This is an automated email from the ASF dual-hosted git repository.
baoyuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new afe61d700 fix(plugin): merge consumer group plugins when consumer has
no direct plugins (#12998)
afe61d700 is described below
commit afe61d70006d97c867a033b1b779fdca3ba47de3
Author: Mohammad Izzraff Janius
<[email protected]>
AuthorDate: Thu Feb 12 09:31:31 2026 +0800
fix(plugin): merge consumer group plugins when consumer has no direct
plugins (#12998)
---
apisix/plugin.lua | 31 +--
t/plugin/limit-count-consumer-group-credentials.t | 242 ++++++++++++++++++++++
2 files changed, 261 insertions(+), 12 deletions(-)
diff --git a/apisix/plugin.lua b/apisix/plugin.lua
index 308749cc9..ab45b22f6 100644
--- a/apisix/plugin.lua
+++ b/apisix/plugin.lua
@@ -706,16 +706,21 @@ end
local function merge_consumer_route(route_conf, consumer_conf,
consumer_group_conf)
- if not consumer_conf.plugins or
- core.table.nkeys(consumer_conf.plugins) == 0
- then
- core.log.info("consumer no plugins")
+ local has_consumer_plugins = consumer_conf.plugins and
+ core.table.nkeys(consumer_conf.plugins) > 0
+ local has_group_plugins = consumer_group_conf and
+ consumer_group_conf.value and
+ consumer_group_conf.value.plugins and
+
core.table.nkeys(consumer_group_conf.value.plugins) > 0
+
+ if not has_consumer_plugins and not has_group_plugins then
+ core.log.info("consumer and consumer group have no plugins")
return route_conf
end
local new_route_conf = core.table.deepcopy(route_conf)
- if consumer_group_conf then
+ if has_group_plugins then
for name, conf in pairs(consumer_group_conf.value.plugins) do
if not new_route_conf.value.plugins then
new_route_conf.value.plugins = {}
@@ -729,15 +734,17 @@ local function merge_consumer_route(route_conf,
consumer_conf, consumer_group_co
end
- for name, conf in pairs(consumer_conf.plugins) do
- if not new_route_conf.value.plugins then
- new_route_conf.value.plugins = {}
- end
+ if has_consumer_plugins then
+ for name, conf in pairs(consumer_conf.plugins) do
+ if not new_route_conf.value.plugins then
+ new_route_conf.value.plugins = {}
+ end
- if new_route_conf.value.plugins[name] == nil then
- conf._from_consumer = true
+ if new_route_conf.value.plugins[name] == nil then
+ conf._from_consumer = true
+ end
+ new_route_conf.value.plugins[name] = conf
end
- new_route_conf.value.plugins[name] = conf
end
return new_route_conf
diff --git a/t/plugin/limit-count-consumer-group-credentials.t
b/t/plugin/limit-count-consumer-group-credentials.t
new file mode 100644
index 000000000..9654a8e88
--- /dev/null
+++ b/t/plugin/limit-count-consumer-group-credentials.t
@@ -0,0 +1,242 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(1);
+no_long_string();
+no_root_location();
+
+add_block_preprocessor(sub {
+ my ($block) = @_;
+ if ((!defined $block->error_log) && (!defined $block->no_error_log)) {
+ $block->set_value("no_error_log", "[error]");
+ }
+ if (!defined $block->request) {
+ $block->set_value("request", "GET /t");
+ }
+});
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: setup consumer group with limit-count plugin
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/consumer_groups/test_group',
+ ngx.HTTP_PUT,
+ [[{
+ "plugins": {
+ "limit-count": {
+ "count": 2,
+ "time_window": 60,
+ "rejected_code": 429,
+ "key": "remote_addr",
+ "policy": "local"
+ }
+ }
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 2: setup consumer with group_id (no direct plugins)
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/consumers/jack',
+ ngx.HTTP_PUT,
+ [[{
+ "username": "jack",
+ "group_id": "test_group"
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 3: setup credentials via credentials endpoint
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body =
t('/apisix/admin/consumers/jack/credentials/cred-jack',
+ ngx.HTTP_PUT,
+ [[{
+ "id": "cred-jack",
+ "plugins": {
+ "key-auth": {
+ "key": "auth-jack"
+ }
+ }
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 4: setup route with key-auth
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "plugins": {
+ "key-auth": {}
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1980": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/hello"
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 5: verify rate limiting works (all 3 requests in one test)
+--- pipelined_requests eval
+[
+ "GET /hello", "GET /hello", "GET /hello"
+]
+--- more_headers
+apikey: auth-jack
+--- error_code eval
+[200, 200, 429]
+
+
+
+=== TEST 6: setup second consumer group with higher limit
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/consumer_groups/premium_group',
+ ngx.HTTP_PUT,
+ [[{
+ "plugins": {
+ "limit-count": {
+ "count": 10,
+ "time_window": 60,
+ "rejected_code": 429,
+ "key": "remote_addr",
+ "policy": "local"
+ }
+ }
+ }]]
+ )
+
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 7: setup premium consumer with credentials
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+
+ local code, body = t('/apisix/admin/consumers/jane',
+ ngx.HTTP_PUT,
+ [[{
+ "username": "jane",
+ "group_id": "premium_group"
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ ngx.say(body)
+ return
+ end
+
+ code, body =
t('/apisix/admin/consumers/jane/credentials/cred-jane',
+ ngx.HTTP_PUT,
+ [[{
+ "id": "cred-jane",
+ "plugins": {
+ "key-auth": {
+ "key": "auth-jane"
+ }
+ }
+ }]]
+ )
+
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 8: verify premium consumer has higher limit
+--- pipelined_requests eval
+[
+ "GET /hello", "GET /hello", "GET /hello", "GET /hello", "GET /hello",
+ "GET /hello", "GET /hello", "GET /hello", "GET /hello", "GET /hello",
+ "GET /hello"
+]
+--- more_headers
+apikey: auth-jane
+--- error_code eval
+[200, 200, 200, 200, 200, 200, 200, 200, 200, 200, 429]
