yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore: rename selector to filter and fix spellcheck

This commit is contained in:
zhouzb 2022-04-27 09:22:50 +08:00
parent c384ae2534
commit fa9bd74595
15 changed files with 63 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/emqx_authn/i18n/emqx_authn_mongodb_i18n.conf
View File

@ -31,7 +31,7 @@ emqx_authn_mongodb {
} }
} }
selector { filter {
desc { desc {
en: """ en: """
Statement that is executed during the authentication process. Statement that is executed during the authentication process.
@ -47,8 +47,8 @@ Commands can support following wildcards:
""" """
} }
label: { label: {
en: """Selector""" en: """Filter"""
zh: """查询""" zh: """过滤器"""
} }
} }

2
apps/emqx_authn/src/emqx_authn_api.erl
View File

@ -1401,7 +1401,7 @@ authenticator_examples() ->
server => <<"127.0.0.1:27017">>, server => <<"127.0.0.1:27017">>,
database => example, database => example,
collection => users, collection => users,
selector => #{ filter => #{
username => ?PH_USERNAME username => ?PH_USERNAME
}, },
password_hash_field => <<"password_hash">>, password_hash_field => <<"password_hash">>,

24
apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
View File

@ -74,7 +74,7 @@ common_fields() ->
{mechanism, emqx_authn_schema:mechanism(password_based)}, {mechanism, emqx_authn_schema:mechanism(password_based)},
{backend, emqx_authn_schema:backend(mongodb)}, {backend, emqx_authn_schema:backend(mongodb)},
{collection, fun collection/1}, {collection, fun collection/1},
{selector, fun selector/1}, {filter, fun filter/1},
{password_hash_field, fun password_hash_field/1}, {password_hash_field, fun password_hash_field/1},
{salt_field, fun salt_field/1}, {salt_field, fun salt_field/1},
{is_superuser_field, fun is_superuser_field/1}, {is_superuser_field, fun is_superuser_field/1},
@ -86,11 +86,11 @@ collection(desc) -> ?DESC(?FUNCTION_NAME);
collection(required) -> true; collection(required) -> true;
collection(_) -> undefined. collection(_) -> undefined.
selector(type) -> filter(type) ->
map(); map();
selector(desc) -> filter(desc) ->
?DESC(?FUNCTION_NAME); ?DESC(?FUNCTION_NAME);
selector(_) -> filter(_) ->
undefined. undefined.
password_hash_field(type) -> binary(); password_hash_field(type) -> binary();
@ -122,8 +122,8 @@ refs() ->
create(_AuthenticatorID, Config) -> create(_AuthenticatorID, Config) ->
create(Config). create(Config).
create(#{selector := Selector} = Config) -> create(#{filter := Filter} = Config) ->
SelectorTemplate = emqx_authn_utils:parse_deep(Selector), FilterTemplate = emqx_authn_utils:parse_deep(Filter),
State = maps:with( State = maps:with(
[ [
collection, collection,
@ -139,7 +139,7 @@ create(#{selector := Selector} = Config) ->
ok = emqx_authn_password_hashing:init(Algorithm), ok = emqx_authn_password_hashing:init(Algorithm),
ResourceId = emqx_authn_utils:make_resource_id(?MODULE), ResourceId = emqx_authn_utils:make_resource_id(?MODULE),
NState = State#{ NState = State#{
selector_template => SelectorTemplate, filter_template => FilterTemplate,
resource_id => ResourceId resource_id => ResourceId
}, },
case case
@ -174,12 +174,12 @@ authenticate(
#{password := Password} = Credential, #{password := Password} = Credential,
#{ #{
collection := Collection, collection := Collection,
selector_template := SelectorTemplate, filter_template := FilterTemplate,
resource_id := ResourceId resource_id := ResourceId
} = State } = State
) -> ) ->
Selector = emqx_authn_utils:render_deep(SelectorTemplate, Credential), Filter = emqx_authn_utils:render_deep(FilterTemplate, Credential),
case emqx_resource:query(ResourceId, {find_one, Collection, Selector, #{}}) of case emqx_resource:query(ResourceId, {find_one, Collection, Filter, #{}}) of
undefined -> undefined ->
ignore; ignore;
{error, Reason} -> {error, Reason} ->
@ -187,7 +187,7 @@ authenticate(
msg => "mongodb_query_failed", msg => "mongodb_query_failed",
resource => ResourceId, resource => ResourceId,
collection => Collection, collection => Collection,
selector => Selector, filter => Filter,
reason => Reason reason => Reason
}), }),
ignore; ignore;
@ -200,7 +200,7 @@ authenticate(
msg => "cannot_find_password_hash_field", msg => "cannot_find_password_hash_field",
resource => ResourceId, resource => ResourceId,
collection => Collection, collection => Collection,
selector => Selector, filter => Filter,
password_hash_field => PasswordHashField password_hash_field => PasswordHashField
}), }),
ignore; ignore;

14
apps/emqx_authn/test/emqx_authn_mongo_SUITE.erl
View File

@ -84,7 +84,7 @@ t_create_invalid(_Config) ->
InvalidConfigs = InvalidConfigs =
[ [
AuthConfig#{mongo_type => <<"unknown">>}, AuthConfig#{mongo_type => <<"unknown">>},
AuthConfig#{selector => <<"{ \"username\": \"${username}\" }">>}, AuthConfig#{filter => <<"{ \"username\": \"${username}\" }">>},
AuthConfig#{w_mode => <<"unknown">>} AuthConfig#{w_mode => <<"unknown">>}
], ],
@ -177,7 +177,7 @@ t_update(_Config) ->
ok = init_seeds(), ok = init_seeds(),
CorrectConfig = raw_mongo_auth_config(), CorrectConfig = raw_mongo_auth_config(),
IncorrectConfig = IncorrectConfig =
CorrectConfig#{selector => #{<<"wrongfield">> => <<"wrongvalue">>}}, CorrectConfig#{filter => #{<<"wrongfield">> => <<"wrongvalue">>}},
{ok, _} = emqx:update_config( {ok, _} = emqx:update_config(
?PATH, ?PATH,
@ -193,7 +193,7 @@ t_update(_Config) ->
} }
), ),
% We update with config with correct selector, provider should update and work properly % We update with config with correct filter, provider should update and work properly
{ok, _} = emqx:update_config( {ok, _} = emqx:update_config(
?PATH, ?PATH,
{update_authenticator, ?GLOBAL, <<"password_based:mongodb">>, CorrectConfig} {update_authenticator, ?GLOBAL, <<"password_based:mongodb">>, CorrectConfig}
@ -276,7 +276,7 @@ raw_mongo_auth_config() ->
server => mongo_server(), server => mongo_server(),
w_mode => <<"unsafe">>, w_mode => <<"unsafe">>,
selector => #{<<"username">> => <<"${username}">>}, filter => #{<<"username">> => <<"${username}">>},
password_hash_field => <<"password_hash">>, password_hash_field => <<"password_hash">>,
salt_field => <<"salt">>, salt_field => <<"salt">>,
is_superuser_field => <<"is_superuser">> is_superuser_field => <<"is_superuser">>
@ -332,7 +332,7 @@ user_seeds() ->
password => <<"sha256">> password => <<"sha256">>
}, },
config_params => #{ config_params => #{
selector => #{<<"username">> => <<"${clientid}">>}, filter => #{<<"username">> => <<"${clientid}">>},
password_hash_algorithm => #{ password_hash_algorithm => #{
name => <<"sha256">>, name => <<"sha256">>,
salt_position => <<"prefix">> salt_position => <<"prefix">>
@ -373,7 +373,7 @@ user_seeds() ->
}, },
config_params => #{ config_params => #{
% clientid variable & username credentials % clientid variable & username credentials
selector => #{<<"username">> => <<"${clientid}">>}, filter => #{<<"username">> => <<"${clientid}">>},
password_hash_algorithm => #{name => <<"bcrypt">>} password_hash_algorithm => #{name => <<"bcrypt">>}
}, },
result => {error, not_authorized} result => {error, not_authorized}
@ -392,7 +392,7 @@ user_seeds() ->
password => <<"bcrypt">> password => <<"bcrypt">>
}, },
config_params => #{ config_params => #{
selector => #{<<"userid">> => <<"${clientid}">>}, filter => #{<<"userid">> => <<"${clientid}">>},
password_hash_algorithm => #{name => <<"bcrypt">>} password_hash_algorithm => #{name => <<"bcrypt">>}
}, },
result => {error, not_authorized} result => {error, not_authorized}

2
apps/emqx_authn/test/emqx_authn_mongo_tls_SUITE.erl
View File

@ -189,7 +189,7 @@ raw_mongo_auth_config(SpecificSSLOpts) ->
server => mongo_server(), server => mongo_server(),
w_mode => <<"unsafe">>, w_mode => <<"unsafe">>,
selector => #{<<"username">> => <<"${username}">>}, filter => #{<<"username">> => <<"${username}">>},
password_hash_field => <<"password_hash">>, password_hash_field => <<"password_hash">>,
salt_field => <<"salt">>, salt_field => <<"salt">>,
is_superuser_field => <<"is_superuser">>, is_superuser_field => <<"is_superuser">>,

2
apps/emqx_authz/etc/emqx_authz.conf
View File

@ -53,7 +53,7 @@ authorization {
# database: mqtt # database: mqtt
# ssl: {enable: false} # ssl: {enable: false}
# collection: mqtt_authz # collection: mqtt_authz
# selector: { "$or": [ { "username": "${username}" }, { "clientid": "${clientid}" } ] } # filter: { "$or": [ { "username": "${username}" }, { "clientid": "${clientid}" } ] }
# }, # },
{ {
type: built_in_database type: built_in_database

6
apps/emqx_authz/i18n/emqx_authz_api_schema_i18n.conf
View File

@ -119,7 +119,7 @@ emqx_authz_api_schema {
} }
} }
selector { filter {
desc { desc {
en: """ en: """
Statement that is executed during the authorize process. Statement that is executed during the authorize process.
@ -134,8 +134,8 @@ Commands can support following wildcards:\n
- `${clientid}`: 代替客户端的客户端标识符""" - `${clientid}`: 代替客户端的客户端标识符"""
} }
label { label {
en: """selector""" en: """filter"""
zh: """selector""" zh: """filter"""
} }
} }

6
apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf
View File

@ -266,7 +266,7 @@ and the new rules will override all rules from the old config file.
} }
} }
selector { filter {
desc { desc {
en: """ en: """
Statement that is executed during the authorize process. Statement that is executed during the authorize process.
@ -281,8 +281,8 @@ Commands can support following wildcards:\n
- `${clientid}`: 代替客户端的客户端标识符""" - `${clientid}`: 代替客户端的客户端标识符"""
} }
label { label {
en: """selector""" en: """filter"""
zh: """selector""" zh: """filter"""
} }
} }

8
apps/emqx_authz/src/emqx_authz_api_schema.erl
View File

@ -181,7 +181,7 @@ authz_mongo_common_fields() ->
authz_common_fields(mongodb) ++ authz_common_fields(mongodb) ++
[ [
{collection, fun collection/1}, {collection, fun collection/1},
{selector, fun selector/1} {filter, fun filter/1}
]. ].
collection(type) -> binary(); collection(type) -> binary();
@ -189,11 +189,11 @@ collection(desc) -> ?DESC(?FUNCTION_NAME);
collection(required) -> true; collection(required) -> true;
collection(_) -> undefined. collection(_) -> undefined.
selector(type) -> filter(type) ->
map(); map();
selector(desc) -> filter(desc) ->
?DESC(?FUNCTION_NAME); ?DESC(?FUNCTION_NAME);
selector(_) -> filter(_) ->
undefined. undefined.
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------

14
apps/emqx_authz/src/emqx_authz_mongodb.erl
View File

@ -45,15 +45,15 @@
description() -> description() ->
"AuthZ with MongoDB". "AuthZ with MongoDB".
init(#{selector := Selector} = Source) -> init(#{filter := Filter} = Source) ->
case emqx_authz_utils:create_resource(emqx_connector_mongo, Source) of case emqx_authz_utils:create_resource(emqx_connector_mongo, Source) of
{error, Reason} -> {error, Reason} ->
error({load_config_error, Reason}); error({load_config_error, Reason});
{ok, Id} -> {ok, Id} ->
Source#{ Source#{
annotations => #{id => Id}, annotations => #{id => Id},
selector_template => emqx_authz_utils:parse_deep( filter_template => emqx_authz_utils:parse_deep(
Selector, Filter,
?PLACEHOLDERS ?PLACEHOLDERS
) )
} }
@ -68,14 +68,14 @@ authorize(
Topic, Topic,
#{ #{
collection := Collection, collection := Collection,
selector_template := SelectorTemplate, filter_template := FilterTemplate,
annotations := #{id := ResourceID} annotations := #{id := ResourceID}
} }
) -> ) ->
RenderedSelector = emqx_authz_utils:render_deep(SelectorTemplate, Client), RenderedFilter = emqx_authz_utils:render_deep(FilterTemplate, Client),
Result = Result =
try try
emqx_resource:query(ResourceID, {find, Collection, RenderedSelector, #{}}) emqx_resource:query(ResourceID, {find, Collection, RenderedFilter, #{}})
catch catch
error:Error -> {error, Error} error:Error -> {error, Error}
end, end,
@ -86,7 +86,7 @@ authorize(
msg => "query_mongo_error", msg => "query_mongo_error",
reason => Reason, reason => Reason,
collection => Collection, collection => Collection,
selector => RenderedSelector, filter => RenderedFilter,
resource_id => ResourceID resource_id => ResourceID
}), }),
nomatch; nomatch;

4
apps/emqx_authz/src/emqx_authz_schema.erl
View File

@ -199,10 +199,10 @@ mongo_common_fields() ->
required => true, required => true,
desc => ?DESC(collection) desc => ?DESC(collection)
}}, }},
{selector, #{ {filter, #{
type => map(), type => map(),
required => true, required => true,
desc => ?DESC(selector) desc => ?DESC(filter)
}} }}
]. ].

2
apps/emqx_authz/test/emqx_authz_SUITE.erl
View File

@ -91,7 +91,7 @@ set_special_configs(_App) ->
<<"database">> => <<"mqtt">>, <<"database">> => <<"mqtt">>,
<<"ssl">> => #{<<"enable">> => false}, <<"ssl">> => #{<<"enable">> => false},
<<"collection">> => <<"authz">>, <<"collection">> => <<"authz">>,
<<"selector">> => #{<<"a">> => <<"b">>} <<"filter">> => #{<<"a">> => <<"b">>}
}). }).
-define(SOURCE3, #{ -define(SOURCE3, #{
<<"type">> => <<"mysql">>, <<"type">> => <<"mysql">>,

2
apps/emqx_authz/test/emqx_authz_api_sources_SUITE.erl
View File

@ -47,7 +47,7 @@
<<"database">> => <<"mqtt">>, <<"database">> => <<"mqtt">>,
<<"ssl">> => #{<<"enable">> => false}, <<"ssl">> => #{<<"enable">> => false},
<<"collection">> => <<"fake">>, <<"collection">> => <<"fake">>,
<<"selector">> => #{<<"a">> => <<"b">>} <<"filter">> => #{<<"a">> => <<"b">>}
}). }).
-define(SOURCE3, #{ -define(SOURCE3, #{
<<"type">> => <<"mysql">>, <<"type">> => <<"mysql">>,

18
apps/emqx_authz/test/emqx_authz_mongodb_SUITE.erl
View File

@ -85,7 +85,7 @@ t_topic_rules(_Config) ->
ok = emqx_authz_test_lib:test_deny_topic_rules(ClientInfo, fun setup_client_samples/2). ok = emqx_authz_test_lib:test_deny_topic_rules(ClientInfo, fun setup_client_samples/2).
t_complex_selector(_) -> t_complex_filter(_) ->
%% atom and string values also supported %% atom and string values also supported
ClientInfo = #{ ClientInfo = #{
clientid => clientid, clientid => clientid,
@ -111,7 +111,7 @@ t_complex_selector(_) ->
ok = setup_samples(Samples), ok = setup_samples(Samples),
ok = setup_config( ok = setup_config(
#{ #{
<<"selector">> => #{ <<"filter">> => #{
<<"x">> => #{ <<"x">> => #{
<<"u">> => <<"${username}">>, <<"u">> => <<"${username}">>,
<<"c">> => [#{<<"c">> => <<"${clientid}">>}], <<"c">> => [#{<<"c">> => <<"${clientid}">>}],
@ -137,7 +137,7 @@ t_mongo_error(_Config) ->
ok = setup_samples([]), ok = setup_samples([]),
ok = setup_config( ok = setup_config(
#{<<"selector">> => #{<<"$badoperator">> => <<"$badoperator">>}} #{<<"filter">> => #{<<"$badoperator">> => <<"$badoperator">>}}
), ),
ok = emqx_authz_test_lib:test_samples( ok = emqx_authz_test_lib:test_samples(
@ -165,7 +165,7 @@ t_lookups(_Config) ->
ok = setup_samples([ByClientid]), ok = setup_samples([ByClientid]),
ok = setup_config( ok = setup_config(
#{<<"selector">> => #{<<"clientid">> => <<"${clientid}">>}} #{<<"filter">> => #{<<"clientid">> => <<"${clientid}">>}}
), ),
ok = emqx_authz_test_lib:test_samples( ok = emqx_authz_test_lib:test_samples(
@ -185,7 +185,7 @@ t_lookups(_Config) ->
ok = setup_samples([ByPeerhost]), ok = setup_samples([ByPeerhost]),
ok = setup_config( ok = setup_config(
#{<<"selector">> => #{<<"peerhost">> => <<"${peerhost}">>}} #{<<"filter">> => #{<<"peerhost">> => <<"${peerhost}">>}}
), ),
ok = emqx_authz_test_lib:test_samples( ok = emqx_authz_test_lib:test_samples(
@ -196,7 +196,7 @@ t_lookups(_Config) ->
] ]
). ).
t_bad_selector(_Config) -> t_bad_filter(_Config) ->
ClientInfo = #{ ClientInfo = #{
clientid => <<"clientid">>, clientid => <<"clientid">>,
cn => <<"cn">>, cn => <<"cn">>,
@ -208,7 +208,7 @@ t_bad_selector(_Config) ->
}, },
ok = setup_config( ok = setup_config(
#{<<"selector">> => #{<<"$in">> => #{<<"a">> => 1}}} #{<<"filter">> => #{<<"$in">> => #{<<"a">> => 1}}}
), ),
ok = emqx_authz_test_lib:test_samples( ok = emqx_authz_test_lib:test_samples(
@ -251,7 +251,7 @@ setup_client_samples(ClientInfo, Samples) ->
Samples Samples
), ),
setup_samples(Records), setup_samples(Records),
setup_config(#{<<"selector">> => #{<<"username">> => <<"${username}">>}}). setup_config(#{<<"filter">> => #{<<"username">> => <<"${username}">>}}).
reset_samples() -> reset_samples() ->
{true, _} = mc_worker_api:delete(?MONGO_CLIENT, <<"acl">>, #{}), {true, _} = mc_worker_api:delete(?MONGO_CLIENT, <<"acl">>, #{}),
@ -273,7 +273,7 @@ raw_mongo_authz_config() ->
<<"collection">> => <<"acl">>, <<"collection">> => <<"acl">>,
<<"server">> => mongo_server(), <<"server">> => mongo_server(),
<<"selector">> => #{<<"username">> => <<"${username}">>} <<"filter">> => #{<<"username">> => <<"${username}">>}
}. }.
mongo_server() -> mongo_server() ->

16
apps/emqx_connector/src/emqx_connector_mongo.erl
View File

@ -155,14 +155,14 @@ on_stop(InstId, #{poolname := PoolName}) ->
emqx_plugin_libs_pool:stop_pool(PoolName). emqx_plugin_libs_pool:stop_pool(PoolName).
on_query(InstId, on_query(InstId,
{Action, Collection, Selector, Projector}, {Action, Collection, Filter, Projector},
AfterQuery, AfterQuery,
#{poolname := PoolName} = State) -> #{poolname := PoolName} = State) ->
Request = {Action, Collection, Selector, Projector}, Request = {Action, Collection, Filter, Projector},
?TRACE("QUERY", "mongodb_connector_received", ?TRACE("QUERY", "mongodb_connector_received",
#{request => Request, connector => InstId, state => State}), #{request => Request, connector => InstId, state => State}),
case ecpool:pick_and_do(PoolName, case ecpool:pick_and_do(PoolName,
{?MODULE, mongo_query, [Action, Collection, Selector, Projector]}, {?MODULE, mongo_query, [Action, Collection, Filter, Projector]},
no_handover) of no_handover) of
{error, Reason} -> {error, Reason} ->
?SLOG(error, #{msg => "mongodb_connector_do_query_failed", ?SLOG(error, #{msg => "mongodb_connector_do_query_failed",
@ -242,14 +242,14 @@ connect(Opts) ->
WorkerOptions = proplists:get_value(worker_options, Opts, []), WorkerOptions = proplists:get_value(worker_options, Opts, []),
mongo_api:connect(Type, Hosts, Options, WorkerOptions). mongo_api:connect(Type, Hosts, Options, WorkerOptions).
mongo_query(Conn, find, Collection, Selector, Projector) -> mongo_query(Conn, find, Collection, Filter, Projector) ->
mongo_api:find(Conn, Collection, Selector, Projector); mongo_api:find(Conn, Collection, Filter, Projector);
mongo_query(Conn, find_one, Collection, Selector, Projector) -> mongo_query(Conn, find_one, Collection, Filter, Projector) ->
mongo_api:find_one(Conn, Collection, Selector, Projector); mongo_api:find_one(Conn, Collection, Filter, Projector);
%% Todo xxx %% Todo xxx
mongo_query(_Conn, _Action, _Collection, _Selector, _Projector) -> mongo_query(_Conn, _Action, _Collection, _Filter, _Projector) ->
ok. ok.
init_type(#{mongo_type := rs, replica_set_name := ReplicaSetName}) -> init_type(#{mongo_type := rs, replica_set_name := ReplicaSetName}) ->