diff options
| author | Rajith Muditha Attapattu <rajith@apache.org> | 2010-02-18 18:23:54 +0000 |
|---|---|---|
| committer | Rajith Muditha Attapattu <rajith@apache.org> | 2010-02-18 18:23:54 +0000 |
| commit | 6dc4db12c7055ff40d43ed020a847517cd56033f (patch) | |
| tree | 4d7d7154475a1a5eebcd9412399e2762cfa58635 | |
| parent | c2d7b395cab5f6bc41b56df2e5d814ee96faf4bd (diff) | |
| download | qpid-python-6dc4db12c7055ff40d43ed020a847517cd56033f.tar.gz | |
This is related to QPID-2413
Added a mechanism to catch the lexical cast errors and print an error message.
I also fixed up some formatting as well.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@911509 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | qpid/cpp/src/qpid/acl/Acl.cpp | 3 | ||||
| -rw-r--r-- | qpid/cpp/src/qpid/acl/AclData.cpp | 41 | ||||
| -rw-r--r-- | qpid/cpp/src/qpid/acl/AclData.h | 5 |
3 files changed, 38 insertions, 11 deletions
diff --git a/qpid/cpp/src/qpid/acl/Acl.cpp b/qpid/cpp/src/qpid/acl/Acl.cpp index fe2644c136..21a9e2055e 100644 --- a/qpid/cpp/src/qpid/acl/Acl.cpp +++ b/qpid/cpp/src/qpid/acl/Acl.cpp @@ -60,7 +60,7 @@ Acl::Acl (AclValues& av, Broker& b): aclValues(av), broker(&b), transferAcl(fals if (mgmtObject!=0) mgmtObject->set_enforcingAcl(0); } QPID_LOG(info, "ACL Plugin loaded"); - if (mgmtObject!=0) mgmtObject->set_enforcingAcl(1); + if (mgmtObject!=0) mgmtObject->set_enforcingAcl(1); } bool Acl::authorise(const std::string& id, const Action& action, const ObjectType& objType, const std::string& name, std::map<Property, std::string>* params) @@ -130,6 +130,7 @@ Acl::Acl (AclValues& av, Broker& b): aclValues(av), broker(&b), transferAcl(fals data = d; transferAcl = data->transferAcl; // any transfer ACL + data->aclSource = aclFile; if (mgmtObject!=0){ mgmtObject->set_transferAcl(transferAcl?1:0); mgmtObject->set_policyFile(aclFile); diff --git a/qpid/cpp/src/qpid/acl/AclData.cpp b/qpid/cpp/src/qpid/acl/AclData.cpp index 5d7a028736..a03d5b4d55 100644 --- a/qpid/cpp/src/qpid/acl/AclData.cpp +++ b/qpid/cpp/src/qpid/acl/AclData.cpp @@ -24,7 +24,7 @@ namespace qpid { namespace acl { -AclData::AclData():decisionMode(qpid::acl::DENY),transferAcl(false) +AclData::AclData():decisionMode(qpid::acl::DENY),transferAcl(false),aclSource("UNKNOWN") { for (unsigned int cnt=0; cnt< qpid::acl::ACTIONSIZE; cnt++){ actionList[cnt]=0; @@ -95,14 +95,40 @@ AclResult AclData::lookup(const std::string& id, const Action& action, const Obj << AclHelper::getPropertyStr(pMItr->first) << "'"); }else if ( pMItr->first == acl::PROP_MAXQUEUECOUNT || pMItr->first == acl::PROP_MAXQUEUESIZE ) { if ( pMItr->first == paramItr->first ) { - uint64_t aclMax = boost::lexical_cast<uint64_t>(pMItr->second); - uint64_t paramMax = boost::lexical_cast<uint64_t>(paramItr->second); + + uint64_t aclMax = 0; + uint64_t paramMax = 0; + + try{ + aclMax = boost::lexical_cast<uint64_t>(pMItr->second); + }catch(const boost::bad_lexical_cast& e){ + match = false; + QPID_LOG(error,"Error evaluating rule. " << + "Illegal value given in ACL source <" << aclSource << + "> for property '" << + AclHelper::getPropertyStr(pMItr->first) << "' : " << + boost::lexical_cast<std::string>(pMItr->second)); + break; + } + + try{ + paramMax = boost::lexical_cast<uint64_t>(paramItr->second); + }catch(const boost::bad_lexical_cast& e){ + match = false; + QPID_LOG(error,"Error evaluating rule. " << + "Illegal value given in lookup for property '" << + AclHelper::getPropertyStr(pMItr->first) << "' : " << + boost::lexical_cast<std::string>(paramItr->second)); + break; + } + QPID_LOG(debug, "ACL: Numeric comparison for property " << AclHelper::getPropertyStr(paramItr->first) << " (value given in lookup = " << boost::lexical_cast<std::string>(paramItr->second) << ", value give in rule = " << - boost::lexical_cast<std::string>(pMItr->second) << " )"); + boost::lexical_cast<std::string>(pMItr->second) << " )"); + if (( aclMax ) && ( paramMax == 0 || paramMax > aclMax)){ match = decisionMode == qpid::acl::ALLOW ; QPID_LOG(debug, "ACL: Limit exceeded and match=" << @@ -110,8 +136,8 @@ AclResult AclData::lookup(const std::string& id, const Action& action, const Obj " as decision mode is " << AclHelper::getAclResultStr(decisionMode)); } } - }else if (matchProp(pMItr->second, paramItr->second)) { - QPID_LOG(debug, "ACL: the pair(" + }else if (matchProp(pMItr->second, paramItr->second)) { + QPID_LOG(debug, "ACL: the pair(" << AclHelper::getPropertyStr(paramItr->first) << "," << paramItr->second << ") given in lookup matched the pair(" << AclHelper::getPropertyStr(pMItr->first) << "," << pMItr->second << ") given in the rule"); @@ -121,8 +147,7 @@ AclResult AclData::lookup(const std::string& id, const Action& action, const Obj << ") given in lookup doesn't match the pair(" << AclHelper::getPropertyStr(pMItr->first) << "," << pMItr->second << ") given in the rule"); match = false; - - } + } } } if (match) diff --git a/qpid/cpp/src/qpid/acl/AclData.h b/qpid/cpp/src/qpid/acl/AclData.h index a63afab12b..efd3b60145 100644 --- a/qpid/cpp/src/qpid/acl/AclData.h +++ b/qpid/cpp/src/qpid/acl/AclData.h @@ -64,9 +64,10 @@ public: // Action*[] -> Object*[] -> map<user -> set<Rule> > aclAction* actionList[qpid::acl::ACTIONSIZE]; - qpid::acl::AclResult decisionMode; // determines if the rule set is an deny or accept basis. + qpid::acl::AclResult decisionMode; // determines if the rule set is a deny or allow mode. bool transferAcl; - + std::string aclSource; + AclResult lookup(const std::string& id, const Action& action, const ObjectType& objType, const std::string& name, std::map<Property, std::string>* params=0); AclResult lookup(const std::string& id, const Action& action, const ObjectType& objType, const std::string& ExchangeName, const std::string& RoutingKey); AclResult getACLResult(bool logOnly, bool log); |