diff options
Diffstat (limited to 'qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java')
-rw-r--r-- | qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java | 50 |
1 files changed, 44 insertions, 6 deletions
diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java index 532ff0b7d6..a5bdf662af 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/plugins/SimpleXML.java @@ -179,8 +179,26 @@ public class SimpleXML implements ACLPlugin private void processConsume(Configuration config) { + boolean temporary = false; + Configuration tempConfig = null; Configuration consumeConfig = config.subset("access_control_list.consume"); + tempConfig = consumeConfig.subset("queues.temporary(0)"); + if (tempConfig != null) + { + temporary = true; + } + + //Permission all users who have rights to temp queues and topics + if (tempConfig != null && !tempConfig.isEmpty()) + { + String[] tempUsers = tempConfig.getStringArray("users.user"); + for (String user : tempUsers) + { + grant(Permission.CONSUME, user, temporary); + } + } + // Process queue limited users int queueCount = 0; Configuration queueConfig = consumeConfig.subset("queues.queue(" + queueCount + ")"); @@ -190,14 +208,14 @@ public class SimpleXML implements ACLPlugin // Get queue Name AMQShortString queueName = new AMQShortString(queueConfig.getString("name")); // if there is no name then there may be a temporary element - boolean temporary = queueConfig.containsKey("temporary"); + boolean ownQueues = queueConfig.containsKey("own_queues"); // Process permissions for this queue String[] users = queueConfig.getStringArray("users.user"); for (String user : users) { - grant(Permission.CONSUME, user, queueName, temporary, ownQueues); + grant(Permission.CONSUME, user, queueName, ownQueues); } // See if we have another config @@ -210,14 +228,33 @@ public class SimpleXML implements ACLPlugin for (String user : users) { + //NOTE: this call does not appear to do anything inside the grant section for consume grant(Permission.CONSUME, user); } } private void processCreate(Configuration config) { + boolean temporary = false; + Configuration tempConfig = null; + Configuration createConfig = config.subset("access_control_list.create"); + tempConfig = createConfig.subset("queues.temporary(0)"); + if (tempConfig != null) + { + temporary = true; + } + + //Permission all users who have rights to temp queues and topics + if (tempConfig != null && !tempConfig.isEmpty()) + { + String[] tempUsers = tempConfig.getStringArray("users.user"); + for (String user : tempUsers) + { + grant(Permission.CREATEQUEUE, user, temporary); + } + } // Process create permissions for queue creation int queueCount = 0; Configuration queueConfig = createConfig.subset("queues.queue(" + queueCount + ")"); @@ -227,9 +264,6 @@ public class SimpleXML implements ACLPlugin // Get queue Name AMQShortString queueName = new AMQShortString(queueConfig.getString("name")); - // if there is no name then there may be a temporary element - boolean temporary = queueConfig.containsKey("temporary"); - int exchangeCount = 0; Configuration exchangeConfig = queueConfig.subset("exchanges.exchange(" + exchangeCount + ")"); @@ -238,12 +272,15 @@ public class SimpleXML implements ACLPlugin AMQShortString exchange = new AMQShortString(exchangeConfig.getString("name")); AMQShortString routingKey = new AMQShortString(exchangeConfig.getString("routing_key")); - + // Process permissions for this queue String[] users = exchangeConfig.getStringArray("users.user"); for (String user : users) { + //This is broken as the user name is not stored grant(Permission.CREATEEXCHANGE, user, exchange); + + //This call could be cleaned up as temporary is now being set earlier (above) grant(Permission.CREATEQUEUE, user, temporary, (queueName.equals("") ? null : queueName), (exchange .equals("") ? null : exchange), (routingKey.equals("") ? null : routingKey)); } @@ -279,6 +316,7 @@ public class SimpleXML implements ACLPlugin String[] users = exchangeConfig.getStringArray("users.user"); for (String user : users) { + //And this is broken too grant(Permission.CREATEEXCHANGE, user, exchange, clazz); } |