From 5ce4041e1878fef6d16f44f4bef64f91052054b6 Mon Sep 17 00:00:00 2001 From: Robert Gemmell Date: Fri, 9 Oct 2009 08:54:26 +0000 Subject: QPID-1872: check for existence of outer consume permissions map before proceeding to further checks, and if not present then deny immediately as it signifies a complete lack of consume rights in the ACL settigns for the user in question. Update SimpleACLTest to add a check for consumption with create but without consume right, and to allow each test to customise the ACL settings before QTC.setUp() starts the broker git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@823464 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/qpid/server/security/access/PrincipalPermissions.java | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'java/broker/src') diff --git a/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java b/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java index f852514444..fb57ca9a59 100755 --- a/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java +++ b/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java @@ -494,6 +494,12 @@ public class PrincipalPermissions { AMQQueue queue = ((AMQQueue) parameters[0]); Map queuePermissions = (Map) _permissions.get(permission); + + if (queuePermissions == null) + { + //if the outer map is null, the user has no CONSUME rights at all + return AuthzResult.DENIED; + } List queues = (List) queuePermissions.get(CONSUME_QUEUES_KEY); -- cgit v1.2.1