yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,210 Commits 393 Branches 684 Tags 74 MiB
Commit Graph

529 Commits

Author SHA1 Message Date
Xinyu Liu bae811e8b4
Merge pull request #9725 from terry-xiaoyu/remove_the_auto_reconnect_field 
refactor: remove the auto_reconnect field
 2023-01-12 11:11:00 +08:00
Shawn 3e9c4f444f refactor: remove the auto_reconnect field 2023-01-11 21:47:06 +08:00
Thales Macedo Garitezi 48e1ba4832 feat(docs): add tags to schemas 
This'll allow us to split the generated `schema.json` file into
subsections for better documentation navigation.
 2023-01-11 09:10:03 -03:00
Stefan Strigler f27f573109 refactor: move to /authorization/sources/built_in_database/rules 2023-01-10 11:00:22 +01:00
Zaiming (Stone) Shi 67f2159a27
Merge pull request #9653 from zmstone/0101-authz-schema-union-member-selection 
0101 authz schema union member selection
 2023-01-09 22:17:51 +01:00
Zaiming (Stone) Shi e52f9d5920 refactor: use union member type selector for authz sources 2023-01-09 14:26:16 +01:00
Thales Macedo Garitezi c6b8e614df fix(authz_http): handle `ignore` results (request failures) 
Related issue: https://github.com/emqx/emqx/issues/9683

When the HTTP request for authz fails (e.g.: resource is down or
server is down), then the HTTP authorizer returns `ignore`, which was
not handled correctly by the authorization callback.
 2023-01-05 11:34:23 -03:00
Zaiming (Stone) Shi dbc10c2eed chore: update copyright year 2023 2023-01-02 09:22:27 +01:00
Zaiming (Stone) Shi 0ce1ca89b7 refactor: use string type for server and servers 2022-12-30 14:20:23 +01:00
Zaiming (Stone) Shi f93c22045d fix: non-empty field should not be undefined 2022-12-24 11:41:45 +01:00
Zaiming (Stone) Shi d3efb0c0ba chore: bump app versions 2022-12-23 15:10:16 +01:00
Zaiming (Stone) Shi 350023e757 fix(config): option only_fill_defaults renamed to make_serializable 2022-12-23 14:27:04 +01:00
Ilya Averyanov 6692b0c895 feat(bridge): add Redis bridge 2022-12-06 23:15:42 +03:00
Zaiming (Stone) Shi b398617614 chore: bump app versions 2022-11-28 21:12:43 +01:00
Zaiming (Stone) Shi 7ee53e5319 Merge tag 'v5.0.11' into dev/ee5.0 2022-11-28 21:02:21 +01:00
Zaiming (Stone) Shi 6ee475d9b1 fix(emqx_authz_api_mnesia): return the right matchers 2022-11-24 20:32:00 +01:00
JianBo He 9786a6c267 refactor(mgmt): convert fuzzy filter func to named func 2022-11-24 20:14:33 +01:00
JianBo He 9c7bf9d601 chore: update app.src 2022-11-24 20:14:33 +01:00
JianBo He 1fe9c105aa refactor(mgmt): smplify the node_query/cluster_query implementation 2022-11-24 20:14:33 +01:00
JianBo He 08121e7df6 fix(mgmt): optimize the speed of query tail pages 
In the previous, when you query the tail pages, all the front of rows
will be queried out and formatted. It greatly hurts the speed of query.

Currently, we only format the final result rows. i.e, the query for the
last page of data will be 10x faster.
 2022-11-24 20:14:33 +01:00
Zaiming (Stone) Shi c940b901f5 chore: fix app versions 2022-11-16 16:26:43 +01:00
Zaiming (Stone) Shi 09455edae8 Merge tag 'v5.0.10' into dev/ee5.0 2022-11-16 16:20:30 +01:00
firest c079760b0a fix(JWT): make the `exp` to be optional claim 2022-11-15 15:41:01 +08:00
Zaiming (Stone) Shi 467010e3d3 chore: bump emqx_authz app vsn 2022-11-08 17:40:34 +01:00
Stefan Strigler 0678e05e84 style: fix message returned for 404 
Co-authored-by: Zaiming (Stone) Shi <zmstone@gmail.com>
 2022-11-08 17:40:34 +01:00
Stefan Strigler ba1e19f068 fix(emqx_authz_api_sources): make schema fit to what we send 2022-11-08 17:40:34 +01:00
Stefan Strigler e0ed0855ff fix(emqx_authz_api_sources): return 'code' in response body for 404 2022-11-08 17:40:34 +01:00
Zaiming (Stone) Shi c157392452 docs: fix self-closing html tag, change </br> to <br/> 2022-10-27 13:57:18 +02:00
Zaiming (Stone) Shi bb6c3ed4ae docs: fix more zh translation desc 2022-10-27 08:39:58 +02:00
Zaiming (Stone) Shi a314950be9 docs: fix zh punctuations 2022-10-26 16:19:38 +02:00
Shawn 4135910b42 chore: merge master into dev/ee5.0 2022-09-26 09:52:33 +08:00
JimMoen 2984397e73 chore: apps vsn bump 2022-09-23 17:09:15 +08:00
JimMoen 85835256f1 Merge tag 'v5.0.8' into merge-release-v5.0.8-into-master 2022-09-23 16:06:44 +08:00
Ilya Averyanov c11afc357e fix(auth): use empty strings for absent placeholder values 2022-09-20 15:20:55 +03:00
Thales Macedo Garitezi c20ad3733a fix: check for authorization on topic before publishing last will testament 
fixes #8978

Without checking for authorization, a client can, on abnormal
termination, publish a message to any topic, including `$SYS` ones.
 2022-09-16 17:31:22 -03:00
Thales Macedo Garitezi dca522d7d3 test: add tests for publishing lwt when deny_action is disconnect 2022-09-16 15:11:54 -03:00
firest 14b5977996 feat(authz): Support `cert_common_name` and `cert_subject` in Authz 2022-09-15 18:02:54 +08:00
Xinyu Liu d9c9a1dec3
Merge pull request #8958 from JimMoen/fix-ssl-drop-invalid-certs 
fix(bridge/authz/exhook): no need to drop invalid certs
 2022-09-15 09:01:08 +08:00
JianBo He a461375b30 chore: support strip double quote in authn/authz 
more compatibility for https://github.com/emqx/emqx/pull/8827
 2022-09-14 15:25:31 +08:00
JimMoen f018b8ab49 fix(bridge/authz/exhook): no need to drop invalid certs 2022-09-14 14:08:55 +08:00
Zaiming (Stone) Shi befc4acced Merge remote-tracking branch 'origin/master' into merge-master-to-ee50-a 2022-09-06 20:31:38 +02:00
Zaiming (Stone) Shi f785da075b ci: only start required docker for integration tests 2022-09-06 19:25:53 +02:00
Zaiming (Stone) Shi dac178cbaf chore: ensure version bumps 2022-08-31 17:23:47 +02:00
firest 05bbadc8c5 chore: bump ahutz version && update CHANGES-5.0.md 2022-08-31 21:15:55 +08:00
firest 71aaf5c538 fix(authz): fix dialyzer && test case && proper error 2022-08-31 16:49:27 +08:00
JianBo He 168f44e45b fix: exhook client.authorize never be execauted 
see: https://github.com/emqx/emqx/issues/8779
 2022-08-31 14:34:02 +08:00
Shawn 1ff53ee8a9 fix(authz): don't stop emqx_resource app in test cases 2022-08-23 08:57:12 +08:00
Shawn 45352206a3 fix(auth): remove emqx_connector from testcases of authz/authn 2022-08-22 20:20:45 +08:00
Shawn b3162fe5ff fix: conflicts between master and ee5.0 2022-08-14 22:24:09 +08:00
Shawn 0cdf4b47f1 feat: add more resource creation opts 2022-08-12 13:47:45 +08:00
Ilya Averyanov 64aa30ec63 chore(authn/authz): better handling of placeholder interpolation errors 2022-08-10 18:22:37 +03:00
Shawn 35fe70b887 feat: support aysnc callback to connector modules 2022-08-10 00:34:35 +08:00
Shawn d3950b9534 fix(resource): make option 'queue_enabled' disabled by default 2022-08-10 00:34:35 +08:00
Shawn 0377d3cf61 fix: update existing testcases for new emqx_resource 2022-08-10 00:34:35 +08:00
Zhongwen Deng dd59c850e0 chore: make sure swagger's tags always titlecase 2022-07-25 16:09:17 +08:00
Zhongwen Deng a12478225a fix: fix bad swagger format 2022-07-20 16:56:07 +08:00
Zaiming (Stone) Shi e49686a276 fix(authz): should apply no rule on superuser 2022-07-08 22:35:15 +02:00
JianBo He 4c17b38102 chore: treat 200/204 as acl nomatch 2022-07-01 20:42:22 +08:00
JianBo He 83f5da8f9d fix(authz-http): fix https://github.com/emqx/emqx/pull/8377#discussion_r911743360 2022-07-01 17:46:55 +08:00
JianBo He 52b77b570f refactor: authz-http return body to reject pub/sub 2022-07-01 17:46:55 +08:00
JianBo He 8f429b5ea3
Merge pull request #8316 from zmstone/0624-chore-add-a-note-in-authz-config 
docs: refine authz file path doc
 2022-07-01 16:56:27 +08:00
JianBo He c32a416a2a
Merge pull request #8371 from HJianBo/auto-retry-auth-resource 
AuthN/Z: automaticly re-connect to disconnected resources
 2022-07-01 14:32:50 +08:00
JianBo He eac21e5b0a chore: make spellcheck happy 2022-07-01 12:10:37 +08:00
Zaiming (Stone) Shi c3ffdef872 docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf 
Co-authored-by: JianBo He <heeejianbo@163.com>
 2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi fd86e8bf0b docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf 
Co-authored-by: JianBo He <heeejianbo@163.com>
 2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi 3963856480 docs: Update apps/emqx_authz/i18n/emqx_authz_schema_i18n.conf 
Co-authored-by: JianBo He <heeejianbo@163.com>
 2022-07-01 12:10:36 +08:00
Zaiming (Stone) Shi 5ac9e9f824 docs: refine authz file path doc 2022-07-01 12:10:36 +08:00
JianBo He f8c90452cc chore: auto retry disconnected authn/authz resources 2022-07-01 12:01:39 +08:00
Zaiming (Stone) Shi 95706cf45f chore: update authz default config style 2022-06-30 08:09:38 +02:00
ieQu1 a9ec193ef8 fix(prometheus): Disable authorization for metrics scraping endpoint 2022-06-23 00:31:53 +02:00
Shawn 51efe22e57 chore: update the appup files for authz/authn 2022-06-22 15:54:37 +08:00
Shawn defacb97df fix: disabled resources for authz/authn started after emqx reboot 2022-06-22 14:34:30 +08:00
Xinyu Liu 3b00b16abe
Merge pull request #8221 from terry-xiaoyu/fix_delayed_module_disbled_after_emqx_stop 
feat: fix the hook priorities
 2022-06-16 09:42:42 +08:00
Shawn 39b1b20506 feat: fix the hook priorities 2022-06-15 19:03:40 +08:00
JianBo He 03967a83de chore(authz): make `authorization.cache.enable` required 2022-06-15 13:46:17 +08:00
firest 45aa9d604b fix(metrics): remove the client. prefix for AuthN/AuthZ metrics 2022-06-14 14:08:25 +08:00
Shawn f18eab402a fix(CI): don't use any authz sources when testing 2022-06-10 14:21:20 +08:00
Shawn f159e081fa fix: deny all subscribes to '#' topics in the default acl.conf 2022-06-10 14:21:20 +08:00
firest 86a3ac0bef fix(authz): prohibit overriding of existing client/user 2022-06-07 16:34:01 +08:00
Zhongwen Deng 91000eb342 fix: authz ct failed 2022-06-06 10:57:26 +08:00
Zhongwen Deng c7cc2e85b2 fix: add default&example for schema 2022-06-06 09:52:10 +08:00
Zhongwen Deng 9ec804ae03 feat: generate example.conf from schemas 2022-05-31 19:20:27 +08:00
Zhongwen Deng 8aa60cc0a5 feat: generate a minimized emqx.conf 2022-05-31 19:20:27 +08:00
Zaiming (Stone) Shi 2eb621ba57 fix: hint metrics merge errors 2022-05-13 21:38:51 +02:00
Ilya Averyanov 91da451803 feat(authz): add default authn-based authz source 2022-05-13 12:51:10 +03:00
Ilya Averyanov ca0c80965a
Merge pull request #7890 from savonarola/fix-jwt-acl-v5 
fix(jwt auth): improve JWT handling
 2022-05-12 19:48:37 +03:00
Ilya Averyanov e0fa07b679 fix(jwt auth): improve JWT handling 2022-05-12 12:10:47 +03:00
JimMoen 87af77ec35 refactor: do not destory resource when update authn/authz resource 2022-05-12 14:19:57 +08:00
firest 5220869dd8 fix(authz): add authz source type into the authorize logger 2022-05-11 17:54:42 +08:00
Chris Hicks 841acb7828
Merge pull request #7783 from emqx/EMQX-4199-introduce-a-new-emqx-resource-manager-module 
feat: isolate resource manager processes
 2022-05-09 18:33:01 +02:00
Chris 0b3e30e813 feat: isolate resource manager processes 2022-05-09 13:24:34 +02:00
EMQ-YangM 30b3060327 fix: improve authn, authz metrics 2022-05-05 18:53:31 +08:00
JianBo He d36d27c533
Merge pull request #7781 from HJianBo/rename-acl-metrics 
feat(metrics): refactor authz metrics name
 2022-04-29 16:52:43 +08:00
JianBo He 344a754674
Merge pull request #7817 from JimMoen/fix-auth-http 2022-04-29 16:36:10 +08:00
JianBo He 1632df9ebb
Merge pull request #7837 from EMQ-YangM/reduce_duplicate_field 
fix: reduce duplicate field
 2022-04-29 15:50:27 +08:00
JianBo He 7bbed713f4
Merge pull request #7835 from JimMoen/fix-mongo-require-fields 
fix(auth): mongo field `filter` not required and have default value
 2022-04-29 15:38:54 +08:00
JianBo He 4989ce7a0d test(authz-jwt): fix flaky test t_check_expire 2022-04-29 15:20:05 +08:00
JianBo He 1597ea50c1 feat(metrics): refactor authz metrics name 
In the current implementation:
```
Authz checking times = client.authorize + client.authorization.cache_hit
                     = client.authorization.allow + client.authorization.deny

client.authorize means how many times the `client.authorize` hook has been executed.

client.authorize = client.authorization.matched.allow +
                   client.authorization.matched.deny +
                   client.authorization.nomatch
```
 2022-04-29 15:20:05 +08:00
EMQ-YangM 110f0d0e94 fix: reduce duplicate field 2022-04-29 14:37:49 +08:00
JimMoen ad4b70c27e fix(auth): mongo field `filter` not required and have default value 2022-04-29 13:37:29 +08:00