Firstsawyou commented on a change in pull request #2241: URL: https://github.com/apache/apisix/pull/2241#discussion_r490688992
########## File path: apisix/plugins/consumer-restriction.lua ########## @@ -67,26 +81,33 @@ function _M.check_schema(conf) return true end + function _M.access(conf, ctx) - if not ctx.consumer then + if not conf.type then return 401, { message = "Missing authentication or identity verification." } end + local value = fetch_val_funcs[conf.type](ctx) + if not value then + return 401, { message = "Failed to fetch value by value type: " .. conf.type } + end + core.log.info("value: ", value) + local block = false if conf.blacklist and #conf.blacklist > 0 then - if is_include(ctx.consumer.username, conf.blacklist) then + if is_include(value, conf.blacklist) then block = true end end if conf.whitelist and #conf.whitelist > 0 then - if not is_include(ctx.consumer.username, conf.whitelist) then + if not is_include(value, conf.whitelist) then block = true end end if block then - return 403, { message = "The consumer is not allowed" } + return conf.rejected_code, { message = "The " .. conf.type .. " is not allowed" } Review comment: do you mean set `conf.rejected_cod` 405 (not allowed) by default? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org