diff options
author | Matthias Radestock <matthias@lshift.net> | 2009-01-20 20:35:20 +0000 |
---|---|---|
committer | Matthias Radestock <matthias@lshift.net> | 2009-01-20 20:35:20 +0000 |
commit | 78446f9f8e91f1371a19c4a1d3fa4d78dc0bba8e (patch) | |
tree | 46cecb17f819a10f3a4ea361cf7714e751a922e8 | |
parent | 7d904a367bf4b9eb8b7ac780bc07381b6190877b (diff) | |
download | rabbitmq-server-78446f9f8e91f1371a19c4a1d3fa4d78dc0bba8e.tar.gz |
simplify resource access cache
check_resource_access throws an exception on failed auth, which closes
the channel. Hence the cache can be simplified to a simple list of
{Resource, Permission} pairs for which authorisation has previously
succeeded.
-rw-r--r-- | src/rabbit_channel.erl | 29 |
1 files changed, 10 insertions, 19 deletions
diff --git a/src/rabbit_channel.erl b/src/rabbit_channel.erl index 0ae3c186..39867a4b 100644 --- a/src/rabbit_channel.erl +++ b/src/rabbit_channel.erl @@ -204,30 +204,21 @@ return_queue_declare_ok(State, NoWait, Q) -> {reply, Reply, NewState} end. -lru_cache_lookup(K, LookupFun, MaxSize, Cache) -> - case lists:keytake(K, 1, Cache) of - {value, E = {_, V}, Cache1} -> - {V, [E | Cache1]}; - false -> - V = LookupFun(K), - {V, [{K, V} | lists:sublist(Cache, MaxSize - 1)]} - end. - check_resource_access(Username, Resource, Perm) -> + V = {Resource, Perm}, Cache = case get(permission_cache) of undefined -> []; Other -> Other end, - {Value, NewCache} = - lru_cache_lookup( - {Resource, Perm}, - fun ({R, P}) -> rabbit_access_control:check_resource_access( - Username, R, P) - end, - ?MAX_PERMISSION_CACHE_SIZE, - Cache), - put(permission_cache, NewCache), - Value. + CacheTail = + case lists:member(V, Cache) of + true -> lists:delete(V, Cache); + false -> ok = rabbit_access_control:check_resource_access( + Username, Resource, Perm), + lists:sublist(Cache, ?MAX_PERMISSION_CACHE_SIZE - 1) + end, + put(permission_cache, [V | CacheTail]), + ok. clear_permission_cache() -> erase(permission_cache), |