Mnesia ACL
插件:
"clientid":"emqx",
"topic":"testtopic/1",
"action":"pub",
"access": "allow"
}
规则字段说明:
- clientid / username:客户端的 Username 或 Client ID.
- topic:控制的主题,可以使用通配符,并且可以在主题中加入占位符来匹配客户端信息,例如
t/%c
则在匹配时主题将会替换为当前客户端的 Client ID- %u:用户名
- %c:Client ID
- action:操作行为,可选值:pub | sub | pubsub
- Access:是否允许,可选值:allow | deny
Mnesia ACL 默认不设规则,你可以使用 HTTP API 和 emqx_ct
l 管理 ACL 规则。
添加 ACL 规则
Clinetid ACL:
# Request
POST api/v4/acl
{
"clientid":"emqx_c",
"topic":"Topic/A",
"action":"pub",
"access": "allow"
}
# Response
{
"data": {
"clientid":"emqx_c",
"topic":"Topic/A",
"action":"pub",
"access": "allow"
"result": "ok"
},
"code": 0
}
Username ACL:
# Request
POST api/v4/acl
{
"username":"emqx_u",
"topic":"Topic/A",
"action":"pub",
"access": "allow"
}
# Response
{
"data": {
"username":"emqx_u",
"topic":"Topic/A",
"action":"pub",
"access": "allow"
"result": "ok"
},
"code": 0
}
批量添加 ACL 规则
# Request
POST api/v4/acl
[
{
"clientid":"emqx_c_1",
"topic":"Topic/A",
"action":"pub",
},
{
"username":"emqx_u_1",
"topic":"Topic/A",
"action":"sub",
"access": "allow"
},
{
"topic":"Topic/+",
"access": "deny"
}
]
# Response
{
"data": [
{
"clientid":"emqx_c_1",
"topic":"Topic/A",
"action":"pub",
"access": "allow",
"result": "ok"
},
{
"username":"emqx_u_1",
"topic":"Topic/A",
"action":"pub",
"access": "allow"
"result": "ok"
},
{
"all": "$all",
"topic":"Topic/+",
"action":"pubsub",
"access": "deny"
},
],
"code": 0
}
查看已经添加的 ACL 规则
Clinetid ACL:
# Request
GET api/v4/acl/clinetid
# Response
{
"meta": {
"page": 1,
"limit": 10,
"count": 1
},
"data": [
{
"clientid": "emqx_c",
"topic": "Topic/A",
"action": "pub",
"access": "allow"
},
{
"clientid": "emqx_c_1",
"topic": "Topic/A",
"action": "pub",
"access": "allow"
},
{
"clientid": "emqx_c_2",
"topic": "Topic/A",
"action": "pub",
"access": "allow"
}
],
"code": 0
Username ACL:
# Request
GET api/v4/acl/username
# Response
{
"meta": {
"page": 1,
"limit": 10,
"count": 1
},
"data": [
{
"username": "emqx_u",
"topic": "Topic/A",
"action": "pub",
"access": "allow"
},
{
"username": "emqx_u_1",
"topic": "Topic/A",
"action": "pub",
"access": "allow"
},
{
"username": "emqx_u_2",
"topic": "Topic/A",
"action": "pub",
"access": "allow"
}
],
"code": 0
}
$all ACL:
查看指定 ACL 规则
Clientid ACL
# Request
GET api/v4/acl/clientid/${clientid}
# Response
{
"data": {
"topic": "Topic/A",
"clientid": "emqx_c",
"allow": true,
"action": "pub"
},
"code": 0
}
Username ACL
# Request
GET api/v4/acl/username/${username}
# Response
{
"data": {
"topic": "Topic/A",
"username": "emqx_u",
"allow": true,
"action": "pub"
},
"code": 0
}
删除 ACL 规则
-
# Request
# 请注意 ${topic} 需要使用 UrlEncode 编码
DELETE api/v4/acl/clinetid/${clientid}/topic/${topic}
# Response
{
"code": 0
}
Username ACL