yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,078 Commits 393 Branches 684 Tags 74 MiB
Commit Graph

506 Commits

Author SHA1 Message Date
Zaiming (Stone) Shi 467010e3d3 chore: bump emqx_authz app vsn 2022-11-08 17:40:34 +01:00
Stefan Strigler 0678e05e84 style: fix message returned for 404 
Co-authored-by: Zaiming (Stone) Shi <zmstone@gmail.com>
 2022-11-08 17:40:34 +01:00
Stefan Strigler ba1e19f068 fix(emqx_authz_api_sources): make schema fit to what we send 2022-11-08 17:40:34 +01:00
Stefan Strigler e0ed0855ff fix(emqx_authz_api_sources): return 'code' in response body for 404 2022-11-08 17:40:34 +01:00
Zaiming (Stone) Shi c157392452 docs: fix self-closing html tag, change </br> to <br/> 2022-10-27 13:57:18 +02:00
Zaiming (Stone) Shi bb6c3ed4ae docs: fix more zh translation desc 2022-10-27 08:39:58 +02:00
Zaiming (Stone) Shi a314950be9 docs: fix zh punctuations 2022-10-26 16:19:38 +02:00
Shawn 4135910b42 chore: merge master into dev/ee5.0 2022-09-26 09:52:33 +08:00
JimMoen 2984397e73 chore: apps vsn bump 2022-09-23 17:09:15 +08:00
JimMoen 85835256f1 Merge tag 'v5.0.8' into merge-release-v5.0.8-into-master 2022-09-23 16:06:44 +08:00
Ilya Averyanov c11afc357e fix(auth): use empty strings for absent placeholder values 2022-09-20 15:20:55 +03:00
Thales Macedo Garitezi c20ad3733a fix: check for authorization on topic before publishing last will testament 
fixes #8978

Without checking for authorization, a client can, on abnormal
termination, publish a message to any topic, including `$SYS` ones.
 2022-09-16 17:31:22 -03:00
Thales Macedo Garitezi dca522d7d3 test: add tests for publishing lwt when deny_action is disconnect 2022-09-16 15:11:54 -03:00
firest 14b5977996 feat(authz): Support `cert_common_name` and `cert_subject` in Authz 2022-09-15 18:02:54 +08:00
Xinyu Liu d9c9a1dec3
Merge pull request #8958 from JimMoen/fix-ssl-drop-invalid-certs 
fix(bridge/authz/exhook): no need to drop invalid certs
 2022-09-15 09:01:08 +08:00
JianBo He a461375b30 chore: support strip double quote in authn/authz 
more compatibility for https://github.com/emqx/emqx/pull/8827
 2022-09-14 15:25:31 +08:00
JimMoen f018b8ab49 fix(bridge/authz/exhook): no need to drop invalid certs 2022-09-14 14:08:55 +08:00
Zaiming (Stone) Shi befc4acced Merge remote-tracking branch 'origin/master' into merge-master-to-ee50-a 2022-09-06 20:31:38 +02:00
Zaiming (Stone) Shi f785da075b ci: only start required docker for integration tests 2022-09-06 19:25:53 +02:00
Zaiming (Stone) Shi dac178cbaf chore: ensure version bumps 2022-08-31 17:23:47 +02:00
firest 05bbadc8c5 chore: bump ahutz version && update CHANGES-5.0.md 2022-08-31 21:15:55 +08:00
firest 71aaf5c538 fix(authz): fix dialyzer && test case && proper error 2022-08-31 16:49:27 +08:00
JianBo He 168f44e45b fix: exhook client.authorize never be execauted 
see: https://github.com/emqx/emqx/issues/8779
 2022-08-31 14:34:02 +08:00
Shawn 1ff53ee8a9 fix(authz): don't stop emqx_resource app in test cases 2022-08-23 08:57:12 +08:00
Shawn 45352206a3 fix(auth): remove emqx_connector from testcases of authz/authn 2022-08-22 20:20:45 +08:00
Shawn b3162fe5ff fix: conflicts between master and ee5.0 2022-08-14 22:24:09 +08:00
Shawn 0cdf4b47f1 feat: add more resource creation opts 2022-08-12 13:47:45 +08:00
Ilya Averyanov 64aa30ec63 chore(authn/authz): better handling of placeholder interpolation errors 2022-08-10 18:22:37 +03:00
Shawn 35fe70b887 feat: support aysnc callback to connector modules 2022-08-10 00:34:35 +08:00
Shawn d3950b9534 fix(resource): make option 'queue_enabled' disabled by default 2022-08-10 00:34:35 +08:00
Shawn 0377d3cf61 fix: update existing testcases for new emqx_resource 2022-08-10 00:34:35 +08:00
Zhongwen Deng dd59c850e0 chore: make sure swagger's tags always titlecase 2022-07-25 16:09:17 +08:00
Zhongwen Deng a12478225a fix: fix bad swagger format 2022-07-20 16:56:07 +08:00
Zaiming (Stone) Shi e49686a276 fix(authz): should apply no rule on superuser 2022-07-08 22:35:15 +02:00
JianBo He 4c17b38102 chore: treat 200/204 as acl nomatch 2022-07-01 20:42:22 +08:00
JianBo He 83f5da8f9d fix(authz-http): fix https://github.com/emqx/emqx/pull/8377#discussion_r911743360 2022-07-01 17:46:55 +08:00
JianBo He 52b77b570f refactor: authz-http return body to reject pub/sub 2022-07-01 17:46:55 +08:00
JianBo He 8f429b5ea3
Merge pull request #8316 from zmstone/0624-chore-add-a-note-in-authz-config 
docs: refine authz file path doc
 2022-07-01 16:56:27 +08:00
JianBo He c32a416a2a
Merge pull request #8371 from HJianBo/auto-retry-auth-resource 
AuthN/Z: automaticly re-connect to disconnected resources
 2022-07-01 14:32:50 +08:00
JianBo He eac21e5b0a chore: make spellcheck happy 2022-07-01 12:10:37 +08:00
Zaiming (Stone) Shi c3ffdef872 docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf 
Co-authored-by: JianBo He <heeejianbo@163.com>
 2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi fd86e8bf0b docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf 
Co-authored-by: JianBo He <heeejianbo@163.com>
 2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi 3963856480 docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf 
Co-authored-by: JianBo He <heeejianbo@163.com>
 2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi 5ac9e9f824 docs: refine authz file path doc 2022-07-01 12:10:36 +08:00
JianBo He f8c90452cc chore: auto retry disconnected authn/authz resources 2022-07-01 12:01:39 +08:00
Zaiming (Stone) Shi 95706cf45f chore: update authz default config style 2022-06-30 08:09:38 +02:00
ieQu1 a9ec193ef8 fix(prometheus): Disable authorization for metrics scraping endpoint 2022-06-23 00:31:53 +02:00
Shawn 51efe22e57 chore: update the appup files for authz/authn 2022-06-22 15:54:37 +08:00
Shawn defacb97df fix: disabled resources for authz/authn started after emqx reboot 2022-06-22 14:34:30 +08:00
Xinyu Liu 3b00b16abe
Merge pull request #8221 from terry-xiaoyu/fix_delayed_module_disbled_after_emqx_stop 
feat: fix the hook priorities
 2022-06-16 09:42:42 +08:00
Shawn 39b1b20506 feat: fix the hook priorities 2022-06-15 19:03:40 +08:00
JianBo He 03967a83de chore(authz): make `authorization.cache.enable` required 2022-06-15 13:46:17 +08:00
firest 45aa9d604b fix(metrics): remove the client. prefix for AuthN/AuthZ metrics 2022-06-14 14:08:25 +08:00
Shawn f18eab402a fix(CI): don't use any authz sources when testing 2022-06-10 14:21:20 +08:00
Shawn f159e081fa fix: deny all subscribes to '#' topics in the default acl.conf 2022-06-10 14:21:20 +08:00
firest 86a3ac0bef fix(authz): prohibit overriding of existing client/user 2022-06-07 16:34:01 +08:00
Zhongwen Deng 91000eb342 fix: authz ct failed 2022-06-06 10:57:26 +08:00
Zhongwen Deng c7cc2e85b2 fix: add default&example for schema 2022-06-06 09:52:10 +08:00
Zhongwen Deng 9ec804ae03 feat: generate example.conf from schemas 2022-05-31 19:20:27 +08:00
Zhongwen Deng 8aa60cc0a5 feat: generate a minimized emqx.conf 2022-05-31 19:20:27 +08:00
Zaiming (Stone) Shi 2eb621ba57 fix: hint metrics merge errors 2022-05-13 21:38:51 +02:00
Ilya Averyanov 91da451803 feat(authz): add default authn-based authz source 2022-05-13 12:51:10 +03:00
Ilya Averyanov ca0c80965a
Merge pull request #7890 from savonarola/fix-jwt-acl-v5 
fix(jwt auth): improve JWT handling
 2022-05-12 19:48:37 +03:00
Ilya Averyanov e0fa07b679 fix(jwt auth): improve JWT handling 2022-05-12 12:10:47 +03:00
JimMoen 87af77ec35 refactor: do not destory resource when update authn/authz resource 2022-05-12 14:19:57 +08:00
firest 5220869dd8 fix(authz): add authz source type into the authorize logger 2022-05-11 17:54:42 +08:00
Chris Hicks 841acb7828
Merge pull request #7783 from emqx/EMQX-4199-introduce-a-new-emqx-resource-manager-module 
feat: isolate resource manager processes
 2022-05-09 18:33:01 +02:00
Chris 0b3e30e813 feat: isolate resource manager processes 2022-05-09 13:24:34 +02:00
EMQ-YangM 30b3060327 fix: improve authn, authz metrics 2022-05-05 18:53:31 +08:00
JianBo He d36d27c533
Merge pull request #7781 from HJianBo/rename-acl-metrics 
feat(metrics): refactor authz metrics name
 2022-04-29 16:52:43 +08:00
JianBo He 344a754674
Merge pull request #7817 from JimMoen/fix-auth-http 2022-04-29 16:36:10 +08:00
JianBo He 1632df9ebb
Merge pull request #7837 from EMQ-YangM/reduce_duplicate_field 
fix: reduce duplicate field
 2022-04-29 15:50:27 +08:00
JianBo He 7bbed713f4
Merge pull request #7835 from JimMoen/fix-mongo-require-fields 
fix(auth): mongo field `filter` not required and have default value
 2022-04-29 15:38:54 +08:00
JianBo He 4989ce7a0d test(authz-jwt): fix flaky test t_check_expire 2022-04-29 15:20:05 +08:00
JianBo He 1597ea50c1 feat(metrics): refactor authz metrics name 
In the current implementation:
```
Authz checking times = client.authorize + client.authorization.cache_hit
                     = client.authorization.allow + client.authorization.deny

client.authorize means how many times the `client.authorize` hook has been executed.

client.authorize = client.authorization.matched.allow +
                   client.authorization.matched.deny +
                   client.authorization.nomatch
```
 2022-04-29 15:20:05 +08:00
EMQ-YangM 110f0d0e94 fix: reduce duplicate field 2022-04-29 14:37:49 +08:00
JimMoen ad4b70c27e fix(auth): mongo field `filter` not required and have default value 2022-04-29 13:37:29 +08:00
JimMoen 5f75f6e3be docs: refine auth http i18n description 2022-04-29 12:48:21 +08:00
JimMoen c1dfd0aa36 test(auth): authn & authz http placeholder in HTTP path 2022-04-29 12:48:17 +08:00
JimMoen 15ef9892c5 fix(auth): authn & authz http support placeholder in HTTP path 2022-04-29 12:48:00 +08:00
JimMoen dae418ae4a fix(auth): authn & authz http not required `body` field 2022-04-29 12:47:56 +08:00
JimMoen e4826400b8 fix(auth): authn & authz HTTP haeders without `content-type` via GET method 2022-04-29 12:47:52 +08:00
EMQ-YangM 4a6dabbe57 fix: rename to emqx_metrics_worker 2022-04-29 12:41:36 +08:00
Yang Miao 7061d94cf9
Merge pull request #7823 from EMQ-YangM/authz_add_metrics 
feat: new authz metrics
 2022-04-29 11:27:59 +08:00
EMQ-YangM 3fa8447c85 fix: fix static check warning, add some fields schema 2022-04-29 10:32:52 +08:00
EMQ-YangM 712cdb3152 fix: fix static check error 2022-04-29 09:11:06 +08:00
EMQ-YangM 6879df9c5c fix: respect atom name convention 2022-04-29 08:59:51 +08:00
EMQ-YangM 3e314f6785 fix: rewrite status_metrics_example 2022-04-29 00:44:22 +08:00
EMQ-YangM f91a6b9f00 fix: authz add metrics_and_status schema 2022-04-29 00:37:21 +08:00
EMQ-YangM a6920ac11b feat: new authz metrics 2022-04-28 22:01:40 +08:00
zhouzb bd0d0d9797
Merge branch 'master' into chore/authn-fields 2022-04-28 16:09:26 +08:00
Xinyu Liu 46e993fa81
Merge pull request #7786 from terry-xiaoyu/save_tls_files_for_bridges 
Save tls files for bridges
 2022-04-27 21:48:18 +08:00
JianBo He eb39a8476f
Merge pull request #7769 from HJianBo/zh-for-jwt 
chore(i18n): translate jwt fields to zh
 2022-04-27 17:49:51 +08:00
Shawn 46550d5a6f fix: don't remote the cert files when updating authz 2022-04-27 14:07:33 +08:00
zhouzb 7ddd020dd2 docs: improve desc for filter field 2022-04-27 11:29:18 +08:00
zhouzb fa9bd74595 chore: rename selector to filter and fix spellcheck 2022-04-27 11:29:18 +08:00
JimMoen a75f42d629 docs: add missing i18n trans and make spellcheck happy 2022-04-27 11:00:22 +08:00
JianBo He 3858c2353a chore(i18n): translate jwt fields to zh 2022-04-26 21:48:55 +08:00
JianBo He 9f35dd7f80
Merge pull request #7730 from savonarola/jwt-authz 
feat(emqx_auth_jwt): use JWT for ACL checks
 2022-04-26 14:18:50 +08:00
Zaiming (Stone) Shi a4feb3e6e9 style: reformat emqx_auto_subscribe and emqx_conf 2022-04-25 18:05:10 +02:00