summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Radestock <matthias@lshift.net>2009-05-20 08:45:37 +0100
committerMatthias Radestock <matthias@lshift.net>2009-05-20 08:45:37 +0100
commit66334eef00d807f40c1e1f76a273207418ac552c (patch)
treec2ac0c8cc00cbc82a3b4fc58844050008246b115
parent5560bd99752526f0c8ab6f5fe145e052d7ab98be (diff)
downloadrabbitmq-server-66334eef00d807f40c1e1f76a273207418ac552c.tar.gz
add permission checks for ume configuration
Diffstat
-rw-r--r--src/rabbit_channel.erl6
-rw-r--r--src/rabbit_exchange.erl11
-rw-r--r--src/rabbit_misc.erl16
3 files changed, 24 insertions, 9 deletions
diff --git a/src/rabbit_channel.erl b/src/rabbit_channel.erl
index 8ec25ad5..10bf0445 100644
--- a/src/rabbit_channel.erl
+++ b/src/rabbit_channel.erl
@@ -570,6 +570,12 @@ handle_method(#'exchange.declare'{exchange = ExchangeNameBin,
{ok, FoundX} -> FoundX;
{error, not_found} ->
check_name('exchange', ExchangeNameBin),
+ case rabbit_misc:r_arg(VHostPath, exchange, Args, <<"ume">>) of
+ undefined -> ok;
+ UmeName -> check_read_permitted(ExchangeName, State),
+ check_write_permitted(UmeName, State),
+ ok
+ end,
rabbit_exchange:declare(ExchangeName,
CheckedType,
Durable,
diff --git a/src/rabbit_exchange.erl b/src/rabbit_exchange.erl
index f644d710..c760329e 100644
--- a/src/rabbit_exchange.erl
+++ b/src/rabbit_exchange.erl
@@ -208,9 +208,10 @@ publish(X, Mandatory, Immediate, Txn,
end.
handle_unrouted(#exchange{name = XName, arguments = Args}, Txn, Message) ->
- case lists:keysearch(<<"ume">>, 1, Args) of
- {value, {_, longstr, UmeNameBin}} ->
- UmeName = rabbit_misc:r(XName, exchange, UmeNameBin),
+ case rabbit_misc:r_arg(XName, exchange, Args, <<"ume">>) of
+ undefined ->
+ {routed, []};
+ UmeName ->
case lookup(UmeName) of
{ok, Ume} ->
publish(Ume, false, false, Txn, Message);
@@ -219,9 +220,7 @@ handle_unrouted(#exchange{name = XName, arguments = Args}, Txn, Message) ->
"unroutable message exchange for ~s does not exist: ~s",
[rabbit_misc:rs(XName), rabbit_misc:rs(UmeName)]),
{routed, []}
- end;
- false ->
- {routed, []}
+ end
end.
%% Usable by Erlang code that wants to publish messages.
diff --git a/src/rabbit_misc.erl b/src/rabbit_misc.erl
index eced0b3c..233c867c 100644
--- a/src/rabbit_misc.erl
+++ b/src/rabbit_misc.erl
@@ -38,7 +38,7 @@
-export([die/1, frame_error/2, protocol_error/3, protocol_error/4]).
-export([get_config/1, get_config/2, set_config/2]).
-export([dirty_read/1]).
--export([r/3, r/2, rs/1]).
+-export([r/3, r/2, r_arg/4, rs/1]).
-export([enable_cover/0, report_cover/0]).
-export([throw_on_error/2, with_exit_handler/2, filter_exit_map/2]).
-export([with_user/2, with_vhost/2, with_user_and_vhost/3]).
@@ -76,12 +76,14 @@
-spec(get_config/2 :: (atom(), A) -> A).
-spec(set_config/2 :: (atom(), any()) -> 'ok').
-spec(dirty_read/1 :: ({atom(), any()}) -> {'ok', any()} | not_found()).
--spec(r/3 :: (vhost() | r(atom()), K, resource_name()) -> r(K)
- when is_subtype(K, atom())).
+-spec(r/3 :: (vhost() | r(atom()), K, resource_name()) ->
+ r(K) when is_subtype(K, atom())).
-spec(r/2 :: (vhost(), K) -> #resource{virtual_host :: vhost(),
kind :: K,
name :: '_'}
when is_subtype(K, atom())).
+-spec(r_arg/4 :: (vhost() | r(atom()), K, amqp_table(), binary()) ->
+ r(K) when is_subtype(K, atom())).
-spec(rs/1 :: (r(atom())) -> string()).
-spec(enable_cover/0 :: () -> 'ok' | {'error', any()}).
-spec(report_cover/0 :: () -> 'ok').
@@ -169,6 +171,14 @@ r(VHostPath, Kind, Name) when is_binary(Name) andalso is_binary(VHostPath) ->
r(VHostPath, Kind) when is_binary(VHostPath) ->
#resource{virtual_host = VHostPath, kind = Kind, name = '_'}.
+r_arg(#resource{virtual_host = VHostPath}, Kind, Table, Key) ->
+ r_arg(VHostPath, Kind, Table, Key);
+r_arg(VHostPath, Kind, Table, Key) ->
+ case lists:keysearch(Key, 1, Table) of
+ {value, {_, longstr, NameBin}} -> r(VHostPath, Kind, NameBin);
+ false -> undefined
+ end.
+
rs(#resource{virtual_host = VHostPath, kind = Kind, name = Name}) ->
lists:flatten(io_lib:format("~s '~s' in vhost '~s'",
[Kind, Name, VHostPath])).
View Lorry Controller Status