summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/rabbit_access_control.erl9
-rw-r--r--src/rabbit_auth_backend.erl2
-rw-r--r--src/rabbit_auth_backend_internal.erl8
3 files changed, 13 insertions, 6 deletions
diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl
index 0c399cd0ab..40e3cb7e9a 100644
--- a/src/rabbit_access_control.erl
+++ b/src/rabbit_access_control.erl
@@ -35,7 +35,7 @@
-export([user_pass_login/2, check_user_pass_login/2, check_user_login/2,
make_salt/0, check_password/2, check_vhost_access/2,
- check_resource_access/3]).
+ check_resource_access/3, list_vhosts/1]).
-export([add_user/2, delete_user/1, change_password/2, set_admin/1,
clear_admin/1, list_users/0, lookup_user/1]).
-export([change_password_hash/2]).
@@ -131,7 +131,7 @@ check_user_login(Username, AuthProps) ->
check_vhost_access(User = #user{ username = Username,
auth_backend = Module }, VHostPath) ->
?LOGDEBUG("Checking VHost access for ~p to ~p~n", [Username, VHostPath]),
- case Module:check_vhost_access(User, VHostPath) of
+ case Module:check_vhost_access(User, VHostPath, write) of
true ->
ok;
false ->
@@ -153,6 +153,11 @@ check_resource_access(User = #user{username = Username, auth_backend = Module},
[rabbit_misc:rs(Resource), Username])
end.
+list_vhosts(User = #user{auth_backend = Module}) ->
+ lists:filter(fun(VHost) ->
+ Module:check_vhost_access(User, VHost, read)
+ end, list_vhosts()).
+
%%----------------------------------------------------------------------------
add_user(Username, Password) ->
diff --git a/src/rabbit_auth_backend.erl b/src/rabbit_auth_backend.erl
index 3fb5f1b604..18f32873fc 100644
--- a/src/rabbit_auth_backend.erl
+++ b/src/rabbit_auth_backend.erl
@@ -40,7 +40,7 @@ behaviour_info(callbacks) ->
{check_user_login, 2},
- {check_vhost_access, 2},
+ {check_vhost_access, 3},
{check_resource_access, 3}
];
diff --git a/src/rabbit_auth_backend_internal.erl b/src/rabbit_auth_backend_internal.erl
index bf7367754a..c582c0d113 100644
--- a/src/rabbit_auth_backend_internal.erl
+++ b/src/rabbit_auth_backend_internal.erl
@@ -35,8 +35,7 @@
-behaviour(rabbit_auth_backend).
-export([description/0]).
--export([check_user_login/2, check_vhost_access/2,
- check_resource_access/3]).
+-export([check_user_login/2, check_vhost_access/3, check_resource_access/3]).
%%-include("rabbit_auth_backend_spec.hrl").
@@ -71,7 +70,10 @@ internal_check_user_login(Username, Fun) ->
{refused, Username}
end.
-check_vhost_access(#user{username = Username}, VHostPath) ->
+check_vhost_access(#user{is_admin = true}, _VHostPath, read) ->
+ true;
+
+check_vhost_access(#user{username = Username}, VHostPath, write) ->
%% TODO: use dirty ops instead
rabbit_misc:execute_mnesia_transaction(
fun () ->
View Lorry Controller Status