diff options
| author | Emile Joubert <emile@rabbitmq.com> | 2012-09-13 12:20:30 +0100 |
|---|---|---|
| committer | Emile Joubert <emile@rabbitmq.com> | 2012-09-13 12:20:30 +0100 |
| commit | 5c4a0014b5308567eb5d1f553434a114d6b7ee29 (patch) | |
| tree | 533657a1c2f7fd1d4d74565e7ab90ef22eda44ed | |
| parent | aa2793cf0c6edd08e6f46fcd35c05b998940ef48 (diff) | |
| parent | 94b75a4ac2adc4a003db8b6dc688d70369bb803f (diff) | |
| download | rabbitmq-server-bug23903.tar.gz | |
Merge defaultbug23903
| -rw-r--r-- | src/rabbit_channel.erl | 12 | ||||
| -rw-r--r-- | src/rabbit_direct.erl | 28 | ||||
| -rw-r--r-- | src/rabbit_parameter_validation.erl | 7 |
3 files changed, 28 insertions, 19 deletions
diff --git a/src/rabbit_channel.erl b/src/rabbit_channel.erl index 69fe0edc..e50e823c 100644 --- a/src/rabbit_channel.erl +++ b/src/rabbit_channel.erl @@ -465,10 +465,14 @@ check_user_id_header(#'P_basic'{user_id = Username}, #ch{user = #user{username = Username}}) -> ok; check_user_id_header(#'P_basic'{user_id = Claimed}, - #ch{user = #user{username = Actual}}) -> - precondition_failed( - "user_id property set to '~s' but authenticated user was '~s'", - [Claimed, Actual]). + #ch{user = #user{username = Actual, + tags = Tags}}) -> + case lists:member(impersonator, Tags) of + true -> ok; + false -> precondition_failed( + "user_id property set to '~s' but authenticated user was " + "'~s'", [Claimed, Actual]) + end. check_internal_exchange(#exchange{name = Name, internal = true}) -> rabbit_misc:protocol_error(access_refused, diff --git a/src/rabbit_direct.erl b/src/rabbit_direct.erl index c87b1dc1..a669a2b3 100644 --- a/src/rabbit_direct.erl +++ b/src/rabbit_direct.erl @@ -31,8 +31,8 @@ -spec(force_event_refresh/0 :: () -> 'ok'). -spec(list/0 :: () -> [pid()]). -spec(list_local/0 :: () -> [pid()]). --spec(connect/5 :: (rabbit_types:username(), rabbit_types:vhost(), - rabbit_types:protocol(), pid(), +-spec(connect/5 :: ((rabbit_types:username() | rabbit_types:user()), + rabbit_types:vhost(), rabbit_types:protocol(), pid(), rabbit_event:event_props()) -> {'ok', {rabbit_types:user(), rabbit_framing:amqp_table()}}). @@ -64,22 +64,22 @@ list() -> %%---------------------------------------------------------------------------- +connect(User = #user{}, VHost, Protocol, Pid, Infos) -> + try rabbit_access_control:check_vhost_access(User, VHost) of + ok -> ok = pg_local:join(rabbit_direct, Pid), + rabbit_event:notify(connection_created, Infos), + {ok, {User, rabbit_reader:server_properties(Protocol)}} + catch + exit:#amqp_error{name = access_refused} -> + {error, access_refused} + end; + connect(Username, VHost, Protocol, Pid, Infos) -> case rabbit:is_running() of true -> case rabbit_access_control:check_user_login(Username, []) of - {ok, User} -> - try rabbit_access_control:check_vhost_access(User, VHost) of - ok -> ok = pg_local:join(rabbit_direct, Pid), - rabbit_event:notify(connection_created, Infos), - {ok, {User, - rabbit_reader:server_properties(Protocol)}} - catch - exit:#amqp_error{name = access_refused} -> - {error, access_refused} - end; - {refused, _Msg, _Args} -> - {error, auth_failure} + {ok, User} -> connect(User, VHost, Protocol, Pid, Infos); + {refused, _M, _A} -> {error, auth_failure} end; false -> {error, broker_not_found_on_node} diff --git a/src/rabbit_parameter_validation.erl b/src/rabbit_parameter_validation.erl index 2235340f..24762a73 100644 --- a/src/rabbit_parameter_validation.erl +++ b/src/rabbit_parameter_validation.erl @@ -16,7 +16,7 @@ -module(rabbit_parameter_validation). --export([number/2, binary/2, list/2, regex/2, proplist/3]). +-export([number/2, binary/2, boolean/2, list/2, regex/2, proplist/3]). number(_Name, Term) when is_number(Term) -> ok; @@ -30,6 +30,11 @@ binary(_Name, Term) when is_binary(Term) -> binary(Name, Term) -> {error, "~s should be binary, actually was ~p", [Name, Term]}. +boolean(_Name, Term) when is_boolean(Term) -> + ok; +boolean(Name, Term) -> + {error, "~s should be boolean, actually was ~p", [Name, Term]}. + list(_Name, Term) when is_list(Term) -> ok; |