mirror of
https://gitee.com/iresty/apisix.git
synced 2024-12-04 21:17:36 +08:00
feat(consumer-restriction): customize rejected_msg (#5732)
Co-authored-by: gaoliangliang <gaoliangliang@dtzhejiang.com> Co-authored-by: 高亮亮 <gll287546@alibaba-inc.com>
This commit is contained in:
parent
5ae38f81f2
commit
c178435d7a
@ -51,7 +51,8 @@ local schema = {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
rejected_code = {type = "integer", minimum = 200, default = 403}
|
rejected_code = {type = "integer", minimum = 200, default = 403},
|
||||||
|
rejected_msg = {type = "string"}
|
||||||
},
|
},
|
||||||
anyOf = {
|
anyOf = {
|
||||||
{required = {"blacklist"}},
|
{required = {"blacklist"}},
|
||||||
@ -105,7 +106,10 @@ local function is_method_allowed(allowed_methods, method, user)
|
|||||||
end
|
end
|
||||||
|
|
||||||
local function reject(conf)
|
local function reject(conf)
|
||||||
return conf.rejected_code, { message = "The " .. conf.type .. " is forbidden." }
|
if conf.rejected_msg then
|
||||||
|
return conf.rejected_code , { message = conf.rejected_msg }
|
||||||
|
end
|
||||||
|
return conf.rejected_code , { message = "The " .. conf.type .. " is forbidden."}
|
||||||
end
|
end
|
||||||
|
|
||||||
function _M.check_schema(conf)
|
function _M.check_schema(conf)
|
||||||
|
@ -42,6 +42,7 @@ The `consumer-restriction` makes corresponding access restrictions based on diff
|
|||||||
| whitelist | array[string] | required | | | Grant full access to all users specified in the provided list , **has the priority over `allowed_by_methods`** |
|
| whitelist | array[string] | required | | | Grant full access to all users specified in the provided list , **has the priority over `allowed_by_methods`** |
|
||||||
| blacklist | array[string] | required | | | Reject connection to all users specified in the provided list , **has the priority over `whitelist`** |
|
| blacklist | array[string] | required | | | Reject connection to all users specified in the provided list , **has the priority over `whitelist`** |
|
||||||
| rejected_code | integer | optional | 403 | [200,...] | The HTTP status code returned when the request is rejected. |
|
| rejected_code | integer | optional | 403 | [200,...] | The HTTP status code returned when the request is rejected. |
|
||||||
|
| rejected_msg | string | optional | | | The message returned when the request is rejected. |
|
||||||
| allowed_by_methods | array[object] | optional | | | Set a list of allowed HTTP methods for the selected user , HTTP methods can be `["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS", "CONNECT", "TRACE"]` |
|
| allowed_by_methods | array[object] | optional | | | Set a list of allowed HTTP methods for the selected user , HTTP methods can be `["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS", "CONNECT", "TRACE"]` |
|
||||||
|
|
||||||
For the `type` field is an enumerated type, it can be `consumer_name` or `service_id`. They stand for the following meanings:
|
For the `type` field is an enumerated type, it can be `consumer_name` or `service_id`. They stand for the following meanings:
|
||||||
|
@ -42,6 +42,7 @@ title: consumer-restriction
|
|||||||
| whitelist | array[string] | 必选 | | | 与`blacklist`二选一,只能单独启用白名单或黑名单,两个不能一起使用。 |
|
| whitelist | array[string] | 必选 | | | 与`blacklist`二选一,只能单独启用白名单或黑名单,两个不能一起使用。 |
|
||||||
| blacklist | array[string] | 必选 | | | 与`whitelist`二选一,只能单独启用白名单或黑名单,两个不能一起使用。 |
|
| blacklist | array[string] | 必选 | | | 与`whitelist`二选一,只能单独启用白名单或黑名单,两个不能一起使用。 |
|
||||||
| rejected_code | integer | 可选 | 403 | [200,...] | 当请求被拒绝时,返回的 HTTP 状态码。|
|
| rejected_code | integer | 可选 | 403 | [200,...] | 当请求被拒绝时,返回的 HTTP 状态码。|
|
||||||
|
| rejected_msg | String | 可选 | | | 当请求被拒绝时,返回的消息内容。|
|
||||||
|
|
||||||
对于 `type` 字段是个枚举类型,它可以是 `consumer_name` 或 `service_id` 。分别代表以下含义:
|
对于 `type` 字段是个枚举类型,它可以是 `consumer_name` 或 `service_id` 。分别代表以下含义:
|
||||||
|
|
||||||
|
5
t/plugin/consumer-restriction.t
vendored
5
t/plugin/consumer-restriction.t
vendored
@ -263,7 +263,8 @@ Authorization: Basic amFjazIwMjA6MTIzNDU2
|
|||||||
"consumer-restriction": {
|
"consumer-restriction": {
|
||||||
"blacklist": [
|
"blacklist": [
|
||||||
"jack1"
|
"jack1"
|
||||||
]
|
],
|
||||||
|
"rejected_msg": "request is forbidden"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}]]
|
}]]
|
||||||
@ -302,7 +303,7 @@ GET /hello
|
|||||||
Authorization: Basic amFjazIwMTk6MTIzNDU2
|
Authorization: Basic amFjazIwMTk6MTIzNDU2
|
||||||
--- error_code: 403
|
--- error_code: 403
|
||||||
--- response_body
|
--- response_body
|
||||||
{"message":"The consumer_name is forbidden."}
|
{"message":"request is forbidden"}
|
||||||
--- no_error_log
|
--- no_error_log
|
||||||
[error]
|
[error]
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user