diff options
| author | Kim van der Riet <kpvdr@apache.org> | 2008-08-01 21:07:20 +0000 |
|---|---|---|
| committer | Kim van der Riet <kpvdr@apache.org> | 2008-08-01 21:07:20 +0000 |
| commit | 8ce6a530df25eae7ebf28b9897e0c6a922a7b3a4 (patch) | |
| tree | b5630846706d191bab69f3d48e41139b9d79dd1c /cpp/src | |
| parent | 2511200dc9f3e75d2f6979b33fd94301e9b117cd (diff) | |
| download | qpid-python-8ce6a530df25eae7ebf28b9897e0c6a922a7b3a4.tar.gz | |
Initial framework for ACL reader
git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk/qpid@681824 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp/src')
| -rw-r--r-- | cpp/src/acl.mk | 2 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/Acl.cpp | 17 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/Acl.h | 5 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/AclPlugin.cpp | 4 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/AclReader.cpp | 73 | ||||
| -rw-r--r-- | cpp/src/qpid/acl/AclReader.h | 45 |
6 files changed, 142 insertions, 4 deletions
diff --git a/cpp/src/acl.mk b/cpp/src/acl.mk index 669e8fe9d7..28b5f4f89f 100644 --- a/cpp/src/acl.mk +++ b/cpp/src/acl.mk @@ -6,6 +6,8 @@ lib_LTLIBRARIES += libqpidacl.la libqpidacl_la_SOURCES = \ qpid/acl/Acl.cpp \ qpid/acl/Acl.h \ + qpid/acl/AclReader.cpp \ + qpid/acl/AclReader.h \ qpid/acl/AclPlugin.cpp libqpidacl_la_LIBADD= -lacl libqpidbroker.la diff --git a/cpp/src/qpid/acl/Acl.cpp b/cpp/src/qpid/acl/Acl.cpp index 9f6917a006..2e13aac7a6 100644 --- a/cpp/src/qpid/acl/Acl.cpp +++ b/cpp/src/qpid/acl/Acl.cpp @@ -72,6 +72,9 @@ using namespace std; /*params*/) { if (aclValues.noEnforce) return true; + boost::shared_ptr<AclData> dataLocal = data; //rcu copy + + // only use dataLocal here... // add real ACL check here... AclResult aclreslt = ALLOWLOG; // hack to test, set based on real decision. @@ -83,6 +86,9 @@ using namespace std; bool Acl::authorise(std::string id, acl::Action action, acl::ObjectType objType, std::string ExchangeName, std::string /*RoutingKey*/) { if (aclValues.noEnforce) return true; + boost::shared_ptr<AclData> dataLocal = data; //rcu copy + + // only use dataLocal here... // add real ACL check here... AclResult aclreslt = ALLOWLOG; // hack to test, set based on real decision. @@ -113,8 +119,15 @@ using namespace std; bool Acl::readAclFile() { // only set transferAcl = true if a rule implies the use of ACL on transfer, else keep false for permormance reasons. - - + return readAclFile(aclValues.aclFile); + } + + bool Acl::readAclFile(std::string aclFile) { + boost::shared_ptr<AclData> d(new AclData); + if (AclReader::read(aclFile, d)) + return false; + + data = d; return true; } diff --git a/cpp/src/qpid/acl/Acl.h b/cpp/src/qpid/acl/Acl.h index f460fb0c5e..a82add556c 100644 --- a/cpp/src/qpid/acl/Acl.h +++ b/cpp/src/qpid/acl/Acl.h @@ -22,6 +22,7 @@ +#include "qpid/acl/AclReader.h" #include "qpid/shared_ptr.h" #include "qpid/RefCounted.h" #include "qpid/broker/AclModule.h" @@ -37,7 +38,6 @@ class Broker; namespace acl { struct AclValues { - public: bool noEnforce; std::string aclFile; @@ -52,6 +52,7 @@ private: acl::AclValues aclValues; broker::Broker* broker; bool transferAcl; + boost::shared_ptr<AclData> data; public: @@ -71,7 +72,7 @@ private: std::string printObjType(acl::ObjectType objType); bool result(AclResult aclreslt, std::string id, acl::Action action, acl::ObjectType objType, std::string name); bool readAclFile(); - + bool readAclFile(std::string aclFile); }; diff --git a/cpp/src/qpid/acl/AclPlugin.cpp b/cpp/src/qpid/acl/AclPlugin.cpp index 8bc00e6a96..a025354f13 100644 --- a/cpp/src/qpid/acl/AclPlugin.cpp +++ b/cpp/src/qpid/acl/AclPlugin.cpp @@ -16,6 +16,7 @@ * */ +#include <sstream> #include "qpid/acl/Acl.h" #include "qpid/broker/Broker.h" #include "qpid/Plugin.h" @@ -61,6 +62,9 @@ struct AclPlugin : public Plugin { return; } if (acl) throw Exception("ACL plugin cannot be initialized twice in one process."); + std::ostringstream oss; + oss << b.getDataDir().getPath() << "/" << values.aclFile; + values.aclFile = oss.str(); acl = new Acl(values, b); b.setAcl(acl.get()); b.addFinalizer(boost::bind(&AclPlugin::shutdown, this)); diff --git a/cpp/src/qpid/acl/AclReader.cpp b/cpp/src/qpid/acl/AclReader.cpp new file mode 100644 index 0000000000..0a9517bc76 --- /dev/null +++ b/cpp/src/qpid/acl/AclReader.cpp @@ -0,0 +1,73 @@ +/* + * + * Copyright (c) 2006 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "qpid/acl/AclReader.h" + +#include <cstring> +//#include <iostream> // debug +#include <fstream> + +namespace qpid { +namespace acl { + +int AclReader::read(const std::string& fn, boost::shared_ptr<AclData> d) { +//std::cout << "AclReader::read(" << fn << ")" << std::endl << std::flush; + char buff[1024]; + std::ifstream ifs(fn.c_str(), std::ios_base::in); + if (!ifs.good()) { + // error/exception - file open error + return -1; + } + try { + while (ifs.good()) { + ifs.getline(buff, 1024); + processLine(buff, d); + } + ifs.close(); + } catch (...) { + // error/exception - file read/processing error + ifs.close(); + return -2; + } + return 0; +} + + +void AclReader::processLine(char* line, boost::shared_ptr<AclData> /*d*/) { + std::vector<std::string> toks; + int numToks = tokenizeLine(line, toks); + for (int i=0; i<numToks; i++) { +// DO MAGIC STUFF HERE +//std::cout << "tok " << i << ": " << toks[i] << std::endl << std::flush; + } +} + +int AclReader::tokenizeLine(char* line, std::vector<std::string>& toks) { + const char* tokChars = " \t\n"; + int cnt = 0; + char* cp = std::strtok(line, tokChars); + while (cp != 0) { + toks.push_back(std::string(cp)); + cnt++; + cp = std::strtok(0, tokChars); + } + return cnt; +} + + +}} // namespace qpid::acl diff --git a/cpp/src/qpid/acl/AclReader.h b/cpp/src/qpid/acl/AclReader.h new file mode 100644 index 0000000000..783b70d98a --- /dev/null +++ b/cpp/src/qpid/acl/AclReader.h @@ -0,0 +1,45 @@ +#ifndef QPID_ACL_ACLREADER_H +#define QPID_ACL_ACLREADER_H + + +/* + * + * Copyright (c) 2006 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include <boost/shared_ptr.hpp> +#include <string> +#include <vector> + +namespace qpid { +namespace acl { + +struct AclData { + bool lc; // Line continue flag + AclData() : lc(false) {} +}; + +class AclReader { +public: + static int read(const std::string& fn, boost::shared_ptr<AclData> d); +private: + static void processLine(char* line, boost::shared_ptr<AclData> d); + static int tokenizeLine(char* line, std::vector<std::string>& toks); +}; + +}} // namespace qpid::acl + +#endif // QPID_ACL_ACLREADER_H |