diff options
| author | Alexandru Scvortov <alexandru@rabbitmq.com> | 2010-10-11 18:20:24 +0100 |
|---|---|---|
| committer | Alexandru Scvortov <alexandru@rabbitmq.com> | 2010-10-11 18:20:24 +0100 |
| commit | 4bd2aa1272c28b70ff8fa2e37eda09ae171f03e3 (patch) | |
| tree | 2cd39d4cda3917cb531b6c1b3a26afd6f4db30f9 | |
| parent | d833af71241f8e9fe0d831f6290a179f6ec8862a (diff) | |
| download | rabbitmq-server-git-4bd2aa1272c28b70ff8fa2e37eda09ae171f03e3.tar.gz | |
simplified code
| -rw-r--r-- | src/rabbit_channel.erl | 58 |
1 files changed, 24 insertions, 34 deletions
diff --git a/src/rabbit_channel.erl b/src/rabbit_channel.erl index e8f19f3709..09e1a5c310 100644 --- a/src/rabbit_channel.erl +++ b/src/rabbit_channel.erl @@ -340,24 +340,13 @@ clear_permission_cache() -> erase(permission_cache), ok. -check_configure_permitted(Resource, Action, #ch{username = Username}) -> - DE = is_default_exchange(Resource), - if DE andalso Action =/= 'exchange.declare' -> - rabbit_misc:protocol_error( - access_refused, "cannot ~p the default exchange", [Action]); - true -> ok - end, +check_configure_permitted(Resource, #ch{username = Username}) -> check_resource_access(Username, Resource, configure). -check_write_permitted(Resource, _Action, #ch{username = Username}) -> +check_write_permitted(Resource, #ch{username = Username}) -> check_resource_access(Username, Resource, write). -check_read_permitted(Resource, Action, #ch{username = Username}) -> - case is_default_exchange(Resource) of - true -> rabbit_misc:protocol_error( - access_refused, "cannot ~p the default exchange", [Action]); - false -> ok - end, +check_read_permitted(Resource, #ch{username = Username}) -> check_resource_access(Username, Resource, read). expand_queue_name_shortcut(<<>>, #ch{most_recently_declared_queue = <<>>}) -> @@ -379,10 +368,11 @@ expand_routing_key_shortcut(<<>>, <<>>, expand_routing_key_shortcut(_QueueNameBin, RoutingKey, _State) -> RoutingKey. -is_default_exchange(#resource{kind = exchange, name = N}) -> - N =:= <<"">> orelse N =:= <<"amq.default">>; -is_default_exchange(_) -> - false. +check_not_default_exchange(#resource{kind = exchange, name = <<"">>}) -> + rabbit_misc:protocol_error( + access_refused, "operation not permitted on the default exchange", []); +check_not_default_exchange(_) -> + ok. %% check that an exchange/queue name does not contain the reserved %% "amq." prefix. @@ -444,7 +434,7 @@ handle_method(#'basic.publish'{exchange = ExchangeNameBin, transaction_id = TxnKey, writer_pid = WriterPid}) -> ExchangeName = rabbit_misc:r(VHostPath, exchange, ExchangeNameBin), - check_write_permitted(ExchangeName, 'basic.publish', State), + check_write_permitted(ExchangeName, State), Exchange = rabbit_exchange:lookup_or_die(ExchangeName), %% We decode the content's properties here because we're almost %% certain to want to look at delivery-mode and priority. @@ -497,7 +487,7 @@ handle_method(#'basic.get'{queue = QueueNameBin, reader_pid = ReaderPid, next_tag = DeliveryTag}) -> QueueName = expand_queue_name_shortcut(QueueNameBin, State), - check_read_permitted(QueueName, 'basic.get', State), + check_read_permitted(QueueName, State), case rabbit_amqqueue:with_exclusive_access_or_die( QueueName, ReaderPid, fun (Q) -> rabbit_amqqueue:basic_get(Q, self(), NoAck) end) of @@ -537,7 +527,7 @@ handle_method(#'basic.consume'{queue = QueueNameBin, case dict:find(ConsumerTag, ConsumerMapping) of error -> QueueName = expand_queue_name_shortcut(QueueNameBin, State), - check_read_permitted(QueueName, 'basic.consume', State), + check_read_permitted(QueueName, State), ActualConsumerTag = case ConsumerTag of <<>> -> rabbit_guid:binstring_guid("amq.ctag"); @@ -697,7 +687,7 @@ handle_method(#'exchange.declare'{exchange = ExchangeNameBin, _, State = #ch{virtual_host = VHostPath}) -> CheckedType = rabbit_exchange:check_type(TypeNameBin), ExchangeName = rabbit_misc:r(VHostPath, exchange, ExchangeNameBin), - check_configure_permitted(ExchangeName, 'exchange.declare', State), + check_configure_permitted(ExchangeName, State), X = case rabbit_exchange:lookup(ExchangeName) of {ok, FoundX} -> FoundX; {error, not_found} -> @@ -705,10 +695,8 @@ handle_method(#'exchange.declare'{exchange = ExchangeNameBin, case rabbit_misc:r_arg(VHostPath, exchange, Args, <<"alternate-exchange">>) of undefined -> ok; - AName -> check_read_permitted(ExchangeName, - 'exchange.declare', State), - check_write_permitted(AName, - 'exchange.declare', State), + AName -> check_read_permitted(ExchangeName, State), + check_write_permitted(AName, State), ok end, rabbit_exchange:declare(ExchangeName, @@ -726,7 +714,7 @@ handle_method(#'exchange.declare'{exchange = ExchangeNameBin, nowait = NoWait}, _, State = #ch{virtual_host = VHostPath}) -> ExchangeName = rabbit_misc:r(VHostPath, exchange, ExchangeNameBin), - check_configure_permitted(ExchangeName, 'exchange.declare', State), + check_configure_permitted(ExchangeName, State), _ = rabbit_exchange:lookup_or_die(ExchangeName), return_ok(State, NoWait, #'exchange.declare_ok'{}); @@ -735,7 +723,8 @@ handle_method(#'exchange.delete'{exchange = ExchangeNameBin, nowait = NoWait}, _, State = #ch{virtual_host = VHostPath}) -> ExchangeName = rabbit_misc:r(VHostPath, exchange, ExchangeNameBin), - check_configure_permitted(ExchangeName, 'exchange.delete', State), + check_not_default_exchange(ExchangeName), + check_configure_permitted(ExchangeName, State), case rabbit_exchange:delete(ExchangeName, IfUnused) of {error, not_found} -> rabbit_misc:not_found(ExchangeName); @@ -765,7 +754,7 @@ handle_method(#'queue.declare'{queue = QueueNameBin, Other -> check_name('queue', Other) end, QueueName = rabbit_misc:r(VHostPath, queue, ActualNameBin), - check_configure_permitted(QueueName, 'queue.declare', State), + check_configure_permitted(QueueName, State), case rabbit_amqqueue:with( QueueName, fun (Q) -> ok = rabbit_amqqueue:assert_equivalence( @@ -802,7 +791,7 @@ handle_method(#'queue.declare'{queue = QueueNameBin, _, State = #ch{virtual_host = VHostPath, reader_pid = ReaderPid}) -> QueueName = rabbit_misc:r(VHostPath, queue, QueueNameBin), - check_configure_permitted(QueueName, 'queue.declare', State), + check_configure_permitted(QueueName, State), {{ok, MessageCount, ConsumerCount}, #amqqueue{} = Q} = rabbit_amqqueue:with_or_die( QueueName, fun (Q) -> {rabbit_amqqueue:stat(Q), Q} end), @@ -816,7 +805,7 @@ handle_method(#'queue.delete'{queue = QueueNameBin, nowait = NoWait}, _, State = #ch{reader_pid = ReaderPid}) -> QueueName = expand_queue_name_shortcut(QueueNameBin, State), - check_configure_permitted(QueueName, 'queue.delete', State), + check_configure_permitted(QueueName, State), case rabbit_amqqueue:with_exclusive_access_or_die( QueueName, ReaderPid, fun (Q) -> rabbit_amqqueue:delete(Q, IfUnused, IfEmpty) end) of @@ -852,7 +841,7 @@ handle_method(#'queue.purge'{queue = QueueNameBin, nowait = NoWait}, _, State = #ch{reader_pid = ReaderPid}) -> QueueName = expand_queue_name_shortcut(QueueNameBin, State), - check_read_permitted(QueueName, 'queue.purge', State), + check_read_permitted(QueueName, State), {ok, PurgedMessageCount} = rabbit_amqqueue:with_exclusive_access_or_die( QueueName, ReaderPid, fun (Q) -> rabbit_amqqueue:purge(Q) end), @@ -920,11 +909,12 @@ binding_action(Fun, ExchangeNameBin, QueueNameBin, RoutingKey, Arguments, %% FIXME: don't allow binding to internal exchanges - %% including the one named "" ! QueueName = expand_queue_name_shortcut(QueueNameBin, State), - check_write_permitted(QueueName, 'queue.bind', State), + check_write_permitted(QueueName, State), ActualRoutingKey = expand_routing_key_shortcut(QueueNameBin, RoutingKey, State), ExchangeName = rabbit_misc:r(VHostPath, exchange, ExchangeNameBin), - check_read_permitted(ExchangeName, 'queue.bind', State), + check_not_default_exchange(ExchangeName), + check_read_permitted(ExchangeName, State), case Fun(#binding{exchange_name = ExchangeName, queue_name = QueueName, key = ActualRoutingKey, |