From 99adc96f72cf70a8ca485e280a0a7fb02261a1e3 Mon Sep 17 00:00:00 2001
From: Farukh Khan <farukhkhan21@gmail.com>
Date: Mon, 27 Nov 2023 17:54:21 +0800
Subject: [PATCH] NET-698 (#2671)

* create emqx creds for host on pull if not found

* create emqx creds for host on pull if not found.

* emqx creds creation changed to host authenticate function

* emqx creds creation changed to host authenticate function.

* added node acls update

* added node acls update.
---
 controllers/hosts.go | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/controllers/hosts.go b/controllers/hosts.go
index 4e3cf072..5b3466a7 100644
--- a/controllers/hosts.go
+++ b/controllers/hosts.go
@@ -478,6 +478,27 @@ func authenticateHost(response http.ResponseWriter, request *http.Request) {
 		logic.ReturnErrorResponse(response, request, errorResponse)
 		return
 	}
+
+	// Create EMQX creds and ACLs if not found
+	if servercfg.GetBrokerType() == servercfg.EmqxBrokerType {
+		if err := mq.CreateEmqxUser(host.ID.String(), host.HostPass, false); err != nil {
+			slog.Error("failed to create host credentials for EMQX: ", err.Error())
+		} else {
+			if err := mq.CreateHostACL(host.ID.String(), servercfg.GetServerInfo().Server); err != nil {
+				slog.Error("failed to add host ACL rules to EMQX: ", err.Error())
+			}
+			for _, nodeID := range host.Nodes {
+				if node, err := logic.GetNodeByID(nodeID); err == nil {
+					if err = mq.AppendNodeUpdateACL(host.ID.String(), node.Network, node.ID.String(), servercfg.GetServer()); err != nil {
+						slog.Error("failed to add ACLs for EMQX node", "error", err)
+					}
+				} else {
+					slog.Error("failed to get node", "nodeid", nodeID, "error", err)
+				}
+			}
+		}
+	}
+
 	response.WriteHeader(http.StatusOK)
 	response.Header().Set("Content-Type", "application/json")
 	response.Write(successJSONResponse)