QPID-2934 Feature to pass the authenticated userId to QMF agent method handlers for authorization

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1033232 13f79535-47bb-0310-9956-ffa450edef68
author: Ted Ross <tross@apache.org> 2010-11-09 21:15:03 +0000
committer: Ted Ross <tross@apache.org> 2010-11-09 21:15:03 +0000
commit: 4870a01b7976362d3836ba0d56291f01b7f2e6af (patch)
tree: 921b002956ec18c7fe5602b0641e9dd8395b7f98 /cpp/src
parent: d282da7e6f515ded59a76b4dfbc2bedab8f7f6d7 (diff)
download: qpid-python-4870a01b7976362d3836ba0d56291f01b7f2e6af.tar.gz
4 files changed, 25 insertions, 15 deletions
diff --git a/cpp/src/qpid/agent/ManagementAgentImpl.cpp b/cpp/src/qpid/agent/ManagementAgentImpl.cpp
index b3f1d57a9a..0a1c07a232 100644
--- a/cpp/src/qpid/agent/ManagementAgentImpl.cpp
+++ b/cpp/src/qpid/agent/ManagementAgentImpl.cpp
@@ -360,7 +360,7 @@ uint32_t ManagementAgentImpl::pollCallbacks(uint32_t callLimit)
         methodQueue.pop_front();
         {
             sys::Mutex::ScopedUnlock unlock(agentLock);
-            invokeMethodRequest(item->body, item->cid, item->replyTo);
+            invokeMethodRequest(item->body, item->cid, item->replyTo, item->userId);
             delete item;
         }
     }
@@ -559,7 +559,7 @@ void ManagementAgentImpl::handleConsoleAddedIndication()
     QPID_LOG(trace, "RCVD ConsoleAddedInd");
 }
 
-void ManagementAgentImpl::invokeMethodRequest(const string& body, const string& cid, const string& replyTo)
+void ManagementAgentImpl::invokeMethodRequest(const string& body, const string& cid, const string& replyTo, const string& userId)
 {
     string  methodName;
     bool    failed = false;
@@ -606,7 +606,7 @@ void ManagementAgentImpl::invokeMethodRequest(const string& body, const string&
                               Manageable::STATUS_UNKNOWN_OBJECT);
                 failed = true;
             } else {
-                oPtr->doMethod(methodName, inArgs, callMap);
+                oPtr->doMethod(methodName, inArgs, callMap, userId);
 
                 if (callMap["_status_code"].asUint32() == 0) {
                     outMap["_arguments"] = Variant::Map();
@@ -837,12 +837,12 @@ void ManagementAgentImpl::handleLocateRequest(const string&, const string& cid,
     }
 }
 
-void ManagementAgentImpl::handleMethodRequest(const string& body, const string& cid, const string& replyTo)
+void ManagementAgentImpl::handleMethodRequest(const string& body, const string& cid, const string& replyTo, const string& userId)
 {
     if (extThread) {
         sys::Mutex::ScopedLock lock(agentLock);
 
-        methodQueue.push_back(new QueuedMethod(cid, replyTo, body));
+        methodQueue.push_back(new QueuedMethod(cid, replyTo, body, userId));
         if (pipeHandle != 0) {
             pipeHandle->write("X", 1);
         } else if (notifyable != 0) {
@@ -861,7 +861,7 @@ void ManagementAgentImpl::handleMethodRequest(const string& body, const string&
             inCallback = false;
         }
     } else {
-        invokeMethodRequest(body, cid, replyTo);
+        invokeMethodRequest(body, cid, replyTo, userId);
     }
 
     QPID_LOG(trace, "RCVD MethodRequest");
@@ -876,13 +876,17 @@ void ManagementAgentImpl::received(Message& msg)
         replyToKey = rt.getRoutingKey();
     }
 
+    string userId;
+    if (mp.hasUserId())
+        userId = mp.getUserId();
+
     if (mp.hasAppId() && mp.getAppId() == "qmf2")
     {
         string opcode = mp.getApplicationHeaders().getAsString("qmf.opcode");
         string cid = msg.getMessageProperties().getCorrelationId();
 
         if      (opcode == "_agent_locate_request") handleLocateRequest(msg.getData(), cid, replyToKey);
-        else if (opcode == "_method_request")       handleMethodRequest(msg.getData(), cid, replyToKey);
+        else if (opcode == "_method_request")       handleMethodRequest(msg.getData(), cid, replyToKey, userId);
         else if (opcode == "_query_request")        handleGetQuery(msg.getData(), cid, replyToKey);
         else {
             QPID_LOG(warning, "Support for QMF V2 Opcode [" << opcode << "] TBD!!!");
diff --git a/cpp/src/qpid/agent/ManagementAgentImpl.h b/cpp/src/qpid/agent/ManagementAgentImpl.h
index 59f6c0b99c..09d98d237b 100644
--- a/cpp/src/qpid/agent/ManagementAgentImpl.h
+++ b/cpp/src/qpid/agent/ManagementAgentImpl.h
@@ -128,12 +128,13 @@ class ManagementAgentImpl : public ManagementAgent, public client::MessageListen
     };
 
     struct QueuedMethod {
-    QueuedMethod(const std::string& _cid, const std::string& _reply, const std::string& _body) :
-        cid(_cid), replyTo(_reply), body(_body) {}
+    QueuedMethod(const std::string& _cid, const std::string& _reply, const std::string& _body, const std::string& _uid) :
+        cid(_cid), replyTo(_reply), body(_body), userId(_uid) {}
 
         std::string cid;
         std::string replyTo;
         std::string body;
+        std::string userId;
     };
 
     typedef std::deque<QueuedMethod*> MethodQueue;
@@ -282,11 +283,11 @@ class ManagementAgentImpl : public ManagementAgent, public client::MessageListen
     void handlePackageRequest (qpid::framing::Buffer& inBuffer);
     void handleClassQuery     (qpid::framing::Buffer& inBuffer);
     void handleSchemaRequest  (qpid::framing::Buffer& inBuffer, uint32_t sequence, const std::string& replyTo);
-    void invokeMethodRequest  (const std::string& body, const std::string& cid, const std::string& replyTo);
+    void invokeMethodRequest  (const std::string& body, const std::string& cid, const std::string& replyTo, const std::string& userId);
 
     void handleGetQuery       (const std::string& body, const std::string& cid, const std::string& replyTo);
     void handleLocateRequest  (const std::string& body, const std::string& sequence, const std::string& replyTo);
-    void handleMethodRequest  (const std::string& body, const std::string& sequence, const std::string& replyTo);
+    void handleMethodRequest  (const std::string& body, const std::string& sequence, const std::string& replyTo, const std::string& userId);
     void handleConsoleAddedIndication();
     void getHeartbeatContent  (qpid::types::Variant::Map& map);
 };
diff --git a/cpp/src/qpid/management/Manageable.cpp b/cpp/src/qpid/management/Manageable.cpp
index a3593e73e3..651215ffb5 100644
--- a/cpp/src/qpid/management/Manageable.cpp
+++ b/cpp/src/qpid/management/Manageable.cpp
@@ -46,3 +46,8 @@ Manageable::status_t Manageable::ManagementMethod (uint32_t, Args&, std::string&
     return STATUS_UNKNOWN_METHOD;
 }
 
+bool Manageable::AuthorizeMethod(uint32_t, Args&, const std::string&)
+{
+    return true;
+}
+
diff --git a/cpp/src/qpid/management/ManagementAgent.cpp b/cpp/src/qpid/management/ManagementAgent.cpp
index 09494f1d8e..f33ebcd68d 100644
--- a/cpp/src/qpid/management/ManagementAgent.cpp
+++ b/cpp/src/qpid/management/ManagementAgent.cpp
@@ -1083,8 +1083,8 @@ void ManagementAgent::handleMethodRequestLH(Buffer& inBuffer, const string& repl
         return;
     }
 
+    string userId = ((const qpid::broker::ConnectionState*) connToken)->getUserId();
     if (acl != 0) {
-        string userId = ((const qpid::broker::ConnectionState*) connToken)->getUserId();
         map<acl::Property, string> params;
         params[acl::PROP_SCHEMAPACKAGE] = packageName;
         params[acl::PROP_SCHEMACLASS]   = className;
@@ -1115,7 +1115,7 @@ void ManagementAgent::handleMethodRequestLH(Buffer& inBuffer, const string& repl
                 outBuffer.record();
                 sys::Mutex::ScopedUnlock u(userLock);
                 string outBuf;
-                iter->second->doMethod(methodName, inArgs, outBuf);
+                iter->second->doMethod(methodName, inArgs, outBuf, userId);
                 outBuffer.putRawData(outBuf);
             } catch(exception& e) {
                 outBuffer.restore();
@@ -1193,8 +1193,8 @@ void ManagementAgent::handleMethodRequestLH (const string& body, const string& r
         return;
     }
 
+    string userId = ((const qpid::broker::ConnectionState*) connToken)->getUserId();
     if (acl != 0) {
-        string userId = ((const qpid::broker::ConnectionState*) connToken)->getUserId();
         map<acl::Property, string> params;
         params[acl::PROP_SCHEMAPACKAGE] = iter->second->getPackageName();
         params[acl::PROP_SCHEMACLASS]   = iter->second->getClassName();
@@ -1214,7 +1214,7 @@ void ManagementAgent::handleMethodRequestLH (const string& body, const string& r
 
     try {
         sys::Mutex::ScopedUnlock u(userLock);
-        iter->second->doMethod(methodName, inArgs, callMap);
+        iter->second->doMethod(methodName, inArgs, callMap, userId);
         errorCode = callMap["_status_code"].asUint32();
         if (errorCode == 0) {
             outMap["_arguments"] = Variant::Map();
author	Ted Ross <tross@apache.org>	2010-11-09 21:15:03 +0000
committer	Ted Ross <tross@apache.org>	2010-11-09 21:15:03 +0000
commit	4870a01b7976362d3836ba0d56291f01b7f2e6af (patch)
tree	921b002956ec18c7fe5602b0641e9dd8395b7f98 /cpp/src
parent	d282da7e6f515ded59a76b4dfbc2bedab8f7f6d7 (diff)
download	qpid-python-4870a01b7976362d3836ba0d56291f01b7f2e6af.tar.gz