Commit Graph

489 Commits

Author SHA1 Message Date
Zaiming (Stone) Shi befc4acced Merge remote-tracking branch 'origin/master' into merge-master-to-ee50-a 2022-09-06 20:31:38 +02:00
Zaiming (Stone) Shi f785da075b ci: only start required docker for integration tests 2022-09-06 19:25:53 +02:00
Zaiming (Stone) Shi dac178cbaf chore: ensure version bumps 2022-08-31 17:23:47 +02:00
firest 05bbadc8c5 chore: bump ahutz version && update CHANGES-5.0.md 2022-08-31 21:15:55 +08:00
firest 71aaf5c538 fix(authz): fix dialyzer && test case && proper error 2022-08-31 16:49:27 +08:00
JianBo He 168f44e45b fix: exhook client.authorize never be execauted
see: https://github.com/emqx/emqx/issues/8779
2022-08-31 14:34:02 +08:00
Shawn 1ff53ee8a9 fix(authz): don't stop emqx_resource app in test cases 2022-08-23 08:57:12 +08:00
Shawn 45352206a3 fix(auth): remove emqx_connector from testcases of authz/authn 2022-08-22 20:20:45 +08:00
Shawn b3162fe5ff fix: conflicts between master and ee5.0 2022-08-14 22:24:09 +08:00
Shawn 0cdf4b47f1 feat: add more resource creation opts 2022-08-12 13:47:45 +08:00
Ilya Averyanov 64aa30ec63 chore(authn/authz): better handling of placeholder interpolation errors 2022-08-10 18:22:37 +03:00
Shawn 35fe70b887 feat: support aysnc callback to connector modules 2022-08-10 00:34:35 +08:00
Shawn d3950b9534 fix(resource): make option 'queue_enabled' disabled by default 2022-08-10 00:34:35 +08:00
Shawn 0377d3cf61 fix: update existing testcases for new emqx_resource 2022-08-10 00:34:35 +08:00
Zhongwen Deng dd59c850e0 chore: make sure swagger's tags always titlecase 2022-07-25 16:09:17 +08:00
Zhongwen Deng a12478225a fix: fix bad swagger format 2022-07-20 16:56:07 +08:00
Zaiming (Stone) Shi e49686a276 fix(authz): should apply no rule on superuser 2022-07-08 22:35:15 +02:00
JianBo He 4c17b38102 chore: treat 200/204 as acl nomatch 2022-07-01 20:42:22 +08:00
JianBo He 83f5da8f9d fix(authz-http): fix https://github.com/emqx/emqx/pull/8377#discussion_r911743360 2022-07-01 17:46:55 +08:00
JianBo He 52b77b570f refactor: authz-http return body to reject pub/sub 2022-07-01 17:46:55 +08:00
JianBo He 8f429b5ea3
Merge pull request #8316 from zmstone/0624-chore-add-a-note-in-authz-config
docs: refine authz file path doc
2022-07-01 16:56:27 +08:00
JianBo He c32a416a2a
Merge pull request #8371 from HJianBo/auto-retry-auth-resource
AuthN/Z: automaticly re-connect to disconnected resources
2022-07-01 14:32:50 +08:00
JianBo He eac21e5b0a chore: make spellcheck happy 2022-07-01 12:10:37 +08:00
Zaiming (Stone) Shi c3ffdef872 docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf
Co-authored-by: JianBo He <heeejianbo@163.com>
2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi fd86e8bf0b docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf
Co-authored-by: JianBo He <heeejianbo@163.com>
2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi 3963856480 docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf
Co-authored-by: JianBo He <heeejianbo@163.com>
2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi 5ac9e9f824 docs: refine authz file path doc 2022-07-01 12:10:36 +08:00
JianBo He f8c90452cc chore: auto retry disconnected authn/authz resources 2022-07-01 12:01:39 +08:00
Zaiming (Stone) Shi 95706cf45f chore: update authz default config style 2022-06-30 08:09:38 +02:00
ieQu1 a9ec193ef8 fix(prometheus): Disable authorization for metrics scraping endpoint 2022-06-23 00:31:53 +02:00
Shawn 51efe22e57 chore: update the appup files for authz/authn 2022-06-22 15:54:37 +08:00
Shawn defacb97df fix: disabled resources for authz/authn started after emqx reboot 2022-06-22 14:34:30 +08:00
Xinyu Liu 3b00b16abe
Merge pull request #8221 from terry-xiaoyu/fix_delayed_module_disbled_after_emqx_stop
feat: fix the hook priorities
2022-06-16 09:42:42 +08:00
Shawn 39b1b20506 feat: fix the hook priorities 2022-06-15 19:03:40 +08:00
JianBo He 03967a83de chore(authz): make `authorization.cache.enable` required 2022-06-15 13:46:17 +08:00
firest 45aa9d604b fix(metrics): remove the client. prefix for AuthN/AuthZ metrics 2022-06-14 14:08:25 +08:00
Shawn f18eab402a fix(CI): don't use any authz sources when testing 2022-06-10 14:21:20 +08:00
Shawn f159e081fa fix: deny all subscribes to '#' topics in the default acl.conf 2022-06-10 14:21:20 +08:00
firest 86a3ac0bef fix(authz): prohibit overriding of existing client/user 2022-06-07 16:34:01 +08:00
Zhongwen Deng 91000eb342 fix: authz ct failed 2022-06-06 10:57:26 +08:00
Zhongwen Deng c7cc2e85b2 fix: add default&example for schema 2022-06-06 09:52:10 +08:00
Zhongwen Deng 9ec804ae03 feat: generate example.conf from schemas 2022-05-31 19:20:27 +08:00
Zhongwen Deng 8aa60cc0a5 feat: generate a minimized emqx.conf 2022-05-31 19:20:27 +08:00
Zaiming (Stone) Shi 2eb621ba57 fix: hint metrics merge errors 2022-05-13 21:38:51 +02:00
Ilya Averyanov 91da451803 feat(authz): add default authn-based authz source 2022-05-13 12:51:10 +03:00
Ilya Averyanov ca0c80965a
Merge pull request #7890 from savonarola/fix-jwt-acl-v5
fix(jwt auth): improve JWT handling
2022-05-12 19:48:37 +03:00
Ilya Averyanov e0fa07b679 fix(jwt auth): improve JWT handling 2022-05-12 12:10:47 +03:00
JimMoen 87af77ec35 refactor: do not destory resource when update authn/authz resource 2022-05-12 14:19:57 +08:00
firest 5220869dd8 fix(authz): add authz source type into the authorize logger 2022-05-11 17:54:42 +08:00
Chris Hicks 841acb7828
Merge pull request #7783 from emqx/EMQX-4199-introduce-a-new-emqx-resource-manager-module
feat: isolate resource manager processes
2022-05-09 18:33:01 +02:00
Chris 0b3e30e813 feat: isolate resource manager processes 2022-05-09 13:24:34 +02:00
EMQ-YangM 30b3060327 fix: improve authn, authz metrics 2022-05-05 18:53:31 +08:00
JianBo He d36d27c533
Merge pull request #7781 from HJianBo/rename-acl-metrics
feat(metrics): refactor authz metrics name
2022-04-29 16:52:43 +08:00
JianBo He 344a754674
Merge pull request #7817 from JimMoen/fix-auth-http 2022-04-29 16:36:10 +08:00
JianBo He 1632df9ebb
Merge pull request #7837 from EMQ-YangM/reduce_duplicate_field
fix: reduce duplicate field
2022-04-29 15:50:27 +08:00
JianBo He 7bbed713f4
Merge pull request #7835 from JimMoen/fix-mongo-require-fields
fix(auth): mongo field `filter` not required and have default value
2022-04-29 15:38:54 +08:00
JianBo He 4989ce7a0d test(authz-jwt): fix flaky test t_check_expire 2022-04-29 15:20:05 +08:00
JianBo He 1597ea50c1 feat(metrics): refactor authz metrics name
In the current implementation:
```
Authz checking times = client.authorize + client.authorization.cache_hit
                     = client.authorization.allow + client.authorization.deny

client.authorize means how many times the `client.authorize` hook has been executed.

client.authorize = client.authorization.matched.allow +
                   client.authorization.matched.deny +
                   client.authorization.nomatch
```
2022-04-29 15:20:05 +08:00
EMQ-YangM 110f0d0e94 fix: reduce duplicate field 2022-04-29 14:37:49 +08:00
JimMoen ad4b70c27e fix(auth): mongo field `filter` not required and have default value 2022-04-29 13:37:29 +08:00
JimMoen 5f75f6e3be docs: refine auth http i18n description 2022-04-29 12:48:21 +08:00
JimMoen c1dfd0aa36 test(auth): authn & authz http placeholder in HTTP path 2022-04-29 12:48:17 +08:00
JimMoen 15ef9892c5 fix(auth): authn & authz http support placeholder in HTTP path 2022-04-29 12:48:00 +08:00
JimMoen dae418ae4a fix(auth): authn & authz http not required `body` field 2022-04-29 12:47:56 +08:00
JimMoen e4826400b8 fix(auth): authn & authz HTTP haeders without `content-type` via GET method 2022-04-29 12:47:52 +08:00
EMQ-YangM 4a6dabbe57 fix: rename to emqx_metrics_worker 2022-04-29 12:41:36 +08:00
Yang Miao 7061d94cf9
Merge pull request #7823 from EMQ-YangM/authz_add_metrics
feat: new authz metrics
2022-04-29 11:27:59 +08:00
EMQ-YangM 3fa8447c85 fix: fix static check warning, add some fields schema 2022-04-29 10:32:52 +08:00
EMQ-YangM 712cdb3152 fix: fix static check error 2022-04-29 09:11:06 +08:00
EMQ-YangM 6879df9c5c fix: respect atom name convention 2022-04-29 08:59:51 +08:00
EMQ-YangM 3e314f6785 fix: rewrite status_metrics_example 2022-04-29 00:44:22 +08:00
EMQ-YangM f91a6b9f00 fix: authz add metrics_and_status schema 2022-04-29 00:37:21 +08:00
EMQ-YangM a6920ac11b feat: new authz metrics 2022-04-28 22:01:40 +08:00
zhouzb bd0d0d9797
Merge branch 'master' into chore/authn-fields 2022-04-28 16:09:26 +08:00
Xinyu Liu 46e993fa81
Merge pull request #7786 from terry-xiaoyu/save_tls_files_for_bridges
Save tls files for bridges
2022-04-27 21:48:18 +08:00
JianBo He eb39a8476f
Merge pull request #7769 from HJianBo/zh-for-jwt
chore(i18n): translate jwt fields to zh
2022-04-27 17:49:51 +08:00
Shawn 46550d5a6f fix: don't remote the cert files when updating authz 2022-04-27 14:07:33 +08:00
zhouzb 7ddd020dd2 docs: improve desc for filter field 2022-04-27 11:29:18 +08:00
zhouzb fa9bd74595 chore: rename selector to filter and fix spellcheck 2022-04-27 11:29:18 +08:00
JimMoen a75f42d629 docs: add missing i18n trans and make spellcheck happy 2022-04-27 11:00:22 +08:00
JianBo He 3858c2353a chore(i18n): translate jwt fields to zh 2022-04-26 21:48:55 +08:00
JianBo He 9f35dd7f80
Merge pull request #7730 from savonarola/jwt-authz
feat(emqx_auth_jwt): use JWT for ACL checks
2022-04-26 14:18:50 +08:00
Zaiming (Stone) Shi a4feb3e6e9 style: reformat emqx_auto_subscribe and emqx_conf 2022-04-25 18:05:10 +02:00
Ilya Averyanov fc2ea9e484 feat(emqx_auth_jwt): use JWT for ACL checks 2022-04-25 11:59:04 +03:00
EMQ-YangM 2d553d711f fix: 'ComFun' missing parameter 2022-04-25 11:38:48 +08:00
JimMoen e9843aa225 fix(doc): html line break use `</br>` 2022-04-24 18:56:21 +08:00
JimMoen 14e0296221
Merge pull request #7728 from zhongwencool/fix-swagger
fix: swagger crash/ copy conf failed from core node
2022-04-22 20:49:21 +08:00
JimMoen 1fab779db8 fix(i18n): rm double quotes in i18n confs, add missing translation 2022-04-22 19:26:44 +08:00
Zhongwen Deng 3de0d71d00 fix: swagger crash 2022-04-22 17:25:53 +08:00
Yang Miao 4a43a10296
Merge pull request #7701 from EMQ-YangM/improve_docs
fix: improve document quality
2022-04-22 16:52:09 +08:00
EMQ-YangM 625223c2b5 test: fix redis_type 2022-04-22 11:07:50 +08:00
JimMoen 11d2ae117c docs: authz i18n zh_CN support 2022-04-22 10:40:34 +08:00
DDDHuang 4b7a5bbf53 fix: bad empty map 2022-04-21 21:26:35 +08:00
EMQ-YangM 5d9df74be7 test: fix required fields 2022-04-21 18:47:02 +08:00
DDDHuang 75f612a449 fix: bad SUITE & bad code 2022-04-21 18:30:51 +08:00
DDDHuang 7417e5070d fix: perpare sql when connector doing init; add prepare statement field; bad log path 2022-04-21 16:00:15 +08:00
DDDHuang 2aedd38a43 fix: authz mysql prepare query 2022-04-21 16:00:15 +08:00
DDDHuang 039619ee23 feat: authz & authn mysql resource support prepare sql query 2022-04-21 16:00:15 +08:00
JimMoen 341973880d fix(authz): refine authz-http api with default headers 2022-04-19 18:57:01 +08:00
JimMoen 14a97d777d fix(authz): api required fields 2022-04-19 18:57:01 +08:00