yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,196 Commits 393 Branches 684 Tags 74 MiB
Commit Graph

18196 Commits

Author SHA1 Message Date
lafirest 1cd9df6461
Merge pull request #11669 from lafirest/fix/dashboard_cli 
fix(sso): refactor the `admins` CLI
 2023-09-25 16:57:18 +08:00
lafirest 42eb7059fa
Merge pull request #11667 from lafirest/fix/logout 
fix(sso): Disable access to `logout` endpoint by the `API key`
 2023-09-25 16:56:04 +08:00
firest e63d484632 fix(sso): move the config path of the SSO feature to `dashboard.sso` 2023-09-25 15:23:52 +08:00
Ivan Dyachkov e1f1c64ecd Merge branch 'release-53' into 0925-sync-r53-to-master 2023-09-25 08:12:45 +02:00
firest e94192d1fa fix(sso): refactor the `admins` CLI 
1. revert the opensource version
2. allow delete the SSO user via CLI
 2023-09-25 13:53:01 +08:00
firest 4f4868a46c fix(sso): Disable access to `logout` endpoint by the `API key` 2023-09-25 10:31:38 +08:00
JianBo He 30862a94c6 chore: typo fixes 2023-09-24 20:19:05 +08:00
JimMoen ad4fadc2fa
fix: saml login acs redirect to dashboard overview 2023-09-23 17:29:02 +08:00
JimMoen 7105f68d2d
Merge pull request #11656 from JimMoen/feat-saml-sso 
feat: saml integration for dashboard sso
 2023-09-23 12:16:24 +08:00
JianBo He f8d06614c0 chore: fix dialyzer warnings 2023-09-23 07:34:04 +08:00
Thales Macedo Garitezi 5e400575e1
Merge pull request #11637 from thalesmg/port-scan-mria-check-m-20230919 
feat: add port scan diagnostics to mria waiting for tables checks
 2023-09-22 13:04:59 -03:00
JimMoen 1dddccb448
fix(saml): cert files cleanup when destroy 2023-09-22 22:49:08 +08:00
JimMoen 80a6c1150d
fix(saml): saml login reply role `viewer` as default 2023-09-22 22:39:02 +08:00
JimMoen cc3e4e4dc5
fix(saml): drop cert and key content and return path 2023-09-22 22:37:04 +08:00
JimMoen 6349cd3910
fix(saml): sp sign request 2023-09-22 21:57:50 +08:00
JimMoen 2a8f3f9eaa
fix: saml xml metedata format 2023-09-22 21:50:43 +08:00
JimMoen a318ad486a
refactor: behavior login/2 use all http request 2023-09-22 21:50:43 +08:00
JianBo He 9181ec844f
chore: split out sso_saml_api module 2023-09-22 21:50:43 +08:00
JianBo He df94426ee3
chore: make static_check happy 2023-09-22 21:50:42 +08:00
JianBo He ec0894ca0b
chore: update esaml vsn 2023-09-22 21:50:42 +08:00
JianBo He 4a26f63bd6
chore: fix bugs 2023-09-22 21:50:41 +08:00
JianBo He 47badc3181
chore: make dialyzer happy 2023-09-22 21:49:12 +08:00
JianBo He 1c78c6bf6d
chore: fix 500 crashes when backend not existed 2023-09-22 21:49:12 +08:00
JimMoen b4fb5196cb
fix(sso): SSO management API 500 2023-09-22 21:49:12 +08:00
JimMoen bba5cc44a8
fix: keep same API path style 2023-09-22 21:49:12 +08:00
JimMoen 8300cd42d4
fix: acl url ignore auth check 2023-09-22 21:49:12 +08:00
JimMoen 44836ef5ee
chore: bump esaml vsn to v1.1.1 2023-09-22 21:49:12 +08:00
JimMoen 13666fa9f9
refactor: avoid dynamic call 2023-09-22 21:49:12 +08:00
JimMoen c9e0d4fc30
feat: saml integration for dashboard sso 2023-09-22 21:49:10 +08:00
JimMoen d9466eef63
chore: fix Dashboard RBAC license and rebar.config 2023-09-22 21:19:45 +08:00
Zaiming (Stone) Shi fd932c9bf7
Merge pull request #11660 from zmstone/0922-fix-audit-eval-command 
fix(audit): make emqx eval command auditable
 2023-09-22 14:02:47 +02:00
Zaiming (Stone) Shi a34ab19d93 fix(audit): make emqx eval command auditable 2023-09-22 12:05:45 +02:00
zhongwencool 0eed01abee fix: create ssl listener return 500 crash 2023-09-22 17:34:19 +08:00
lafirest 13b5e4dbc9
Merge pull request #11658 from lafirest/fix/sso_misc 
Fix/sso misc
 2023-09-22 14:44:39 +08:00
firest 7286d15ca6 chore(sso): adjust the schema of the SSO LDAP backend 2023-09-22 13:48:20 +08:00
firest 9e55ae240a feat(sso): add `role` into the result of login endpoints 2023-09-22 13:48:07 +08:00
firest 681e57dee6 fix(RBAC): allow read-only users to logout 2023-09-22 11:06:24 +08:00
Ivan Dyachkov 2e9f451df3
Merge pull request #11652 from id/0921-e5.3.0-code-freeze 
e5.3.0 code freeze
 2023-09-21 20:15:27 +02:00
Thales Macedo Garitezi d6935b6a67 feat: add port scan diagnostics to mria waiting for tables checks 
Fixes https://emqx.atlassian.net/browse/EMQX-10944

Also updates ekka -> 0.15.15, mria -> 0.6.4

How to test
===========

1. Start 2 or more EMQX nodes and merge them in a cluster.
2. Stop them in order.
3. Start only the first node that was stopped in the previous step.
4. Wait until the log is printed.

Or, more easily:

1. Start 2 or more EMQX nodes and merge them in a cluster.
2. Stop all but one.
3. Run `mria_mnesia:diagnosis([]).` on that node.

Example output
==============

```
   Check check_open_ports should get ok but got #{msg =>
                                                     "some ports are unreachable",
                                                 results =>
                                                     #{'emqx@172.100.239.4' =>
                                                           #{open_ports =>
                                                                 #{4370 => false,
                                                                   5370 =>
                                                                       false},
                                                             ports_to_check =>
                                                                 [4370,5370],
                                                             resolved_ips =>
                                                                 [{172,100,239,
                                                                   4}],
                                                             status =>
                                                                 bad_ports},
                                                       'emqx@172.100.239.5' =>
                                                           #{open_ports =>
                                                                 #{4370 => false,
                                                                   5370 =>
                                                                       false},
                                                             ports_to_check =>
                                                                 [4370,5370],
                                                             resolved_ips =>
                                                                 [{172,100,239,
                                                                   5}],
                                                             status =>
                                                                 bad_ports}}}
```

After one node is back:

```
   Check check_open_ports should get ok but got #{msg =>
                                                     "some ports are unreachable",
                                                 results =>
                                                     #{'emqx@172.100.239.4' =>
                                                           #{ports_to_check =>
                                                                 [4370,5370],
                                                             resolved_ips =>
                                                                 [{172,100,239,
                                                                   4}],
                                                             status => ok},
                                                       'emqx@172.100.239.5' =>
                                                           #{open_ports =>
                                                                 #{4370 => false,
                                                                   5370 =>
                                                                       false},
                                                             ports_to_check =>
                                                                 [4370,5370],
                                                             resolved_ips =>
                                                                 [{172,100,239,
                                                                   5}],
                                                             status =>
                                                                 bad_ports}}}
```
 2023-09-21 14:29:01 -03:00
Ivan Dyachkov 7cf60c5a91 chore: e5.3.0-alpha.1 2023-09-21 19:29:00 +02:00
Ivan Dyachkov ec43268eee chore: update scripts and CI to work with 5.3.X 2023-09-21 19:29:00 +02:00
Ivan Dyachkov d6a97987e2
Merge pull request #11655 from keynslug/fix/persistent-session-tcs 
test(session): fix quic testgroup in persistent session suite
 2023-09-21 19:28:16 +02:00
Andrew Mayorov acf4227fc6
test(session): fix quic testgroup in persistent session suite 
Which broker after quicer 0.0.200 upgrade.
 2023-09-21 20:52:04 +04:00
Thales Macedo Garitezi 76f614e9c5
Merge pull request #11653 from thalesmg/fix-dash-rbac-dialyzer-error-m-20230921 
chore: fix dialyzer errors on ce version
 2023-09-21 13:06:09 -03:00
Thales Macedo Garitezi 85a8c174d9 chore: fix dialyzer errors on ce version 
```
apps/emqx_dashboard/src/emqx_dashboard.erl
Line 225 Column 17: The pattern {'error', 'unauthorized_role'} can never match the type {'error','not_found' | 'token_timeout'} | {'ok',binary()}
```
 2023-09-21 11:07:31 -03:00
Andrew Mayorov b563e30615
Merge pull request #11650 from keynslug/fix/simplify-takeover-suite 
test(session): make testsuite trigger takeover logic consistently
 2023-09-21 18:02:38 +04:00
zhongwencool beea1be9f0
Merge pull request #11599 from zhongwencool/audit-log 2023-09-21 18:39:23 +08:00
Ivan Dyachkov 0a61d08a0f
Merge pull request #11651 from id/0921-sync-r52-to-master 
sync r52 to master
 2023-09-21 12:31:24 +02:00
William Yang 3a5227198e
Merge pull request #11642 from qzhuyan/dev/william/quicer-0.0.200 
quicer 0.0.200
 2023-09-21 12:20:14 +02:00
lafirest 1dce264243
Merge pull request #11649 from lafirest/fix/sso_running_authz 
fix(sso): use the correct way to mark the API as authorization-free
 2023-09-21 18:09:09 +08:00