diff options
4 files changed, 152 insertions, 12 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java index d2bbb795e9..3e065f9a9b 100755 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java @@ -53,6 +53,7 @@ public class PrincipalPermissions private static final int PUBLISH_EXCHANGES_KEY = 0; private Map _permissions; + private boolean _fullVHostAccess = false; private String _user; @@ -82,6 +83,9 @@ public class PrincipalPermissions { switch (permission) { + case ACCESS:// Parameters : None + grantAccess(permission); + break; case CONSUME: // Parameters : AMQShortString queueName, Boolean Temporary, Boolean ownQueueOnly grantConsume(permission, parameters); break; @@ -98,7 +102,6 @@ public class PrincipalPermissions break; /* The other cases just fall through to no-op */ case DELETE: - case ACCESS: // This is a no-op as the existence of this PrincipalPermission object is scoped per VHost for ACCESS case BIND: // All the details are currently included in the create setup. case PURGE: case UNBIND: @@ -107,6 +110,11 @@ public class PrincipalPermissions } + private void grantAccess(Permission permission) + { + _fullVHostAccess = true; + } + private void grantPublish(Permission permission, Object... parameters) { Map publishRights = (Map) _permissions.get(permission); @@ -353,9 +361,8 @@ public class PrincipalPermissions switch (permission) { - case ACCESS: - return AuthzResult.ALLOWED; // This is here for completeness but the SimpleXML ACLManager never calls it. - // The existence of this user specific PP can be validated in the map SimpleXML maintains. + case ACCESS://No Parameters + return AuthzResult.ALLOWED; // The existence of this user-specific PP infers some level of access is authorised case BIND: // Parameters : QueueBindMethod , Exchange , AMQQueue, AMQShortString routingKey return authoriseBind(parameters); case CREATEQUEUE:// Parameters : boolean autodelete, AMQShortString name @@ -376,7 +383,14 @@ public class PrincipalPermissions } - private AuthzResult authoriseConsume(Permission permission, Object... parameters) { + private AuthzResult authoriseConsume(Permission permission, Object... parameters) + { + if(_fullVHostAccess) + { + //user has been granted full access to the vhost + return AuthzResult.ALLOWED; + } + if (parameters.length == 1 && parameters[0] instanceof AMQQueue) { AMQQueue queue = ((AMQQueue) parameters[0]); @@ -434,8 +448,15 @@ public class PrincipalPermissions return AuthzResult.DENIED; } - private AuthzResult authorisePublish(Permission permission, Object... parameters) { - Map publishRights = (Map) _permissions.get(permission); + private AuthzResult authorisePublish(Permission permission, Object... parameters) + { + if(_fullVHostAccess) + { + //user has been granted full access to the vhost + return AuthzResult.ALLOWED; + } + + Map publishRights = (Map) _permissions.get(permission); if (publishRights == null) { @@ -494,7 +515,14 @@ public class PrincipalPermissions } } - private AuthzResult authoriseCreateExchange(Permission permission, Object... parameters) { + private AuthzResult authoriseCreateExchange(Permission permission, Object... parameters) + { + if(_fullVHostAccess) + { + //user has been granted full access to the vhost + return AuthzResult.ALLOWED; + } + Map rights = (Map) _permissions.get(permission); AMQShortString exchangeName = (AMQShortString) parameters[0]; @@ -511,8 +539,15 @@ public class PrincipalPermissions } } - private AuthzResult authoriseCreateQueue(Permission permission, Object... parameters) { - Map createRights = (Map) _permissions.get(permission); + private AuthzResult authoriseCreateQueue(Permission permission, Object... parameters) + { + if(_fullVHostAccess) + { + //user has been granted full access to the vhost + return AuthzResult.ALLOWED; + } + + Map createRights = (Map) _permissions.get(permission); // If there are no create rights then deny request if (createRights == null) @@ -549,8 +584,15 @@ public class PrincipalPermissions } } - private AuthzResult authoriseBind(Object... parameters) { - Exchange exchange = (Exchange) parameters[1]; + private AuthzResult authoriseBind(Object... parameters) + { + if(_fullVHostAccess) + { + //user has been granted full access to the vhost + return AuthzResult.ALLOWED; + } + + Exchange exchange = (Exchange) parameters[1]; AMQQueue bind_queueName = (AMQQueue) parameters[2]; AMQShortString routingKey = (AMQShortString) parameters[3]; diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java index 2cc0c530de..d0514224f1 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java @@ -85,8 +85,29 @@ public class SimpleXML implements ACLPlugin processConsume(config); processCreate(config); + + processAccess(config); } + private void processAccess(Configuration config) + { + Configuration accessConfig = config.subset("access_control_list.access"); + + if(accessConfig.isEmpty()) + { + //there is no access configuration to process + return; + } + + // Process users that have full access permission + String[] users = accessConfig.getStringArray("users.user"); + + for (String user : users) + { + grant(Permission.ACCESS, user); + } + } + /** * Publish format takes Exchange + Routing Key Pairs * diff --git a/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java b/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java index 69c8ccaa5d..adfe9f52e4 100644 --- a/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java +++ b/java/broker/src/test/java/org/apache/qpid/server/security/access/PrincipalPermissionsTest.java @@ -165,4 +165,37 @@ public class PrincipalPermissionsTest extends TestCase assertEquals(AuthzResult.ALLOWED, _perms.authorise(Permission.PUBLISH, authArgs)); } + public void testVhostAccess() + { + //Tests that granting a user Virtualhost level access allows all authorisation requests + //where previously they would be denied + + //QPID-2133 createExchange rights currently allow all exchange creation unless rights for creating some + //specific exchanges are granted. Grant a specific exchange creation to cause all others to be denied. + Object[] createArgsCreateExchange = new Object[]{new AMQShortString("madeup"), _exchangeType}; + Object[] authArgsCreateExchange = new Object[]{_exchangeName,_exchangeType}; + assertEquals("Exchange creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.CREATEEXCHANGE, authArgsCreateExchange)); + _perms.grant(Permission.CREATEEXCHANGE, createArgsCreateExchange); + + Object[] authArgsPublish = new Object[]{_exchange, _routingKey}; + Object[] authArgsConsume = new Object[]{_queue}; + Object[] authArgsCreateQueue = new Object[]{_autoDelete, _queueName}; + QueueBindBodyImpl bind = new QueueBindBodyImpl(_ticket, _queueName, _exchangeName, _routingKey, _nowait, _arguments); + Object[] authArgsBind = new Object[]{bind, _exchange, _queue, _routingKey}; + + assertEquals("Exchange creation was not denied", AuthzResult.DENIED, _perms.authorise(Permission.CREATEEXCHANGE, authArgsCreateExchange)); + assertEquals("Publish was not denied", AuthzResult.DENIED, _perms.authorise(Permission.PUBLISH, authArgsPublish)); + assertEquals("Consume creation was not denied", AuthzResult.DENIED, _perms.authorise(Permission.CONSUME, authArgsConsume)); + assertEquals("Queue creation was not denied", AuthzResult.DENIED, _perms.authorise(Permission.CREATEQUEUE, authArgsCreateQueue)); + //BIND pre-grant authorise check disabled due to QPID-1597 + //assertEquals("Binding creation was not denied", AuthzResult.DENIED, _perms.authorise(Permission.BIND, authArgsBind)); + + _perms.grant(Permission.ACCESS); + + assertEquals("Exchange creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.CREATEEXCHANGE, authArgsCreateExchange)); + assertEquals("Publish was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.PUBLISH, authArgsPublish)); + assertEquals("Consume creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.CONSUME, authArgsConsume)); + assertEquals("Queue creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.CREATEQUEUE, authArgsCreateQueue)); + assertEquals("Binding creation was not allowed", AuthzResult.ALLOWED, _perms.authorise(Permission.BIND, authArgsBind)); + } } diff --git a/java/systests/src/main/java/org/apache/qpid/server/security/acl/SimpleACLTest.java b/java/systests/src/main/java/org/apache/qpid/server/security/acl/SimpleACLTest.java index 091ef4de96..bee4a017fd 100644 --- a/java/systests/src/main/java/org/apache/qpid/server/security/acl/SimpleACLTest.java +++ b/java/systests/src/main/java/org/apache/qpid/server/security/acl/SimpleACLTest.java @@ -102,7 +102,51 @@ public class SimpleACLTest extends QpidTestCase implements ConnectionListener fail("Connection was not created due to:" + e); } } + + public void testAccessVhostAuthorisedGuest() throws IOException, Exception + { + //The 'guest' user normally has no access, as tested below in testAccessNoRights(), and so is unable to perform + //actions such as connecting (and by extension, creating a queue, and consuming from a queue etc). In order to test + //the vhost-wide 'access' right, we will now give the guest user 'access' ACL rights and perform various such actions. + setConfigurationProperty("virtualhosts.virtualhost.test.security.access_control_list.access.users.user", "guest"); + + setUpACLTest(); + + try + { + //get a connection + Connection conn = getConnection("guest", "guest"); + ((AMQConnection) conn).setConnectionListener(this); + + Session sesh = conn.createSession(false, Session.AUTO_ACKNOWLEDGE); + + conn.start(); + //create Queues and consumers for each + Queue namedQueue = sesh.createQueue("vhostAccessCreatedQueue" + getTestQueueName()); + Queue tempQueue = sesh.createTemporaryQueue(); + MessageConsumer consumer = sesh.createConsumer(namedQueue); + MessageConsumer tempConsumer = sesh.createConsumer(tempQueue); + + //send a message to each queue (also causing an exchange declare) + MessageProducer sender = ((AMQSession)sesh).createProducer(null); + ((org.apache.qpid.jms.MessageProducer) sender).send(namedQueue, sesh.createTextMessage("test"), + DeliveryMode.NON_PERSISTENT, 0, 0L, false, false, true); + ((org.apache.qpid.jms.MessageProducer) sender).send(tempQueue, sesh.createTextMessage("test"), + DeliveryMode.NON_PERSISTENT, 0, 0L, false, false, true); + + //consume the messages from the queues + consumer.receive(2000); + tempConsumer.receive(2000); + + conn.close(); + } + catch (Exception e) + { + fail("Test failed due to:" + e.getMessage()); + } + } + public void testAccessNoRights() throws Exception { setUpACLTest(); |