This commit contains the following

1. Applying patches from Tim Platten attched to QPID-2062 and QPID-2063 2. Fixed QPID-2098 3. Added test cases for QPID-2062 and QPID-2063 4. Added more user friendly logging for ACL rule processing and lookup methods. In debug mode the logging should now provide more visibility into how rules are evaluated. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@813850 13f79535-47bb-0310-9956-ffa450edef68
author: Rajith Muditha Attapattu <rajith@apache.org> 2009-09-11 14:24:11 +0000
committer: Rajith Muditha Attapattu <rajith@apache.org> 2009-09-11 14:24:11 +0000
commit: d1e7af477a739a2139c033b3a395e81038055fb6 (patch)
tree: 7d296cf43225046aca3fa59cc2d5c11752afff92 /cpp/src/qpid/broker/SessionAdapter.cpp
parent: b171cc419ae5d2bc747ec2465ad1c76445f8bd37 (diff)
download: qpid-python-d1e7af477a739a2139c033b3a395e81038055fb6.tar.gz
1 files changed, 11 insertions, 7 deletions
diff --git a/cpp/src/qpid/broker/SessionAdapter.cpp b/cpp/src/qpid/broker/SessionAdapter.cpp
index af07605552..a1ad5a0a30 100644
--- a/cpp/src/qpid/broker/SessionAdapter.cpp
+++ b/cpp/src/qpid/broker/SessionAdapter.cpp
@@ -72,7 +72,7 @@ void SessionAdapter::ExchangeHandlerImpl::declare(const string& exchange, const
         params.insert(make_pair(acl::PROP_PASSIVE, std::string(passive ? _TRUE : _FALSE) ));
         params.insert(make_pair(acl::PROP_DURABLE, std::string(durable ? _TRUE : _FALSE)));
         if (!acl->authorise(getConnection().getUserId(),acl::ACT_CREATE,acl::OBJ_EXCHANGE,exchange,&params) )
-            throw NotAllowedException(QPID_MSG("ACL denied exhange declare request from " << getConnection().getUserId()));
+            throw NotAllowedException(QPID_MSG("ACL denied exchange declare request from " << getConnection().getUserId()));
     }
     
     //TODO: implement autoDelete
@@ -134,7 +134,7 @@ void SessionAdapter::ExchangeHandlerImpl::delete_(const string& name, bool /*ifU
     AclModule* acl = getBroker().getAcl();
     if (acl) {
         if (!acl->authorise(getConnection().getUserId(),acl::ACT_DELETE,acl::OBJ_EXCHANGE,name,NULL) )
-            throw NotAllowedException(QPID_MSG("ACL denied exhange delete request from " << getConnection().getUserId()));
+            throw NotAllowedException(QPID_MSG("ACL denied exchange delete request from " << getConnection().getUserId()));
     }
 
     //TODO: implement unused
@@ -154,7 +154,7 @@ ExchangeQueryResult SessionAdapter::ExchangeHandlerImpl::query(const string& nam
     AclModule* acl = getBroker().getAcl();
     if (acl) {
         if (!acl->authorise(getConnection().getUserId(),acl::ACT_ACCESS,acl::OBJ_EXCHANGE,name,NULL) )
-            throw NotAllowedException(QPID_MSG("ACL denied exhange query request from " << getConnection().getUserId()));
+            throw NotAllowedException(QPID_MSG("ACL denied exchange query request from " << getConnection().getUserId()));
     }
 
     try {
@@ -171,8 +171,12 @@ void SessionAdapter::ExchangeHandlerImpl::bind(const string& queueName,
 {
     AclModule* acl = getBroker().getAcl();
     if (acl) {
-        if (!acl->authorise(getConnection().getUserId(),acl::ACT_BIND,acl::OBJ_EXCHANGE,exchangeName,routingKey) )
-            throw NotAllowedException(QPID_MSG("ACL denied exhange bind request from " << getConnection().getUserId()));
+        std::map<acl::Property, std::string> params;
+        params.insert(make_pair(acl::PROP_QUEUENAME, queueName));
+        params.insert(make_pair(acl::PROP_ROUTINGKEY, routingKey));
+
+        if (!acl->authorise(getConnection().getUserId(),acl::ACT_BIND,acl::OBJ_EXCHANGE,exchangeName,&params))
+            throw NotAllowedException(QPID_MSG("ACL denied exchange bind request from " << getConnection().getUserId()));
     }
 
     Queue::shared_ptr queue = getQueue(queueName);
@@ -234,8 +238,8 @@ ExchangeBoundResult SessionAdapter::ExchangeHandlerImpl::bound(const std::string
         std::map<acl::Property, std::string> params;
         params.insert(make_pair(acl::PROP_QUEUENAME, queueName));
         params.insert(make_pair(acl::PROP_ROUTINGKEY, key));
-        if (!acl->authorise(getConnection().getUserId(),acl::ACT_CREATE,acl::OBJ_EXCHANGE,exchangeName,&params) )
-            throw NotAllowedException(QPID_MSG("ACL denied exhange bound request from " << getConnection().getUserId()));
+        if (!acl->authorise(getConnection().getUserId(),acl::ACT_ACCESS,acl::OBJ_EXCHANGE,exchangeName,&params) )
+            throw NotAllowedException(QPID_MSG("ACL denied exchange bound request from " << getConnection().getUserId()));
     }
     
     Exchange::shared_ptr exchange;
author	Rajith Muditha Attapattu <rajith@apache.org>	2009-09-11 14:24:11 +0000
committer	Rajith Muditha Attapattu <rajith@apache.org>	2009-09-11 14:24:11 +0000
commit	d1e7af477a739a2139c033b3a395e81038055fb6 (patch)
tree	7d296cf43225046aca3fa59cc2d5c11752afff92 /cpp/src/qpid/broker/SessionAdapter.cpp
parent	b171cc419ae5d2bc747ec2465ad1c76445f8bd37 (diff)
download	qpid-python-d1e7af477a739a2139c033b3a395e81038055fb6.tar.gz