diff --git a/apps/mosquitto_ctrl/dynsec.c b/apps/mosquitto_ctrl/dynsec.c index 0952067b..6ba23a00 100644 --- a/apps/mosquitto_ctrl/dynsec.c +++ b/apps/mosquitto_ctrl/dynsec.c @@ -28,6 +28,8 @@ Contributors: #include "password_mosq.h" #include "get_password.h" +#define MAX_STRING_LEN 4096 + void dynsec__print_usage(void) { printf("\nDynamic Security module\n"); @@ -128,43 +130,55 @@ static void print_list(cJSON *j_response, const char *arrayname, const char *key } } - -static void print_roles(cJSON *j_roles, size_t slen) +static void print_json_value(cJSON* value, const char* null_value) { - bool first; - cJSON *j_elem, *jtmp; + if (value){ + if (cJSON_IsString(value)){ + printf("%s", value->valuestring); + }else{ + char buffer[MAX_STRING_LEN]; + cJSON_PrintPreallocated(value, buffer, sizeof(buffer), 0); + printf("%s", buffer); + } + } else if (null_value){ + printf("%s",null_value); + } +} - if(j_roles && cJSON_IsArray(j_roles)){ - first = true; - cJSON_ArrayForEach(j_elem, j_roles){ - jtmp = cJSON_GetObjectItem(j_elem, "rolename"); - if(jtmp && cJSON_IsString(jtmp)){ - if(first){ - first = false; - printf("%-*s %s", (int)slen, "Roles:", jtmp->valuestring); - }else{ - printf("%-*s %s", (int)slen, "", jtmp->valuestring); - } - jtmp = cJSON_GetObjectItem(j_elem, "priority"); - if(jtmp && cJSON_IsNumber(jtmp)){ - printf(" (priority: %d)", (int)jtmp->valuedouble); - }else{ - printf(" (priority: -1)"); +static void print_json_array(cJSON *j_list, int slen, const char* label, const char* element_name, const char* optional_element_name, const char* optional_element_null_value) +{ + cJSON *j_elem; + + if(j_list && cJSON_IsArray(j_list)){ + cJSON_ArrayForEach(j_elem, j_list){ + if (cJSON_IsObject(j_elem)) { + cJSON* jtmp = cJSON_GetObjectItem(j_elem, element_name); + if(!jtmp || !cJSON_IsString(jtmp)){ + continue; } - printf("\n"); - } + printf("%-*s %s", (int)slen, label, jtmp->valuestring); + if (optional_element_name) { + printf(" (%s: ", optional_element_name); + print_json_value(cJSON_GetObjectItem(j_elem,optional_element_name),optional_element_null_value); + printf(")"); + } + } else if (cJSON_IsString(j_elem)) { + printf("%-*s %s", (int)slen, label, j_elem->valuestring); + } + label = ""; + printf("\n"); } }else{ - printf("Roles:\n"); + printf("%s\n", label); } } static void print_client(cJSON *j_response) { - cJSON *j_data, *j_client, *j_array, *j_elem, *jtmp; - bool first; - + cJSON *j_data, *j_client, *jtmp; + const int label_width = strlen( "Connections:"); + j_data = cJSON_GetObjectItem(j_response, "data"); if(j_data == NULL || !cJSON_IsObject(j_data)){ fprintf(stderr, "Error: Invalid response from server.\n"); @@ -182,54 +196,30 @@ static void print_client(cJSON *j_response) fprintf(stderr, "Error: Invalid response from server.\n"); return; } - printf("Username: %s\n", jtmp->valuestring); + printf("%-*s %s\n", label_width, "Username:", jtmp->valuestring); jtmp = cJSON_GetObjectItem(j_client, "clientid"); if(jtmp && cJSON_IsString(jtmp)){ - printf("Clientid: %s\n", jtmp->valuestring); + printf("%-*s %s\n", label_width, "Clientid:", jtmp->valuestring); }else{ printf("Clientid:\n"); } jtmp = cJSON_GetObjectItem(j_client, "disabled"); if(jtmp && cJSON_IsBool(jtmp)){ - printf("Disabled: %s\n", cJSON_IsTrue(jtmp)?"true":"false"); + printf("%-*s %s\n", label_width, "Disabled:", cJSON_IsTrue(jtmp)?"true":"false"); } - j_array = cJSON_GetObjectItem(j_client, "roles"); - print_roles(j_array, strlen("Username:")); - - j_array = cJSON_GetObjectItem(j_client, "groups"); - if(j_array && cJSON_IsArray(j_array)){ - first = true; - cJSON_ArrayForEach(j_elem, j_array){ - jtmp = cJSON_GetObjectItem(j_elem, "groupname"); - if(jtmp && cJSON_IsString(jtmp)){ - if(first){ - printf("Groups: %s", jtmp->valuestring); - first = false; - }else{ - printf(" %s", jtmp->valuestring); - } - jtmp = cJSON_GetObjectItem(j_elem, "priority"); - if(jtmp && cJSON_IsNumber(jtmp)){ - printf(" (priority: %d)", (int)jtmp->valuedouble); - }else{ - printf(" (priority: -1)"); - } - printf("\n"); - } - } - }else{ - printf("Groups:\n"); - } + print_json_array(cJSON_GetObjectItem(j_client, "roles"), label_width, "Roles:", "rolename", "priority", "-1"); + print_json_array(cJSON_GetObjectItem(j_client, "groups"), label_width, "Groups:", "groupname", "priority", "-1"); + print_json_array(cJSON_GetObjectItem(j_client, "connections"), label_width, "Connections:", "address", NULL, NULL); } static void print_group(cJSON *j_response) { - cJSON *j_data, *j_group, *j_array, *j_elem, *jtmp; - bool first; + cJSON *j_data, *j_group, *jtmp; + int label_width = strlen("Groupname:"); j_data = cJSON_GetObjectItem(j_response, "data"); if(j_data == NULL || !cJSON_IsObject(j_data)){ @@ -250,24 +240,8 @@ static void print_group(cJSON *j_response) } printf("Groupname: %s\n", jtmp->valuestring); - j_array = cJSON_GetObjectItem(j_group, "roles"); - print_roles(j_array, strlen("Groupname:")); - - j_array = cJSON_GetObjectItem(j_group, "clients"); - if(j_array && cJSON_IsArray(j_array)){ - first = true; - cJSON_ArrayForEach(j_elem, j_array){ - jtmp = cJSON_GetObjectItem(j_elem, "username"); - if(jtmp && cJSON_IsString(jtmp)){ - if(first){ - first = false; - printf("Clients: %s\n", jtmp->valuestring); - }else{ - printf(" %s\n", jtmp->valuestring); - } - } - } - } + print_json_array(cJSON_GetObjectItem(j_group, "roles"), label_width, "Roles:", "rolename", "priority", "-1"); + print_json_array(cJSON_GetObjectItem(j_group, "clients"), label_width, "Clients:", "username", NULL, NULL); } diff --git a/include/mosquitto_broker.h b/include/mosquitto_broker.h index a2f26ac5..2f848133 100644 --- a/include/mosquitto_broker.h +++ b/include/mosquitto_broker.h @@ -651,6 +651,18 @@ mosq_EXPORT int mosquitto_kick_client_by_clientid(const char *clientid, bool wit */ mosq_EXPORT int mosquitto_kick_client_by_username(const char *username, bool with_will); +/* Function: mosquitto_apply_on_all_clients + * + * Apply a given functor to all clients + * + * The functor will be applied to all existing client structures. If the functor + * returns an error code the iteration over the clients will be stopped. The + * functor_context pointer maybe used to pass additional data structures into + * the functor as second argument. + * + * The result value will be the result of the last functor invoked. + */ +mosq_EXPORT int mosquitto_apply_on_all_clients(int (*FUNC_client_functor)(const struct mosquitto *, void *), void *functor_context); /* ========================================================================= * diff --git a/man/Makefile b/man/Makefile index 76a7058b..410d7ded 100644 --- a/man/Makefile +++ b/man/Makefile @@ -57,37 +57,7 @@ uninstall : -rm -f "${DESTDIR}${mandir}/man7/mosquitto-tls.7" -rm -f "${DESTDIR}${mandir}/man3/libmosquitto.3" -mosquitto.8 : mosquitto.8.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto.conf.5 : mosquitto.conf.5.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto_ctrl.1 : mosquitto_ctrl.1.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto_ctrl_dynsec.1 : mosquitto_ctrl_dynsec.1.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto_passwd.1 : mosquitto_passwd.1.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto_pub.1 : mosquitto_pub.1.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto_sub.1 : mosquitto_sub.1.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto_rr.1 : mosquitto_rr.1.xml manpage.xsl - $(XSLTPROC) $< - -mqtt.7 : mqtt.7.xml manpage.xsl - $(XSLTPROC) $< - -mosquitto-tls.7 : mosquitto-tls.7.xml manpage.xsl - $(XSLTPROC) $< - -libmosquitto.3 : libmosquitto.3.xml manpage.xsl +% : %.xml %.meta manpage.xsl $(XSLTPROC) $< html : *.xml diff --git a/plugins/common/plugin_common.c b/plugins/common/plugin_common.c index 08bccd9e..210c30ab 100644 --- a/plugins/common/plugin_common.c +++ b/plugins/common/plugin_common.c @@ -1,5 +1,9 @@ -#include #include "plugin_common.h" +#include +#include + +#include +#include void plugin__command_reply(struct plugin_cmd *cmd, const char *error) { @@ -19,3 +23,21 @@ void plugin__command_reply(struct plugin_cmd *cmd, const char *error) cJSON_AddItemToArray(cmd->j_responses, j_response); } + +void plugin_send_response(cJSON *tree, const char* topic) +{ + char *payload; + size_t payload_len; + + payload = cJSON_PrintUnformatted(tree); + cJSON_Delete(tree); + if(payload == NULL) return; + + payload_len = strlen(payload); + if(payload_len > MQTT_MAX_PAYLOAD){ + free(payload); + return; + } + mosquitto_broker_publish(NULL, topic, (int)payload_len, payload, 0, 0, NULL); +} + diff --git a/plugins/common/plugin_common.h b/plugins/common/plugin_common.h index f0109910..ce5be931 100644 --- a/plugins/common/plugin_common.h +++ b/plugins/common/plugin_common.h @@ -12,4 +12,6 @@ struct plugin_cmd{ void plugin__command_reply(struct plugin_cmd *cmd, const char *error); +void plugin_send_response(cJSON *tree, const char* topic); + #endif diff --git a/plugins/dynamic-security/Makefile b/plugins/dynamic-security/Makefile index e49f2383..53f506ae 100644 --- a/plugins/dynamic-security/Makefile +++ b/plugins/dynamic-security/Makefile @@ -94,7 +94,7 @@ password_mosq.o : ${R}/common/password_mosq.c ${R}/common/password_mosq.h plugin.o : plugin.c dynamic_security.h ${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(PLUGIN_CPPFLAGS) $(PLUGIN_CFLAGS) -c $< -o $@ -plugin_common.o : ${R}/plugins/common/plugin_common.c dynamic_security.h +plugin_common.o : ${R}/plugins/common/plugin_common.c ${R}/plugins/common/plugin_common.h ${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(PLUGIN_CPPFLAGS) $(PLUGIN_CFLAGS) -c $< -o $@ roles.o : roles.c dynamic_security.h diff --git a/plugins/dynamic-security/clients.c b/plugins/dynamic-security/clients.c index a7772382..b047ed55 100644 --- a/plugins/dynamic-security/clients.c +++ b/plugins/dynamic-security/clients.c @@ -859,12 +859,59 @@ static int dynsec__remove_client_from_all_groups(struct dynsec__data *data, cons return MOSQ_ERR_SUCCESS; } +struct connection_array_context { + const char* username; + cJSON *j_connections; +}; + +static int dynsec__add_client_address(const struct mosquitto* client, void* context_ptr) +{ + struct connection_array_context* functor_context = (struct connection_array_context*)context_ptr; + + if (!strcmp(functor_context->username,mosquitto_client_username(client))) { + cJSON *j_connection = cJSON_CreateObject(); + const char* address; + if (!j_connection){ + return MOSQ_ERR_NOMEM; + } + if ((address=mosquitto_client_address(client)) && !cJSON_AddStringToObject(j_connection,"address",address)) { + cJSON_Delete(j_connection); + return MOSQ_ERR_NOMEM; + } + cJSON_AddItemToArray(functor_context->j_connections,j_connection); + } + return MOSQ_ERR_SUCCESS; +} + + +static cJSON* dynsec_connections__all_to_json(const char* username, const char* clientid) +{ + struct connection_array_context functor_context = { username, cJSON_CreateArray()}; + // functor_context.j_connections = cJSON_CreateArray(); + //functor_context.username = username; + if (clientid) { + const struct mosquitto* client = mosquitto_client(clientid); + if (client && dynsec__add_client_address(client, &functor_context) != MOSQ_ERR_SUCCESS) { + cJSON_Delete(functor_context.j_connections); + return NULL; + } + } else { + if (mosquitto_apply_on_all_clients(&dynsec__add_client_address, &functor_context) != MOSQ_ERR_SUCCESS) { + cJSON_Delete(functor_context.j_connections); + return NULL; + } + } + return functor_context.j_connections; +} + static cJSON *add_client_to_json(struct dynsec__client *client, bool verbose) { - cJSON *j_client = NULL, *j_groups, *j_roles; + cJSON *j_client = NULL; if(verbose){ + cJSON *j_groups, *j_roles, *j_connections; + j_client = cJSON_CreateObject(); if(j_client == NULL){ return NULL; @@ -894,6 +941,13 @@ static cJSON *add_client_to_json(struct dynsec__client *client, bool verbose) return NULL; } cJSON_AddItemToObject(j_client, "groups", j_groups); + + j_connections = dynsec_connections__all_to_json(client->username, client->clientid); + if (j_connections == NULL){ + cJSON_Delete(j_client); + return NULL; + } + cJSON_AddItemToObject(j_client, "connections", j_connections); }else{ j_client = cJSON_CreateString(client->username); if(j_client == NULL){ diff --git a/plugins/dynamic-security/config_init.c b/plugins/dynamic-security/config_init.c index e2f933f8..824b8eb1 100644 --- a/plugins/dynamic-security/config_init.c +++ b/plugins/dynamic-security/config_init.c @@ -160,12 +160,8 @@ static int client_add_admin(FILE *pwfile, cJSON *j_clients) free(password_hash); free(salt); - if(client_role_add(j_roles, "broker-admin") - || client_role_add(j_roles, "dynsec-admin") - || client_role_add(j_roles, "sys-observe") - || client_role_add(j_roles, "topic-observe") - ){ - + if(client_role_add(j_roles, "super-admin") + || client_role_add(j_roles, "topic-observe")){ free(password); return MOSQ_ERR_NOMEM; } @@ -311,8 +307,7 @@ static int acl_add(cJSON *j_acls, const char *acltype, const char *topic, int pr } } - -static int role_add_client(cJSON *j_roles) +static int add_role_with_full_permission(cJSON *j_roles, const char *role_name, const char *text_description, const char *topic_pattern) { cJSON *j_role, *j_acls; @@ -322,79 +317,16 @@ static int role_add_client(cJSON *j_roles) } cJSON_AddItemToArray(j_roles, j_role); - if(cJSON_AddStringToObject(j_role, "rolename", "client") == NULL - || cJSON_AddStringToObject(j_role, "textdescription", - "Read/write access to the full application topic hierarchy.") == NULL - || (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL - ){ - + if(cJSON_AddStringToObject(j_role, "rolename", role_name) == NULL + || cJSON_AddStringToObject(j_role, "textdescription", text_description) == NULL + || (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL){ return MOSQ_ERR_NOMEM; } - if(acl_add(j_acls, "publishClientSend", "#", 0, true) - || acl_add(j_acls, "publishClientReceive", "#", 0, true) - || acl_add(j_acls, "subscribePattern", "#", 0, true) - || acl_add(j_acls, "unsubscribePattern", "#", 0, true) - ){ - - return MOSQ_ERR_NOMEM; - } - return MOSQ_ERR_SUCCESS; -} - -static int role_add_broker_admin(cJSON *j_roles) -{ - cJSON *j_role, *j_acls; - - j_role = cJSON_CreateObject(); - if(j_role == NULL){ - return MOSQ_ERR_NOMEM; - } - cJSON_AddItemToArray(j_roles, j_role); - - if(cJSON_AddStringToObject(j_role, "rolename", "broker-admin") == NULL - || cJSON_AddStringToObject(j_role, "textdescription", - "Grants access to administer general broker configuration.") == NULL - || (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL - ){ - - return MOSQ_ERR_NOMEM; - } - - if(acl_add(j_acls, "publishClientSend", "$CONTROL/broker/#", 0, true) - || acl_add(j_acls, "publishClientReceive", "$CONTROL/broker/#", 0, true) - || acl_add(j_acls, "subscribePattern", "$CONTROL/broker/#", 0, true) - ){ - - return MOSQ_ERR_NOMEM; - } - return MOSQ_ERR_SUCCESS; -} - -static int role_add_dynsec_admin(cJSON *j_roles) -{ - cJSON *j_role, *j_acls; - - j_role = cJSON_CreateObject(); - if(j_role == NULL){ - return MOSQ_ERR_NOMEM; - } - cJSON_AddItemToArray(j_roles, j_role); - - if(cJSON_AddStringToObject(j_role, "rolename", "dynsec-admin") == NULL - || cJSON_AddStringToObject(j_role, "textdescription", - "Grants access to administer clients/groups/roles.") == NULL - || (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL - ){ - - return MOSQ_ERR_NOMEM; - } - - if(acl_add(j_acls, "publishClientSend", "$CONTROL/dynamic-security/#", 0, true) - || acl_add(j_acls, "publishClientReceive", "$CONTROL/dynamic-security/#", 0, true) - || acl_add(j_acls, "subscribePattern", "$CONTROL/dynamic-security/#", 0, true) - ){ - + if(acl_add(j_acls, "publishClientSend", topic_pattern, 0, true) + || acl_add(j_acls, "publishClientReceive", topic_pattern, 0, true) + || acl_add(j_acls, "subscribePattern", topic_pattern, 0, true) + || acl_add(j_acls, "unsubscribePattern", topic_pattern, 0, true)){ return MOSQ_ERR_NOMEM; } return MOSQ_ERR_SUCCESS; @@ -494,13 +426,11 @@ static int add_roles(cJSON *j_tree) return MOSQ_ERR_NOMEM; } - if(role_add_client(j_roles) - || role_add_broker_admin(j_roles) - || role_add_dynsec_admin(j_roles) - || role_add_sys_notify(j_roles) - || role_add_sys_observe(j_roles) - || role_add_topic_observe(j_roles) - ){ + if(add_role_with_full_permission(j_roles, "client", "Read/write access to the full application topic hierarchy.", "#") + || add_role_with_full_permission(j_roles, "broker-admin", "Grants access to administer general broker configuration.", "$CONTROL/broker/#") + || add_role_with_full_permission(j_roles, "dynsec-admin", "Grants access to administer clients/groups/roles.", "$CONTROL/dynamic-security/#") + || add_role_with_full_permission(j_roles, "super-admin", "Grants access to administer all kind of broker controls", "$CONTROL/#") + || role_add_sys_notify(j_roles) || role_add_sys_observe(j_roles) || role_add_topic_observe(j_roles)){ return MOSQ_ERR_NOMEM; } diff --git a/plugins/dynamic-security/control.c b/plugins/dynamic-security/control.c index 01ac138a..f5b8633d 100644 --- a/plugins/dynamic-security/control.c +++ b/plugins/dynamic-security/control.c @@ -35,20 +35,7 @@ Contributors: static void send_response(cJSON *tree) { - char *payload; - size_t payload_len; - - payload = cJSON_PrintUnformatted(tree); - cJSON_Delete(tree); - if(payload == NULL) return; - - payload_len = strlen(payload); - if(payload_len > MQTT_MAX_PAYLOAD){ - free(payload); - return; - } - mosquitto_broker_publish(NULL, "$CONTROL/dynamic-security/v1/response", - (int)payload_len, payload, 0, 0, NULL); + plugin_send_response(tree, "$CONTROL/dynamic-security/v1/response"); } diff --git a/src/linker.syms b/src/linker.syms index d4fde7e3..2e62c9cf 100644 --- a/src/linker.syms +++ b/src/linker.syms @@ -20,6 +20,7 @@ mosquitto_free; mosquitto_kick_client_by_clientid; mosquitto_kick_client_by_username; + mosquitto_apply_on_all_clients; mosquitto_log_printf; mosquitto_malloc; mosquitto_persist_client_add; diff --git a/src/plugin_public.c b/src/plugin_public.c index cea39d2f..4dbdad8a 100644 --- a/src/plugin_public.c +++ b/src/plugin_public.c @@ -400,6 +400,20 @@ int mosquitto_kick_client_by_username(const char *username, bool with_will) return MOSQ_ERR_SUCCESS; } +int mosquitto_apply_on_all_clients(int (*FUNC_client_functor)(const struct mosquitto *, void *), void *functor_context) +{ + int rc = MOSQ_ERR_SUCCESS; + struct mosquitto *ctxt, *ctxt_tmp; + + HASH_ITER(hh_id, db.contexts_by_id, ctxt, ctxt_tmp){ + rc = (*FUNC_client_functor)(ctxt, functor_context); + if(rc != MOSQ_ERR_SUCCESS){ + break; + } + } + + return rc; +} int mosquitto_persist_client_add(struct mosquitto_evt_persist_client *client) { diff --git a/test/broker/14-dynsec-client.py b/test/broker/14-dynsec-client.py index d6e0e518..10d57000 100755 --- a/test/broker/14-dynsec-client.py +++ b/test/broker/14-dynsec-client.py @@ -44,15 +44,15 @@ list_clients_verbose_command = { "commands": [{ "command": "listClients", "verbose": True, "correlationData": "20"}] } list_clients_verbose_response = {'responses':[{"command": "listClients", "data":{"totalCount":2, "clients":[ - {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': []}, + {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': [], 'connections': [{'address': '127.0.0.1'}]}, {"username":"user_one", "clientid":"cid", "textname":"Name", "textdescription":"Description", - "roles":[], "groups":[]}]}, "correlationData":"20"}]} + "roles":[], "groups":[], 'connections': []}]}, "correlationData":"20"}]} get_client_command = { "commands": [{ "command": "getClient", "username": "user_one", "correlationData": "42"}]} get_client_response = {'responses':[{'command': 'getClient', 'data': {'client': {'username': 'user_one', 'clientid': 'cid', - 'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'roles': []}}, "correlationData":"42"}]} + 'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'connections': [], 'roles': []}}, "correlationData":"42"}]} set_client_password_command = {"commands": [{ "command": "setClientPassword", "username": "user_one", "password": "password"}]} diff --git a/test/broker/14-dynsec-disable-client.py b/test/broker/14-dynsec-disable-client.py index 202a6c6c..6071f4d1 100755 --- a/test/broker/14-dynsec-disable-client.py +++ b/test/broker/14-dynsec-disable-client.py @@ -38,9 +38,9 @@ add_client_repeat_response = {'responses':[{"command":"createClient","error":"Cl get_client_command = { "commands": [{ "command": "getClient", "username": "user_one"}]} get_client_response1 = {'responses':[{'command': 'getClient', 'data': {'client': {'username': 'user_one', 'clientid': 'cid', - 'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'roles': []}}}]} + 'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'roles': [], 'connections': []}}}]} get_client_response2 = {'responses':[{'command': 'getClient', 'data': {'client': {'username': 'user_one', 'clientid': 'cid', - 'textname': 'Name', 'textdescription': 'Description', 'disabled':True, 'groups': [], 'roles': []}}}]} + 'textname': 'Name', 'textdescription': 'Description', 'disabled':True, 'groups': [], 'roles': [], 'connections': []}}}]} disable_client_command = { "commands": [{ "command": "disableClient", "username": "user_one"}]} diff --git a/test/broker/14-dynsec-group.py b/test/broker/14-dynsec-group.py index 4166a4dc..75ac47d7 100755 --- a/test/broker/14-dynsec-group.py +++ b/test/broker/14-dynsec-group.py @@ -70,11 +70,11 @@ list_groups_verbose_response = {'responses':[{'command': 'listGroups', 'data': { list_clients_verbose_command = { "commands": [{ "command": "listClients", "verbose": True, "correlationData": "20"}]} list_clients_verbose_response = {'responses':[{"command": "listClients", "data":{"totalCount":3, "clients":[ - {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': []}, + {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': [], 'connections': [{'address': '127.0.0.1'}]}, {"username":"user_one", "clientid":"cid", "textname":"Name", "textdescription":"description", - "groups":[{"groupname":"group_one"}, {"groupname":"group_two"}], "roles":[]}, + "groups":[{"groupname":"group_one"}, {"groupname":"group_two"}], "roles":[], 'connections': []}, {"username":"user_two", "textname":"Name", "textdescription":"description", - "groups":[{"groupname":"group_one"}], "roles":[]}, + "groups":[{"groupname":"group_one"}], "roles":[], 'connections': []}, ]}, "correlationData":"20"}]} get_group_command = { "commands": [{"command": "getGroup", "groupname":"group_one"}]} diff --git a/test/broker/14-dynsec-modify-client.py b/test/broker/14-dynsec-modify-client.py index e314826a..d57bfdf8 100755 --- a/test/broker/14-dynsec-modify-client.py +++ b/test/broker/14-dynsec-modify-client.py @@ -109,6 +109,7 @@ get_client_response1 = {'responses':[{'command': 'getClient', 'data': {'client': 'textname': 'Name', 'textdescription': 'Description', 'roles': [], 'groups': [], + 'connections': [] }}}]} get_client_command2 = { "commands": [{ @@ -122,8 +123,9 @@ get_client_response2 = {'responses':[{'command': 'getClient', 'data': {'client': ], 'groups': [ {'groupname':'group_two', 'priority':8}, - {'groupname':'group_one', 'priority':3} - ]}}}]} + {'groupname':'group_one', 'priority':3}], + 'connections': [] + }}}]} get_client_command3 = { "commands": [{ "command": "getClient", "username": "user_one"}]} @@ -133,8 +135,9 @@ get_client_response3 = {'responses':[{'command': 'getClient', 'data': {'client': 'roles': [ {'rolename':'role_three', 'priority':10}, {'rolename':'role_one', 'priority':2}, - {'rolename':'role_two'} - ]}}}]} + {'rolename':'role_two'}], + 'connections': [] + }}}]} diff --git a/test/broker/14-dynsec-role.py b/test/broker/14-dynsec-role.py index 915bfe73..44e3f2ca 100755 --- a/test/broker/14-dynsec-role.py +++ b/test/broker/14-dynsec-role.py @@ -148,11 +148,11 @@ list_clients_verbose_command = { "commands": [{ "command": "listClients", "verbose": True, "correlationData": "20"}] } list_clients_verbose_response = {'responses':[{"command": "listClients", "data":{'totalCount':3, "clients":[ - {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': []}, + {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': [], 'connections': [{'address': '127.0.0.1'}]}, {"username":"user_one", "clientid":"cid", "textname":"Name", "textdescription":"Description", - "groups":[], "roles":[{'rolename':'basic'}, {'rolename':'basic2'}]}, + "groups":[], "roles":[{'rolename':'basic'}, {'rolename':'basic2'}], 'connections': []}, {"username":"user_two", "textname":"Name", "textdescription":"Description", - "groups":[], "roles":[]}]}, "correlationData":"20"}]} + "groups":[], "roles":[], 'connections': []}]}, "correlationData":"20"}]} list_groups_verbose_command = { "commands": [{ "command": "listGroups", "verbose": True, "correlationData": "20"}]