diff options
| -rw-r--r-- | src/rabbit_access_control.erl | 10 | ||||
| -rw-r--r-- | src/rabbit_channel.erl | 6 |
2 files changed, 11 insertions, 5 deletions
diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl index 54348d9a1c..99b912ec09 100644 --- a/src/rabbit_access_control.erl +++ b/src/rabbit_access_control.erl @@ -45,11 +45,13 @@ -ifdef(use_specs). +-type(permission_atom() :: 'configure' | 'read' | 'write'). + -spec(check_login/2 :: (binary(), binary()) -> user()). -spec(user_pass_login/2 :: (username(), password()) -> user()). -spec(check_vhost_access/2 :: (user(), vhost()) -> 'ok'). -spec(check_resource_access/3 :: - (username(), r(atom()), non_neg_integer()) -> 'ok'). + (username(), r(atom()), permission_atom()) -> 'ok'). -spec(add_user/2 :: (username(), password()) -> 'ok'). -spec(delete_user/1 :: (username()) -> 'ok'). -spec(change_password/2 :: (username(), password()) -> 'ok'). @@ -137,6 +139,10 @@ check_vhost_access(#user{username = Username}, VHostPath) -> [VHostPath, Username]) end. +permission_index(configure) -> #permission.configure; +permission_index(write) -> #permission.write; +permission_index(read) -> #permission.read. + check_resource_access(Username, R = #resource{kind = exchange, name = <<"">>}, Permission) -> @@ -158,7 +164,7 @@ check_resource_access(Username, [#user_permission{permission = P}] -> case regexp:match( binary_to_list(Name), - binary_to_list(element(Permission, P))) of + binary_to_list(element(permission_index(Permission), P))) of {match, _, _} -> true; nomatch -> false end diff --git a/src/rabbit_channel.erl b/src/rabbit_channel.erl index 738e901712..84b414fd7d 100644 --- a/src/rabbit_channel.erl +++ b/src/rabbit_channel.erl @@ -231,13 +231,13 @@ clear_permission_cache() -> ok. check_configure_permitted(Resource, #ch{ username = Username}) -> - check_resource_access(Username, Resource, #permission.configure). + check_resource_access(Username, Resource, configure). check_write_permitted(Resource, #ch{ username = Username}) -> - check_resource_access(Username, Resource, #permission.write). + check_resource_access(Username, Resource, write). check_read_permitted(Resource, #ch{ username = Username}) -> - check_resource_access(Username, Resource, #permission.read). + check_resource_access(Username, Resource, read). expand_queue_name_shortcut(<<>>, #ch{ most_recently_declared_queue = <<>> }) -> rabbit_misc:protocol_error( |