2 jaren geleden · 0c2610fa61
--- a/apps/emqx_prometheus/src/emqx_prometheus_api.erl
+++ b/apps/emqx_prometheus/src/emqx_prometheus_api.erl
@@ -68,12 +68,17 @@ schema("/prometheus/stats") ->
 
				             #{
			
 
				                 description => ?DESC(get_prom_data),
			
 
				                 tags => ?TAGS,
			
 
				-                security => [],
			
 
				+                security => security(),
			
 
				                 responses =>
			
 
				                     #{200 => prometheus_data_schema()}
			
 
				             }
			
 
				     }.
			
 
				 
			
 
				+security() ->
			
 
				+    case emqx_config:get([prometheus, enable_basic_auth], false) of
			
 
				+        true -> [#{'basicAuth' => []}, #{'bearerAuth' => []}];
			
 
				+        false -> []
			
 
				+    end.
			
 
				 %%--------------------------------------------------------------------
			
 
				 %% API Handler funcs
			
 
				 %%--------------------------------------------------------------------
			
--- a/apps/emqx_prometheus/src/emqx_prometheus_config.erl
+++ b/apps/emqx_prometheus/src/emqx_prometheus_config.erl
@@ -46,9 +46,10 @@ remove_handler() ->
 
				     ok = emqx_config_handler:remove_handler(?PROMETHEUS),
			
 
				     ok.
			
 
				 
			
 
				-post_config_update(?PROMETHEUS, _Req, New, _Old, AppEnvs) ->
			
 
				+post_config_update(?PROMETHEUS, _Req, New, Old, AppEnvs) ->
			
 
				     update_prometheus(AppEnvs),
			
 
				-    update_push_gateway(New);
			
 
				+    update_push_gateway(New),
			
 
				+    update_auth(New, Old);
			
 
				 post_config_update(_ConfPath, _Req, _NewConf, _OldConf, _AppEnvs) ->
			
 
				     ok.
			
 
				 
			
@@ -76,6 +77,12 @@ update_push_gateway(Prometheus) ->
 
				             emqx_prometheus_sup:stop_child(?APP)
			
 
				     end.
			
 
				 
			
 
				+update_auth(#{enable_basic_auth := New}, #{enable_basic_auth := Old}) when New =/= Old ->
			
 
				+    emqx_dashboard_listener:regenerate_minirest_dispatch(),
			
 
				+    ok;
			
 
				+update_auth(_, _) ->
			
 
				+    ok.
			
 
				+
			
 
				 conf() ->
			
 
				     emqx_config:get(?PROMETHEUS).
			
 
				 
			
--- a/apps/emqx_prometheus/test/emqx_prometheus_api_SUITE.erl
+++ b/apps/emqx_prometheus/test/emqx_prometheus_api_SUITE.erl
@@ -36,8 +36,8 @@ all() ->
 
				 
			
 
				 groups() ->
			
 
				     [
			
 
				-        {new_config, [sequence], [t_stats_api, t_prometheus_api]},
			
 
				-        {legacy_config, [sequence], [t_stats_api, t_legacy_prometheus_api]}
			
 
				+        {new_config, [sequence], [t_stats_auth_api, t_stats_no_auth_api, t_prometheus_api]},
			
 
				+        {legacy_config, [sequence], [t_stats_no_auth_api, t_legacy_prometheus_api]}
			
 
				     ].
			
 
				 
			
 
				 init_per_suite(Config) ->
			
@@ -263,21 +263,34 @@ t_prometheus_api(_) ->
 
				     ),
			
 
				     ok.
			
 
				 
			
 
				-t_stats_api(_) ->
			
 
				-    Path = emqx_mgmt_api_test_util:api_path(["prometheus", "stats"]),
			
 
				+t_stats_no_auth_api(_) ->
			
 
				+    %% undefined is legacy prometheus
			
 
				+    case emqx:get_config([prometheus, enable_basic_auth], undefined) of
			
 
				+        true ->
			
 
				+            {ok, _} = emqx:update_config([prometheus, enable_basic_auth], false),
			
 
				+            emqx_dashboard_listener:regenerate_minirest_dispatch();
			
 
				+        _ ->
			
 
				+            ok
			
 
				+    end,
			
 
				+    emqx_dashboard_listener:regenerate_minirest_dispatch(),
			
 
				+    Json = [{"accept", "application/json"}],
			
 
				+    request_stats(Json, []).
			
 
				+
			
 
				+t_stats_auth_api(_) ->
			
 
				+    {ok, _} = emqx:update_config([prometheus, enable_basic_auth], true),
			
 
				     Auth = emqx_mgmt_api_test_util:auth_header_(),
			
 
				-    Headers = [{"accept", "application/json"}, Auth],
			
 
				-    {ok, Response} = emqx_mgmt_api_test_util:request_api(get, Path, "", Headers),
			
 
				+    JsonAuth = [{"accept", "application/json"}, Auth],
			
 
				+    request_stats(JsonAuth, Auth),
			
 
				+    ok.
			
 
				 
			
 
				+request_stats(JsonAuth, Auth) ->
			
 
				+    Path = emqx_mgmt_api_test_util:api_path(["prometheus", "stats"]),
			
 
				+    {ok, Response} = emqx_mgmt_api_test_util:request_api(get, Path, "", JsonAuth),
			
 
				     Data = emqx_utils_json:decode(Response, [return_maps]),
			
 
				     ?assertMatch(#{<<"client">> := _, <<"delivery">> := _}, Data),
			
 
				-
			
 
				     {ok, _} = emqx_mgmt_api_test_util:request_api(get, Path, "", Auth),
			
 
				-
			
 
				     ok = meck:expect(mria_rlog, backend, fun() -> rlog end),
			
 
				-    {ok, _} = emqx_mgmt_api_test_util:request_api(get, Path, "", Auth),
			
 
				-
			
 
				-    ok.
			
 
				+    {ok, _} = emqx_mgmt_api_test_util:request_api(get, Path, "", Auth).
			
 
				 
			
 
				 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
			
 
				 %%% Internal Functions