QPID-107 Implementation for ACL for C++ broker

git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk/qpid@691396 13f79535-47bb-0310-9956-ffa450edef68
author: Carl C. Trieloff <cctrieloff@apache.org> 2008-09-02 21:49:55 +0000
committer: Carl C. Trieloff <cctrieloff@apache.org> 2008-09-02 21:49:55 +0000
commit: 804cfbdaf19ee803f362b6aa4c35696ca4e850c3 (patch)
tree: 090db6b2fc272c6df0a88b7f10bd816942a883b9 /cpp/src/qpid/acl/Acl.cpp
parent: 1d07b5b9c71fb74ab87fc15d4559832bbc2d254c (diff)
download: qpid-python-804cfbdaf19ee803f362b6aa4c35696ca4e850c3.tar.gz
1 files changed, 15 insertions, 49 deletions
diff --git a/cpp/src/qpid/acl/Acl.cpp b/cpp/src/qpid/acl/Acl.cpp
index 79e4af57ee..f4ed9834d9 100644
--- a/cpp/src/qpid/acl/Acl.cpp
+++ b/cpp/src/qpid/acl/Acl.cpp
@@ -16,8 +16,8 @@
  *
  */
 
-#include "Acl.h"
-
+#include "qpid/acl/Acl.h"
+#include "qpid/acl/AclData.h"
 
 #include "qpid/broker/Broker.h"
 #include "qpid/Plugin.h"
@@ -41,79 +41,43 @@ using namespace std;
 
    }
 
-   std::string Acl::printAction(acl::Action action)
-   {
-      switch (action)
-	  {
-	   case CONSUME: return "Consume";
-	   case PUBLISH: return "Publish";
-	   case CREATE: return "Create";
-	   case ACCESS: return "Access";
-	   case BIND: return "Bind";
-	   case UNBIND: return "Unbind";
-	   case DELETE: return "Delete";
-	   case PURGE: return "Purge";
-	   case UPDATE: return "Update";
-	   default: return "Unknown";
-	  }
-   }
-   
-   std::string Acl::printObjType(acl::ObjectType objType)
-   {
-      switch (objType)
-	  {
-      case QUEUE: return "Queue";
-	  case EXCHANGE: return "Exchnage";
-	  case BROKER: return "Broker";
-	  case LINK: return "Link";
-	  case ROUTE: return "Route";
-	  default: return "Unknown";
-	  }
-   }
-
-   bool Acl::authorise(std::string id, acl::Action action, acl::ObjectType objType, std::string name, std::map<std::string, std::string>*
-   /*params*/)
+   bool Acl::authorise(const std::string& id, const Action& action, const ObjectType& objType, const std::string& name, std::map<Property, std::string>* params)
    {
       if (aclValues.noEnforce) return true;
       boost::shared_ptr<AclData> dataLocal = data;  //rcu copy
       
-      // only use dataLocal here...
-   
       // add real ACL check here... 
-      AclResult aclreslt = ALLOWLOG;  // hack to test, set based on real decision.
+      AclResult aclreslt = dataLocal->lookup(id,action,objType,name,params);
 	  
 	  
 	  return result(aclreslt, id, action, objType, name); 
    }
 
-   bool Acl::authorise(std::string id, acl::Action action, acl::ObjectType objType, std::string ExchangeName, std::string /*RoutingKey*/)
+   bool Acl::authorise(const std::string& id, const Action& action, const ObjectType& objType, const std::string& ExchangeName, const std::string& RoutingKey)
    {
       if (aclValues.noEnforce) return true;
       boost::shared_ptr<AclData> dataLocal = data;  //rcu copy
       
       // only use dataLocal here...
-   
-      // add real ACL check here... 
-      AclResult aclreslt = ALLOWLOG;  // hack to test, set based on real decision.
-	  
+      AclResult aclreslt = dataLocal->lookup(id,action,objType,ExchangeName,RoutingKey);  
 	  
 	  return result(aclreslt, id, action, objType, ExchangeName); 
    }
 
    
-   bool Acl::result(AclResult aclreslt, std::string id, acl::Action action, acl::ObjectType objType, std::string name)
+   bool Acl::result(const AclResult& aclreslt, const std::string& id, const Action& action, const ObjectType& objType, const std::string& name)
    {
 	  switch (aclreslt)
 	  {
 	  case ALLOWLOG:
-          QPID_LOG(info, "ACL Allow id:" << id <<" action:" << printAction(action) << " ObjectType:" << printObjType(objType) << " Name:" << name );  
+          QPID_LOG(info, "ACL Allow id:" << id <<" action:" << AclHelper::getActionStr(action) << " ObjectType:" << AclHelper::getObjectTypeStr(objType) << " Name:" << name );  
 	  case ALLOW:
 	      return true;
-	  case DENYNOLOG:
-	      return false;
 	  case DENY:
+	      return false;
+	  case DENYLOG:
 	  default:
-	      QPID_LOG(info, "ACL Deny id:" << id << " action:" << printAction(action) << " ObjectType:" << printObjType(objType) << " Name:" << name);  
+	      QPID_LOG(info, "ACL Deny id:" << id << " action:" << AclHelper::getActionStr(action) << " ObjectType:" << AclHelper::getObjectTypeStr(objType) << " Name:" << name);  
 	      return false;
 	  }
       return false;  
@@ -125,12 +89,14 @@ using namespace std;
       return readAclFile(aclValues.aclFile);
    }
 
-   bool Acl::readAclFile(std::string aclFile) {
+   bool Acl::readAclFile(std::string& aclFile) {
       boost::shared_ptr<AclData> d(new AclData);
-      if (AclReader::read(aclFile, d))
+      AclReader ar;
+      if (ar.read(aclFile, d))
           return false;
  
       data = d;
+	  transferAcl = data->transferAcl; // any transfer ACL
       return true;
    }
author	Carl C. Trieloff <cctrieloff@apache.org>	2008-09-02 21:49:55 +0000
committer	Carl C. Trieloff <cctrieloff@apache.org>	2008-09-02 21:49:55 +0000
commit	804cfbdaf19ee803f362b6aa4c35696ca4e850c3 (patch)
tree	090db6b2fc272c6df0a88b7f10bd816942a883b9 /cpp/src/qpid/acl/Acl.cpp
parent	1d07b5b9c71fb74ab87fc15d4559832bbc2d254c (diff)
download	qpid-python-804cfbdaf19ee803f362b6aa4c35696ca4e850c3.tar.gz