test(gw): add tests for authm data-mgmt

apps/emqx_authn/src/emqx_authn_api.erl

@@ -796,11 +796,12 @@ add_user(_, _, #{<<"user_id">> := _}) ->
 add_user(_, _, _) ->
     serialize_error({missing_parameter, user_id}).
 
-update_user(ChainName, AuthenticatorID, UserID, UserInfo) ->
-    case maps:with([<<"password">>, <<"is_superuser">>], UserInfo) =:= #{} of
+update_user(ChainName, AuthenticatorID, UserID, UserInfo0) ->
+    case maps:with([<<"password">>, <<"is_superuser">>], UserInfo0) =:= #{} of
         true ->
             serialize_error({missing_parameter, password});
         false ->
+            UserInfo = emqx_map_lib:safe_atom_key_map(UserInfo0),
             case emqx_authentication:update_user(ChainName, AuthenticatorID, UserID, UserInfo) of
                 {ok, User} ->
                     {200, User};
@@ -907,7 +908,7 @@ serialize_error({bad_ssl_config, Details}) ->
             message => binfmt("bad_ssl_config ~p", [Details])}};
 serialize_error({missing_parameter, Detail}) ->
     {400, #{code => <<"MISSING_PARAMETER">>,
-            message => binfmt("Missing required parameter", [Detail])}};
+            message => binfmt("Missing required parameter: ~p", [Detail])}};
 serialize_error({invalid_parameter, Name}) ->
     {400, #{code => <<"INVALID_PARAMETER">>,
             message => binfmt("Invalid value for '~p'", [Name])}};

apps/emqx_gateway/src/emqx_gateway_api_authn.erl

@@ -286,9 +286,7 @@ schema("/gateway/:name/authentication/users/:uid") ->
                 , 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
                 , 500 => error_codes([?INTERNAL_ERROR],
                                      <<"Ineternal Server Error">>)
-                , 200 => emqx_dashboard_swagger:schema_with_example(
-                           ref(emqx_authn_api, response_user),
-                           emqx_authn_api:response_user_examples())
+                , 204 => <<"User Deleted">>
                 }
            }
      };

apps/emqx_gateway/src/emqx_gateway_http.erl

@@ -335,7 +335,7 @@ with_authn(GwName0, Fun) ->
 
 -spec with_listener_authn(binary(), binary(), function()) -> any().
 with_listener_authn(GwName0, Id, Fun) ->
-    with_gateway(GwName0, fun(GwName) ->
+    with_gateway(GwName0, fun(GwName, _GwConf) ->
         Authn = emqx_gateway_http:authn(GwName, Id),
         Fun(GwName, Authn)
     end).

apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl

@@ -207,6 +207,50 @@ t_authn(_) ->
     {204, _} = request(get, "/gateway/stomp/authentication"),
     {204, _} = request(delete, "/gateway/stomp").
 
+t_authn_data_mgmt(_) ->
+    GwConf = #{name => <<"stomp">>},
+    {204, _} = request(post, "/gateway", GwConf),
+    {204, _} = request(get, "/gateway/stomp/authentication"),
+
+    AuthConf = #{mechanism => <<"password-based">>,
+                 backend => <<"built-in-database">>,
+                 user_id_type => <<"clientid">>
+                },
+    {204, _} = request(post, "/gateway/stomp/authentication", AuthConf),
+    {200, ConfResp} = request(get, "/gateway/stomp/authentication"),
+    assert_confs(AuthConf, ConfResp),
+
+    User1 = #{ user_id => <<"test">>
+             , password => <<"123456">>
+             , is_superuser => false
+             },
+    {201, _} = request(post, "/gateway/stomp/authentication/users", User1),
+    {200, #{data := [UserRespd1]}} = request(get, "/gateway/stomp/authentication/users"),
+    assert_confs(UserRespd1, User1),
+
+    {200, UserRespd2} = request(get,
+                                "/gateway/stomp/authentication/users/test"),
+    assert_confs(UserRespd2, User1),
+
+    {200, UserRespd3} = request(put,
+                                "/gateway/stomp/authentication/users/test",
+                                #{password => <<"654321">>,
+                                  is_superuser => true}),
+    assert_confs(UserRespd3, User1#{is_superuser => true}),
+
+    {200, UserRespd4} = request(get,
+                                "/gateway/stomp/authentication/users/test"),
+    assert_confs(UserRespd4, User1#{is_superuser => true}),
+
+    {204, _} = request(delete, "/gateway/stomp/authentication/users/test"),
+
+    {200, #{data := []}} = request(get,
+                                   "/gateway/stomp/authentication/users"),
+
+    {204, _} = request(delete, "/gateway/stomp/authentication"),
+    {204, _} = request(get, "/gateway/stomp/authentication"),
+    {204, _} = request(delete, "/gateway/stomp").
+
 t_listeners(_) ->
     GwConf = #{name => <<"stomp">>},
     {204, _} = request(post, "/gateway", GwConf),
@@ -262,6 +306,65 @@ t_listeners_authn(_) ->
     assert_confs(AuthConf2, ConfResp3),
     {204, _} = request(delete, "/gateway/stomp").
 
+t_listeners_authn_data_mgmt(_) ->
+    GwConf = #{name => <<"stomp">>,
+               listeners => [
+                 #{name => <<"def">>,
+                   type => <<"tcp">>,
+                   bind => <<"61613">>
+                  }]},
+    {204, _} = request(post, "/gateway", GwConf),
+    {200, ConfResp} = request(get, "/gateway/stomp"),
+    assert_confs(GwConf, ConfResp),
+
+    AuthConf = #{mechanism => <<"password-based">>,
+                 backend => <<"built-in-database">>,
+                 user_id_type => <<"clientid">>
+                },
+    Path = "/gateway/stomp/listeners/stomp:tcp:def/authentication",
+    {204, _} = request(post, Path, AuthConf),
+    {200, ConfResp2} = request(get, Path),
+    assert_confs(AuthConf, ConfResp2),
+
+    User1 = #{ user_id => <<"test">>
+             , password => <<"123456">>
+             , is_superuser => false
+             },
+    {201, _} = request(post,
+                       "/gateway/stomp/listeners/stomp:tcp:def/authentication/users",
+                       User1),
+
+    {200,
+     #{data := [UserRespd1]} } = request(
+                                   get,
+                                   "/gateway/stomp/listeners/stomp:tcp:def/authentication/users"),
+    assert_confs(UserRespd1, User1),
+
+    {200, UserRespd2} = request(
+                          get,
+                          "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test"),
+    assert_confs(UserRespd2, User1),
+
+    {200, UserRespd3} = request(
+                          put,
+                          "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test",
+                          #{password => <<"654321">>, is_superuser => true}),
+    assert_confs(UserRespd3, User1#{is_superuser => true}),
+
+    {200, UserRespd4} = request(
+                          get,
+                          "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test"),
+    assert_confs(UserRespd4, User1#{is_superuser => true}),
+
+    {204, _} = request(
+                 delete,
+                 "/gateway/stomp/listeners/stomp:tcp:def/authentication/users/test"),
+
+    {200, #{data := []}} = request(
+                             get,
+                             "/gateway/stomp/listeners/stomp:tcp:def/authentication/users"),
+    {204, _} = request(delete, "/gateway/stomp").
+
 %%--------------------------------------------------------------------
 %% Asserts