqtt_authz
# find: { "$or": [ { "username": "%u" }, { "clientid": "%c" } ] }
# selector: { "$or": [ { "username": "%u" }, { "clientid": "%c" } ] }
# },
{
type: file

4
apps/emqx_authz/src/emqx_authz.erl
View File

@ -290,7 +290,7 @@ init_source(#{enable := true,
end;
init_source(#{enable := true,
type := DB,
sql := SQL
query := SQL
} = Source) when DB =:= mysql;
DB =:= pgsql ->
Mod = authz_module(DB),
@ -298,7 +298,7 @@ init_source(#{enable := true,
{error, Reason} -> error({load_config_error, Reason});
Id -> Source#{annotations =>
#{id => Id,
sql => Mod:parse_query(SQL)
query => Mod:parse_query(SQL)
}
}
end;

20
apps/emqx_authz/src/emqx_authz_api_schema.erl
View File

@ -118,7 +118,7 @@ definitions() ->
required => [ type
, enable
, collection
, find
, selector
, mongo_type
, server
, pool_size
@ -140,7 +140,7 @@ definitions() ->
example => true
},
collection => #{type => string},
find => #{type => object},
selector => #{type => object},
mongo_type => #{type => string,
enum => [<<"single">>],
example => <<"single">>},
@ -173,7 +173,7 @@ definitions() ->
required => [ type
, enable
, collection
, find
, selector
, mongo_type
, servers
, replica_set_name
@ -196,7 +196,7 @@ definitions() ->
example => true
},
collection => #{type => string},
find => #{type => object},
selector => #{type => object},
mongo_type => #{type => string,
enum => [<<"rs">>],
example => <<"rs">>},
@ -231,7 +231,7 @@ definitions() ->
required => [ type
, enable
, collection
, find
, selector
, mongo_type
, servers
, pool_size
@ -253,7 +253,7 @@ definitions() ->
example => true
},
collection => #{type => string},
find => #{type => object},
selector => #{type => object},
mongo_type => #{type => string,
enum => [<<"sharded">>],
example => <<"sharded">>},
@ -286,7 +286,7 @@ definitions() ->
type => object,
required => [ type
, enable
, sql
, query
, server
, database
, pool_size
@ -305,7 +305,7 @@ definitions() ->
type => boolean,
example => true
},
sql => #{type => string},
query => #{type => string},
server => #{type => string,
example => <<"127.0.0.1:3306">>
},
@ -323,7 +323,7 @@ definitions() ->
type => object,
required => [ type
, enable
, sql
, query
, server
, database
, pool_size
@ -342,7 +342,7 @@ definitions() ->
type => boolean,
example => true
},
sql => #{type => string},
query => #{type => string},
server => #{type => string,
example => <<"127.0.0.1:5432">>
},

8
apps/emqx_authz/src/emqx_authz_mongo.erl
View File

@ -35,10 +35,10 @@ description() ->
authorize(Client, PubSub, Topic,
#{collection := Collection,
find := Find,
selector := Selector,
annotations := #{id := ResourceID}
}) ->
case emqx_resource:query(ResourceID, {find, Collection, replvar(Find, Client), #{}}) of
case emqx_resource:query(ResourceID, {find, Collection, replvar(Selector, Client), #{}}) of
{error, Reason} ->
?LOG(error, "[AuthZ] Query mongo error: ~p", [Reason]),
nomatch;
@ -57,7 +57,7 @@ do_authorize(Client, PubSub, Topic, [Rule | Tail]) ->
nomatch -> do_authorize(Client, PubSub, Topic, Tail)
end.
replvar(Find, #{clientid := Clientid,
replvar(Selector, #{clientid := Clientid,
username := Username,
peerhost := IpAddress
}) ->
@ -76,7 +76,7 @@ replvar(Find, #{clientid := Clientid,
maps:put(K, V3, AccIn);
_Fun(K, V, AccIn) -> maps:put(K, V, AccIn)
end,
maps:fold(Fun, #{}, Find).
maps:fold(Fun, #{}, Selector).
bin(A) when is_atom(A) -> atom_to_binary(A, utf8);
bin(B) when is_binary(B) -> B;

4
apps/emqx_authz/src/emqx_authz_mysql.erl
View File

@ -47,10 +47,10 @@ parse_query(Sql) ->
authorize(Client, PubSub, Topic,
#{annotations := #{id := ResourceID,
sql := {SQL, Params}
query := {Query, Params}
}
}) ->
case emqx_resource:query(ResourceID, {sql, SQL, replvar(Params, Client)}) of
case emqx_resource:query(ResourceID, {sql, Query, replvar(Params, Client)}) of
{ok, _Columns, []} -> nomatch;
{ok, Columns, Rows} ->
do_authorize(Client, PubSub, Topic, Columns, Rows);

4
apps/emqx_authz/src/emqx_authz_pgsql.erl
View File

@ -51,10 +51,10 @@ parse_query(Sql) ->
authorize(Client, PubSub, Topic,
#{annotations := #{id := ResourceID,
sql := {SQL, Params}
query := {Query, Params}
}
}) ->
case emqx_resource:query(ResourceID, {sql, SQL, replvar(Params, Client)}) of
case emqx_resource:query(ResourceID, {sql, Query, replvar(Params, Client)}) of
{ok, _Columns, []} -> nomatch;
{ok, Columns, Rows} ->
do_authorize(Client, PubSub, Topic, Columns, Rows);

10
apps/emqx_authz/src/emqx_authz_schema.erl
View File

@ -116,24 +116,24 @@ fields(http_post) ->
fields(mongo_single) ->
connector_fields(mongo, single) ++
[ {collection, #{type => atom()}}
, {find, #{type => map()}}
, {selector, #{type => map()}}
];
fields(mongo_rs) ->
connector_fields(mongo, rs) ++
[ {collection, #{type => atom()}}
, {find, #{type => map()}}
, {selector, #{type => map()}}
];
fields(mongo_sharded) ->
connector_fields(mongo, sharded) ++
[ {collection, #{type => atom()}}
, {find, #{type => map()}}
, {selector, #{type => map()}}
];
fields(mysql) ->
connector_fields(mysql) ++
[ {sql, query()} ];
[ {query, query()} ];
fields(pgsql) ->
connector_fields(pgsql) ++
[ {sql, query()} ];
[ {query, query()} ];
fields(redis_single) ->
connector_fields(redis, single) ++
[ {cmd, query()} ];

6
apps/emqx_authz/test/emqx_authz_SUITE.erl
View File

@ -75,7 +75,7 @@ init_per_testcase(_, Config) ->
<<"database">> => <<"mqtt">>,
<<"ssl">> => #{<<"enable">> => false},
<<"collection">> => <<"fake">>,
<<"find">> => #{<<"a">> => <<"b">>}
<<"selector">> => #{<<"a">> => <<"b">>}
}).
-define(SOURCE3, #{<<"type">> => <<"mysql">>,
<<"enable">> => true,
@ -86,7 +86,7 @@ init_per_testcase(_, Config) ->
<<"password">> => <<"ee">>,
<<"auto_reconnect">> => true,
<<"ssl">> => #{<<"enable">> => false},
<<"sql">> => <<"abcb">>
<<"query">> => <<"abcb">>
}).
-define(SOURCE4, #{<<"type">> => <<"pgsql">>,
<<"enable">> => true,
@ -97,7 +97,7 @@ init_per_testcase(_, Config) ->
<<"password">> => <<"ee">>,
<<"auto_reconnect">> => true,
<<"ssl">> => #{<<"enable">> => false},
<<"sql">> => <<"abcb">>
<<"query">> => <<"abcb">>
}).
-define(SOURCE5, #{<<"type">> => <<"redis">>,
<<"enable">> => true,

6
apps/emqx_authz/test/emqx_authz_api_sources_SUITE.erl
View File

@ -54,7 +54,7 @@
<<"database">> => <<"mqtt">>,
<<"ssl">> => #{<<"enable">> => false},
<<"collection">> => <<"fake">>,
<<"find">> => #{<<"a">> => <<"b">>}
<<"selector">> => #{<<"a">> => <<"b">>}
}).
-define(SOURCE3, #{<<"type">> => <<"mysql">>,
<<"enable">> => true,
@ -65,7 +65,7 @@
<<"password">> => <<"ee">>,
<<"auto_reconnect">> => true,
<<"ssl">> => #{<<"enable">> => false},
<<"sql">> => <<"abcb">>
<<"query">> => <<"abcb">>
}).
-define(SOURCE4, #{<<"type">> => <<"pgsql">>,
<<"enable">> => true,
@ -76,7 +76,7 @@
<<"password">> => <<"ee">>,
<<"auto_reconnect">> => true,
<<"ssl">> => #{<<"enable">> => false},
<<"sql">> => <<"abcb">>
<<"query">> => <<"abcb">>
}).
-define(SOURCE5, #{<<"type">> => <<"redis">>,
<<"enable">> => true,

2
apps/emqx_authz/test/emqx_authz_mongo_SUITE.erl
View File

@ -53,7 +53,7 @@ init_per_suite(Config) ->
<<"database">> => <<"mqtt">>,
<<"ssl">> => #{<<"enable">> => false},
<<"collection">> => <<"fake">>,
<<"find">> => #{<<"a">> => <<"b">>}
<<"selector">> => #{<<"a">> => <<"b">>}
}],
{ok, _} = emqx_authz:update(replace, Rules),
Config.

2
apps/emqx_authz/test/emqx_authz_mysql_SUITE.erl
View File

@ -55,7 +55,7 @@ init_per_suite(Config) ->
<<"password">> => <<"ee">>,
<<"auto_reconnect">> => true,
<<"ssl">> => #{<<"enable">> => false},
<<"sql">> => <<"abcb">>
<<"query">> => <<"abcb">>
}],
{ok, _} = emqx_authz:update(replace, Rules),
Config.

2
apps/emqx_authz/test/emqx_authz_pgsql_SUITE.erl
View File

@ -55,7 +55,7 @@ init_per_suite(Config) ->
<<"password">> => <<"ee">>,
<<"auto_reconnect">> => true,
<<"ssl">> => #{<<"enable">> => false},
<<"sql">> => <<"abcb">>
<<"query">> => <<"abcb">>
}],
{ok, _} = emqx_authz:update(replace, Rules),
Config.