diff options
| author | Rajith Muditha Attapattu <rajith@apache.org> | 2010-04-08 22:12:03 +0000 |
|---|---|---|
| committer | Rajith Muditha Attapattu <rajith@apache.org> | 2010-04-08 22:12:03 +0000 |
| commit | 8565fcc8631ccfa36836fcde4e1aebac476022a8 (patch) | |
| tree | 7af23ed08a68d9b4f30934c58a2fb781c8818770 /cpp/src/qpid | |
| parent | e0a5bc013ae24199310df6711f2a603135b73792 (diff) | |
| download | qpid-python-8565fcc8631ccfa36836fcde4e1aebac476022a8.tar.gz | |
Committing the patch attached to QPID-2488
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@932148 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp/src/qpid')
| -rw-r--r-- | cpp/src/qpid/acl/Acl.cpp | 4 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/AclValidator.cpp | 141 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/AclValidator.h | 82 |
3 files changed, 227 insertions, 0 deletions
diff --git a/cpp/src/qpid/acl/Acl.cpp b/cpp/src/qpid/acl/Acl.cpp index e510920f6c..0e1379d7aa 100644 --- a/cpp/src/qpid/acl/Acl.cpp +++ b/cpp/src/qpid/acl/Acl.cpp @@ -18,6 +18,7 @@ #include "qpid/acl/Acl.h" #include "qpid/acl/AclData.h" +#include "qpid/acl/AclValidator.h" #include "qpid/broker/Broker.h" #include "qpid/Plugin.h" @@ -129,6 +130,9 @@ Acl::Acl (AclValues& av, Broker& b): aclValues(av), broker(&b), transferAcl(fals return false; } + AclValidator validator; + validator.validate(d); + data = d; transferAcl = data->transferAcl; // any transfer ACL data->aclSource = aclFile; diff --git a/cpp/src/qpid/acl/AclValidator.cpp b/cpp/src/qpid/acl/AclValidator.cpp new file mode 100644 index 0000000000..7c7fb231b5 --- /dev/null +++ b/cpp/src/qpid/acl/AclValidator.cpp @@ -0,0 +1,141 @@ +/* + * + * Copyright (c) 2006 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "qpid/acl/AclValidator.h" +#include "qpid/acl/AclData.h" +#include "qpid/Exception.h" +#include "qpid/log/Statement.h" +#include "qpid/sys/IntegerTypes.h" +#include <boost/lexical_cast.hpp> +#include <numeric> +#include <sstream> + +namespace qpid { +namespace acl { + +AclValidator::AclIntProperty::AclIntProperty(int64_t i,int64_t j) : min(i), max(j){ +} + +bool AclValidator::AclIntProperty::validate(const std::string& val) { + int64_t v; + try + { + v = boost::lexical_cast<int64_t>(val); + }catch(const boost::bad_lexical_cast& e){ + return 0; + } + + if (v < min || v >= max){ + return 0; + }else{ + return 1; + } +} + +std::string AclValidator::AclIntProperty::allowedValues() { + return "values should be between " + + boost::lexical_cast<std::string>(min) + " and " + + boost::lexical_cast<std::string>(max); +} + +AclValidator::AclEnumProperty::AclEnumProperty(std::vector<std::string>& allowed): values(allowed){ +} + +bool AclValidator::AclEnumProperty::validate(const std::string& val) { + for (std::vector<std::string>::iterator itr = values.begin(); itr != values.end(); ++itr ){ + if (val.compare(*itr) == 0){ + return 1; + } + } + + return 0; +} + +std::string AclValidator::AclEnumProperty::allowedValues() { + std::ostringstream oss; + oss << "possible values are one of { "; + for (std::vector<std::string>::iterator itr = values.begin(); itr != values.end(); itr++ ){ + oss << "'" << *itr << "' "; + } + oss << "}"; + return oss.str(); +} + +AclValidator::AclValidator(){ + validators.insert(Validator(acl::PROP_MAXQUEUESIZE, + boost::shared_ptr<AclProperty>( + new AclIntProperty(0,std::numeric_limits<int64_t>::max())) + ) + ); + + validators.insert(Validator(acl::PROP_MAXQUEUECOUNT, + boost::shared_ptr<AclProperty>( + new AclIntProperty(0,std::numeric_limits<int64_t>::max())) + ) + ); + + std::string policyTypes[] = {"ring", "ring_strict", "flow_to_disk", "reject"}; + std::vector<std::string> v(policyTypes, policyTypes + sizeof(policyTypes) / sizeof(std::string)); + validators.insert(Validator(acl::PROP_POLICYTYPE, + boost::shared_ptr<AclProperty>(new AclEnumProperty(v)) + ) + ); + +} + +AclValidator::~AclValidator(){ +} + +/* Iterate through the data model and validate the parameters. */ +void AclValidator::validate(boost::shared_ptr<AclData> d) { + + for (unsigned int cnt=0; cnt< qpid::acl::ACTIONSIZE; cnt++){ + + if (d->actionList[cnt]){ + + for (unsigned int cnt1=0; cnt1< qpid::acl::OBJECTSIZE; cnt1++){ + + if (d->actionList[cnt][cnt1]){ + + for (AclData::actObjItr actionMapItr = d->actionList[cnt][cnt1]->begin(); + actionMapItr != d->actionList[cnt][cnt1]->end(); actionMapItr++) { + + for (AclData::ruleSetItr i = actionMapItr->second.begin(); i < actionMapItr->second.end(); i++) { + + for (AclData::propertyMapItr pMItr = i->props.begin(); pMItr != i->props.end(); pMItr++) { + + ValidatorItr itr = validators.find(pMItr->first); + if (itr != validators.end()){ + QPID_LOG(debug,"Found validator for property " << itr->second->allowedValues()); + + if (!itr->second->validate(pMItr->second)){ + throw Exception( pMItr->second + " is not a valid value for '" + + AclHelper::getPropertyStr(pMItr->first) + "', " + + itr->second->allowedValues()); + }//if + }//if + }//for + }//for + }//for + }//if + }//for + }//if + }//for +} + +}} diff --git a/cpp/src/qpid/acl/AclValidator.h b/cpp/src/qpid/acl/AclValidator.h new file mode 100644 index 0000000000..1176d2e89c --- /dev/null +++ b/cpp/src/qpid/acl/AclValidator.h @@ -0,0 +1,82 @@ +#ifndef QPID_ACL_ACLVALIDATOR_H +#define QPID_ACL_ACLVALIDATOR_H + + +/* + * + * Copyright (c) 2006 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "qpid/broker/AclModule.h" +#include "qpid/acl/AclData.h" +#include "qpid/sys/IntegerTypes.h" +#include <boost/shared_ptr.hpp> +#include <vector> +#include <sstream> + +namespace qpid { +namespace acl { + +class AclValidator { + + /* Base Property */ + class AclProperty{ + public: + enum PropertyType { INT, STRING, ENUM }; + + public: + virtual int getType()=0; + virtual bool validate(const std::string& val)=0; + virtual std::string allowedValues()=0; + }; + + class AclIntProperty : public AclProperty{ + int64_t min; + int64_t max; + + public: + AclIntProperty(int64_t min,int64_t max); + int getType(){ return AclProperty::INT; } + virtual bool validate(const std::string& val); + virtual std::string allowedValues(); + }; + + class AclEnumProperty : public AclProperty{ + std::vector<std::string> values; + + public: + AclEnumProperty(std::vector<std::string>& allowed); + int getType(){ return AclProperty::ENUM; } + virtual bool validate(const std::string& val); + virtual std::string allowedValues(); + }; + + typedef std::pair<acl::Property,boost::shared_ptr<AclProperty> > Validator; + typedef std::map<acl::Property,boost::shared_ptr<AclProperty> > ValidatorMap; + typedef ValidatorMap::iterator ValidatorItr; + + ValidatorMap validators; + +public: + + void validate(boost::shared_ptr<AclData> d); + AclValidator(); + ~AclValidator(); +}; + +}} // namespace qpid::acl + +#endif // QPID_ACL_ACLVALIDATOR_H |