QPID-1304: add vhost access check for missed corner cases, allowing for users granted vhost access and otherwise abstaining.

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@825805 13f79535-47bb-0310-9956-ffa450edef68
author: Robert Gemmell <robbie@apache.org> 2009-10-16 08:20:20 +0000
committer: Robert Gemmell <robbie@apache.org> 2009-10-16 08:20:20 +0000
commit: da42ee975c936e60348b1f3f43fa345ca31e7606 (patch)
tree: 9c99502d7578e1bfde99fb8a787802b95a982461
parent: 6416726d452570462d559632f6d25161c7da31fe (diff)
download: qpid-python-da42ee975c936e60348b1f3f43fa345ca31e7606.tar.gz
1 files changed, 10 insertions, 1 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
index 3e065f9a9b..6fe4696d20 100755
--- a/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
@@ -378,7 +378,16 @@ public class PrincipalPermissions
             case PURGE:
             case UNBIND:
             default:
-                return AuthzResult.DENIED;
+                if(_fullVHostAccess)
+                {
+                    //user has been granted full access to the vhost
+                    return AuthzResult.ALLOWED;
+                }
+                else
+                {
+                    //SimpleXML ACL does not implement these permissions and should abstain
+                    return AuthzResult.ABSTAIN;
+                }
         }
 
     }
author	Robert Gemmell <robbie@apache.org>	2009-10-16 08:20:20 +0000
committer	Robert Gemmell <robbie@apache.org>	2009-10-16 08:20:20 +0000
commit	da42ee975c936e60348b1f3f43fa345ca31e7606 (patch)
tree	9c99502d7578e1bfde99fb8a787802b95a982461
parent	6416726d452570462d559632f6d25161c7da31fe (diff)
download	qpid-python-da42ee975c936e60348b1f3f43fa345ca31e7606.tar.gz