fix: handle interpolation of unavailable info
This commit is contained in:
Thales Macedo Garitezi
parent
d3304d49b5
commit
fe0ba87fd0
|
|
@ -161,7 +161,16 @@ test_client_info() ->
|
||||||
%%--------------------------------------------------------------------
|
%%--------------------------------------------------------------------
|
||||||
|
|
||||||
replvars(VarList, ClientInfo) ->
|
replvars(VarList, ClientInfo) ->
|
||||||
lists:map(fun(Var) -> replvar(Var, ClientInfo) end, VarList).
|
lists:foldl(
|
||||||
|
fun(Var, Selector) ->
|
||||||
|
case replvar(Var, ClientInfo) of
|
||||||
|
%% assumes that all fields are binaries...
|
||||||
|
{unmatchable, Field} -> [{Field, []} | Selector];
|
||||||
|
Interpolated -> [Interpolated | Selector]
|
||||||
|
end
|
||||||
|
end,
|
||||||
|
[],
|
||||||
|
VarList).
|
||||||
|
|
||||||
replvar({Field, <<"%u">>}, #{username := Username}) ->
|
replvar({Field, <<"%u">>}, #{username := Username}) ->
|
||||||
{Field, Username};
|
{Field, Username};
|
||||||
|
|
@ -171,8 +180,8 @@ replvar({Field, <<"%C">>}, #{cn := CN}) ->
|
||||||
{Field, CN};
|
{Field, CN};
|
||||||
replvar({Field, <<"%d">>}, #{dn := DN}) ->
|
replvar({Field, <<"%d">>}, #{dn := DN}) ->
|
||||||
{Field, DN};
|
{Field, DN};
|
||||||
replvar(Selector, _ClientInfo) ->
|
replvar({Field, _PlaceHolder}, _ClientInfo) ->
|
||||||
Selector.
|
{unmatchable, Field}.
|
||||||
|
|
||||||
%%--------------------------------------------------------------------
|
%%--------------------------------------------------------------------
|
||||||
%% MongoDB Connect/Query
|
%% MongoDB Connect/Query
|
||||||
|
|
|
||||||
|
|
@ -265,6 +265,26 @@ t_authn_full_selector_variables(Config) ->
|
||||||
EnvFields),
|
EnvFields),
|
||||||
ok.
|
ok.
|
||||||
|
|
||||||
|
t_authn_interpolation_no_info(_Config) ->
|
||||||
|
Valid = #{zone => external, clientid => <<"client1">>,
|
||||||
|
username => <<"plain">>, password => <<"plain">>},
|
||||||
|
?assertMatch({ok, _}, emqx_access_control:authenticate(Valid)),
|
||||||
|
try
|
||||||
|
%% has values that are equal to placeholders
|
||||||
|
InterpolationUser = #{ <<"username">> => <<"%u">>
|
||||||
|
, <<"password">> => <<"plain">>
|
||||||
|
, <<"salt">> => <<"salt">>
|
||||||
|
, <<"is_superuser">> => true
|
||||||
|
},
|
||||||
|
{ok, Conn} = ?POOL(?APP),
|
||||||
|
{{true, _}, _} = mongo_api:insert(Conn, ?MONGO_CL_USER, InterpolationUser),
|
||||||
|
Invalid = maps:without([username], Valid),
|
||||||
|
?assertMatch({error, not_authorized}, emqx_access_control:authenticate(Invalid))
|
||||||
|
after
|
||||||
|
deinit_mongo_data(),
|
||||||
|
init_mongo_data()
|
||||||
|
end.
|
||||||
|
|
||||||
%% authenticates, but superquery returns no documents
|
%% authenticates, but superquery returns no documents
|
||||||
t_authn_empty_is_superuser_collection(_Config) ->
|
t_authn_empty_is_superuser_collection(_Config) ->
|
||||||
{ok, SuperQuery} = application:get_env(emqx_auth_mongo, super_query),
|
{ok, SuperQuery} = application:get_env(emqx_auth_mongo, super_query),
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue