summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGordon Sim <gsim@apache.org>2010-05-06 09:49:45 +0000
committerGordon Sim <gsim@apache.org>2010-05-06 09:49:45 +0000
commita2621fc79260bfc6c60fc76bf95940a7939b9df4 (patch)
treedff4a9eb2a68ab632dd8205077babde8f59ec192
parent9457b9df98f91772aca5646e82902a2ff8fe5ee5 (diff)
downloadqpid-python-a2621fc79260bfc6c60fc76bf95940a7939b9df4.tar.gz
Use UnauthorizedAccessException for ACL violations rather than NotAllowedException
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@941636 13f79535-47bb-0310-9956-ffa450edef68
Diffstat
-rw-r--r--cpp/src/qpid/broker/Link.cpp4
-rw-r--r--cpp/src/qpid/broker/SemanticState.cpp2
-rw-r--r--cpp/src/qpid/broker/SessionAdapter.cpp22
-rwxr-xr-xcpp/src/tests/acl.py152
-rw-r--r--cpp/src/tests/cluster_test.cpp4
5 files changed, 92 insertions, 92 deletions
diff --git a/cpp/src/qpid/broker/Link.cpp b/cpp/src/qpid/broker/Link.cpp
index c88cabbda7..6db6fe7637 100644
--- a/cpp/src/qpid/broker/Link.cpp
+++ b/cpp/src/qpid/broker/Link.cpp
@@ -34,7 +34,7 @@
using namespace qpid::broker;
using qpid::framing::Buffer;
using qpid::framing::FieldTable;
-using qpid::framing::NotAllowedException;
+using qpid::framing::UnauthorizedAccessException;
using qpid::framing::connection::CLOSE_CODE_CONNECTION_FORCED;
using qpid::management::ManagementAgent;
using qpid::management::ManagementObject;
@@ -180,7 +180,7 @@ void Link::checkClosePermission()
AclModule* acl = getBroker()->getAcl();
std::string userID = getUsername() + "@" + getBroker()->getOptions().realm;
if (acl && !acl->authorise(userID,acl::ACT_DELETE,acl::OBJ_LINK,"")){
- throw NotAllowedException("ACL denied delete link request");
+ throw UnauthorizedAccessException("ACL denied delete link request");
}
}
diff --git a/cpp/src/qpid/broker/SemanticState.cpp b/cpp/src/qpid/broker/SemanticState.cpp
index cb06db086a..e85d835444 100644
--- a/cpp/src/qpid/broker/SemanticState.cpp
+++ b/cpp/src/qpid/broker/SemanticState.cpp
@@ -454,7 +454,7 @@ void SemanticState::route(intrusive_ptr<Message> msg, Deliverable& strategy) {
if (acl && acl->doTransferAcl())
{
if (!acl->authorise(getSession().getConnection().getUserId(),acl::ACT_PUBLISH,acl::OBJ_EXCHANGE,exchangeName, msg->getRoutingKey() ))
- throw NotAllowedException(QPID_MSG(userID << " cannot publish to " <<
+ throw UnauthorizedAccessException(QPID_MSG(userID << " cannot publish to " <<
exchangeName << " with routing-key " << msg->getRoutingKey()));
}
diff --git a/cpp/src/qpid/broker/SessionAdapter.cpp b/cpp/src/qpid/broker/SessionAdapter.cpp
index 10eddc6045..2effa03afb 100644
--- a/cpp/src/qpid/broker/SessionAdapter.cpp
+++ b/cpp/src/qpid/broker/SessionAdapter.cpp
@@ -72,7 +72,7 @@ void SessionAdapter::ExchangeHandlerImpl::declare(const string& exchange, const
params.insert(make_pair(acl::PROP_PASSIVE, std::string(passive ? _TRUE : _FALSE) ));
params.insert(make_pair(acl::PROP_DURABLE, std::string(durable ? _TRUE : _FALSE)));
if (!acl->authorise(getConnection().getUserId(),acl::ACT_CREATE,acl::OBJ_EXCHANGE,exchange,&params) )
- throw NotAllowedException(QPID_MSG("ACL denied exchange declare request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied exchange declare request from " << getConnection().getUserId()));
}
//TODO: implement autoDelete
@@ -137,7 +137,7 @@ void SessionAdapter::ExchangeHandlerImpl::delete_(const string& name, bool /*ifU
AclModule* acl = getBroker().getAcl();
if (acl) {
if (!acl->authorise(getConnection().getUserId(),acl::ACT_DELETE,acl::OBJ_EXCHANGE,name,NULL) )
- throw NotAllowedException(QPID_MSG("ACL denied exchange delete request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied exchange delete request from " << getConnection().getUserId()));
}
//TODO: implement unused
@@ -157,7 +157,7 @@ ExchangeQueryResult SessionAdapter::ExchangeHandlerImpl::query(const string& nam
AclModule* acl = getBroker().getAcl();
if (acl) {
if (!acl->authorise(getConnection().getUserId(),acl::ACT_ACCESS,acl::OBJ_EXCHANGE,name,NULL) )
- throw NotAllowedException(QPID_MSG("ACL denied exchange query request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied exchange query request from " << getConnection().getUserId()));
}
try {
@@ -179,7 +179,7 @@ void SessionAdapter::ExchangeHandlerImpl::bind(const string& queueName,
params.insert(make_pair(acl::PROP_ROUTINGKEY, routingKey));
if (!acl->authorise(getConnection().getUserId(),acl::ACT_BIND,acl::OBJ_EXCHANGE,exchangeName,&params))
- throw NotAllowedException(QPID_MSG("ACL denied exchange bind request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied exchange bind request from " << getConnection().getUserId()));
}
Queue::shared_ptr queue = getQueue(queueName);
@@ -212,7 +212,7 @@ void SessionAdapter::ExchangeHandlerImpl::unbind(const string& queueName,
params.insert(make_pair(acl::PROP_QUEUENAME, queueName));
params.insert(make_pair(acl::PROP_ROUTINGKEY, routingKey));
if (!acl->authorise(getConnection().getUserId(),acl::ACT_UNBIND,acl::OBJ_EXCHANGE,exchangeName,&params) )
- throw NotAllowedException(QPID_MSG("ACL denied exchange unbind request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied exchange unbind request from " << getConnection().getUserId()));
}
Queue::shared_ptr queue = getQueue(queueName);
@@ -243,7 +243,7 @@ ExchangeBoundResult SessionAdapter::ExchangeHandlerImpl::bound(const std::string
params.insert(make_pair(acl::PROP_QUEUENAME, queueName));
params.insert(make_pair(acl::PROP_ROUTINGKEY, key));
if (!acl->authorise(getConnection().getUserId(),acl::ACT_ACCESS,acl::OBJ_EXCHANGE,exchangeName,&params) )
- throw NotAllowedException(QPID_MSG("ACL denied exchange bound request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied exchange bound request from " << getConnection().getUserId()));
}
Exchange::shared_ptr exchange;
@@ -308,7 +308,7 @@ QueueQueryResult SessionAdapter::QueueHandlerImpl::query(const string& name)
AclModule* acl = getBroker().getAcl();
if (acl) {
if (!acl->authorise(getConnection().getUserId(),acl::ACT_ACCESS,acl::OBJ_QUEUE,name,NULL) )
- throw NotAllowedException(QPID_MSG("ACL denied queue query request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied queue query request from " << getConnection().getUserId()));
}
Queue::shared_ptr queue = session.getBroker().getQueues().find(name);
@@ -346,7 +346,7 @@ void SessionAdapter::QueueHandlerImpl::declare(const string& name, const string&
params.insert(make_pair(acl::PROP_MAXQUEUESIZE, boost::lexical_cast<string>(arguments.getAsInt64("qpid.max_size"))));
if (!acl->authorise(getConnection().getUserId(),acl::ACT_CREATE,acl::OBJ_QUEUE,name,&params) )
- throw NotAllowedException(QPID_MSG("ACL denied queue create request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied queue create request from " << getConnection().getUserId()));
}
Exchange::shared_ptr alternate;
@@ -405,7 +405,7 @@ void SessionAdapter::QueueHandlerImpl::purge(const string& queue){
if (acl)
{
if (!acl->authorise(getConnection().getUserId(),acl::ACT_PURGE,acl::OBJ_QUEUE,queue,NULL) )
- throw NotAllowedException(QPID_MSG("ACL denied queue purge request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied queue purge request from " << getConnection().getUserId()));
}
getQueue(queue)->purge();
}
@@ -416,7 +416,7 @@ void SessionAdapter::QueueHandlerImpl::delete_(const string& queue, bool ifUnuse
if (acl)
{
if (!acl->authorise(getConnection().getUserId(),acl::ACT_DELETE,acl::OBJ_QUEUE,queue,NULL) )
- throw NotAllowedException(QPID_MSG("ACL denied queue delete request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied queue delete request from " << getConnection().getUserId()));
}
Queue::shared_ptr q = getQueue(queue);
@@ -483,7 +483,7 @@ SessionAdapter::MessageHandlerImpl::subscribe(const string& queueName,
if (acl)
{
if (!acl->authorise(getConnection().getUserId(),acl::ACT_CONSUME,acl::OBJ_QUEUE,queueName,NULL) )
- throw NotAllowedException(QPID_MSG("ACL denied Queue subscribe request from " << getConnection().getUserId()));
+ throw UnauthorizedAccessException(QPID_MSG("ACL denied Queue subscribe request from " << getConnection().getUserId()));
}
Queue::shared_ptr queue = getQueue(queueName);
diff --git a/cpp/src/tests/acl.py b/cpp/src/tests/acl.py
index 75754625b2..96dd7934c7 100755
--- a/cpp/src/tests/acl.py
+++ b/cpp/src/tests/acl.py
@@ -80,7 +80,7 @@ class ACLTests(TestBase010):
try:
session.queue_declare(queue="deny_queue")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request");
self.fail("Error during queue create request");
@@ -88,7 +88,7 @@ class ACLTests(TestBase010):
session.exchange_bind(exchange="amq.direct", queue="deny_queue", binding_key="routing_key")
self.fail("ACL should deny queue bind request");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
def test_allow_mode(self):
"""
@@ -107,7 +107,7 @@ class ACLTests(TestBase010):
try:
session.queue_declare(queue="allow_queue")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request");
self.fail("Error during queue create request");
@@ -115,7 +115,7 @@ class ACLTests(TestBase010):
session.exchange_bind(exchange="amq.direct", queue="allow_queue", binding_key="routing_key")
self.fail("ACL should deny queue bind request");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
def test_group_and_user_with_same_name(self):
@@ -137,7 +137,7 @@ class ACLTests(TestBase010):
try:
session.queue_declare(queue="allow_queue")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request");
self.fail("Error during queue create request");
@@ -145,7 +145,7 @@ class ACLTests(TestBase010):
session.exchange_bind(exchange="amq.direct", queue="allow_queue", binding_key="routing_key")
self.fail("ACL should deny queue bind request");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
#=====================================
@@ -315,7 +315,7 @@ class ACLTests(TestBase010):
session.queue_declare(queue="q1", durable=True, passive=True)
self.fail("ACL should deny queue create request with name=q1 durable=true passive=true");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
@@ -324,7 +324,7 @@ class ACLTests(TestBase010):
session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
self.fail("ACL should deny queue create request with name=q2 exclusive=true qpid.policy_type=ring");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
@@ -332,7 +332,7 @@ class ACLTests(TestBase010):
queue_options["qpid.policy_type"] = "ring_strict"
session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q2 exclusive=true qpid.policy_type=ring_strict");
try:
@@ -342,7 +342,7 @@ class ACLTests(TestBase010):
session.queue_declare(queue="q5", exclusive=True, arguments=queue_options)
self.fail("ACL should deny queue create request with name=q2, qpid.max_size=500 and qpid.max_count=200");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
@@ -351,46 +351,46 @@ class ACLTests(TestBase010):
queue_options["qpid.max_size"] = 100
session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q2, qpid.max_size=100 and qpid.max_count=200 ");
try:
session.queue_declare(queue="q3", exclusive=True)
session.queue_declare(queue="q4", durable=True)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request for q3 and q4 with any parameter");
try:
session.queue_query(queue="q3")
self.fail("ACL should deny queue query request for q3");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_purge(queue="q3")
self.fail("ACL should deny queue purge request for q3");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_purge(queue="q4")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue purge request for q4");
try:
session.queue_delete(queue="q4")
self.fail("ACL should deny queue delete request for q4");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_delete(queue="q3")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue delete request for q3");
@@ -420,21 +420,21 @@ class ACLTests(TestBase010):
try:
session.queue_declare(queue="q1", durable=True, passive=True)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q1 durable=true passive=true");
try:
session.queue_declare(queue="q1", durable=False, passive=False)
self.fail("ACL should deny queue create request with name=q1 durable=true passive=false");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_declare(queue="q2", exclusive=False)
self.fail("ACL should deny queue create request with name=q2 exclusive=false");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
@@ -444,7 +444,7 @@ class ACLTests(TestBase010):
session.queue_declare(queue="q5", arguments=queue_options)
self.fail("ACL should deny queue create request with name=q2 maxqueuesize=500 maxqueuecount=200");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
@@ -453,7 +453,7 @@ class ACLTests(TestBase010):
queue_options["qpid.max_size"] = 500
session.queue_declare(queue="q5", arguments=queue_options)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q2 maxqueuesize=500 maxqueuecount=200");
try:
@@ -461,53 +461,53 @@ class ACLTests(TestBase010):
queue_options["qpid.policy_type"] = "ring"
session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request for q2 with exclusive=true policytype=ring");
try:
session.queue_declare(queue="q3")
session.queue_declare(queue="q4")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request for q3 and q4");
try:
session.queue_query(queue="q4")
self.fail("ACL should deny queue query request for q4");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_purge(queue="q4")
self.fail("ACL should deny queue purge request for q4");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_purge(queue="q3")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue purge request for q3");
try:
session.queue_query(queue="q3")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue query request for q3");
try:
session.queue_delete(queue="q3")
self.fail("ACL should deny queue delete request for q3");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.queue_delete(queue="q4")
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow queue delete request for q4");
#=====================================
@@ -544,104 +544,104 @@ class ACLTests(TestBase010):
session.exchange_declare(exchange='testEx', durable=True, passive=True)
self.fail("ACL should deny exchange create request with name=testEx durable=true passive=true");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_declare(exchange='testEx', type='direct', durable=True, passive=False)
except qpid.session.SessionException, e:
print e
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange create request for testEx with any parameter other than durable=true and passive=true");
try:
session.exchange_declare(exchange='ex1', type='direct')
self.fail("ACL should deny exchange create request with name=ex1 type=direct");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_declare(exchange='myXml', type='direct')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange create request for myXml with any parameter");
try:
session.exchange_query(name='myEx')
self.fail("ACL should deny exchange query request for myEx");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk1.*')
self.fail("ACL should deny exchange bound request for myEx with queuename=q1 and routing_key='rk1.*' ");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_query(name='amq.topic')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange query request for exchange='amq.topic'");
try:
session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk2.*')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bound request for myEx with queuename=q1 and binding_key='rk2.*'");
try:
session.exchange_bind(exchange='myEx', queue='q1', binding_key='rk1')
self.fail("ACL should deny exchange bind request with exchange='myEx' queuename='q1' bindingkey='rk1'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_bind(exchange='myEx', queue='q1', binding_key='x')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bind request for exchange='myEx', queue='q1', binding_key='x'");
try:
session.exchange_bind(exchange='myEx', queue='q2', binding_key='rk1')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bind request for exchange='myEx', queue='q2', binding_key='rk1'");
try:
session.exchange_unbind(exchange='myEx', queue='q1', binding_key='rk1')
self.fail("ACL should deny exchange unbind request with exchange='myEx' queuename='q1' bindingkey='rk1'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_unbind(exchange='myEx', queue='q1', binding_key='x')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange unbind request for exchange='myEx', queue='q1', binding_key='x'");
try:
session.exchange_unbind(exchange='myEx', queue='q2', binding_key='rk1')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange unbind request for exchange='myEx', queue='q2', binding_key='rk1'");
try:
session.exchange_delete(exchange='myEx')
self.fail("ACL should deny exchange delete request for myEx");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_delete(exchange='myXml')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange delete request for myXml");
@@ -671,92 +671,92 @@ class ACLTests(TestBase010):
try:
session.exchange_declare(exchange='myEx', type='direct', durable=True, passive=False)
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange create request for myEx with durable=true and passive=false");
try:
session.exchange_declare(exchange='myEx', type='direct', durable=False)
self.fail("ACL should deny exchange create request with name=myEx durable=false");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_bind(exchange='amq.topic', queue='bar', binding_key='foo.bar')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bind request for exchange='amq.topic', queue='bar', binding_key='foor.bar'");
try:
session.exchange_bind(exchange='amq.topic', queue='baz', binding_key='foo.bar')
self.fail("ACL should deny exchange bind request for exchange='amq.topic', queue='baz', binding_key='foo.bar'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_bind(exchange='amq.topic', queue='bar', binding_key='fooz.bar')
self.fail("ACL should deny exchange bind request for exchange='amq.topic', queue='bar', binding_key='fooz.bar'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_unbind(exchange='amq.topic', queue='bar', binding_key='foo.bar')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange unbind request for exchange='amq.topic', queue='bar', binding_key='foor.bar'");
try:
session.exchange_unbind(exchange='amq.topic', queue='baz', binding_key='foo.bar')
self.fail("ACL should deny exchange unbind request for exchange='amq.topic', queue='baz', binding_key='foo.bar'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_unbind(exchange='amq.topic', queue='bar', binding_key='fooz.bar')
self.fail("ACL should deny exchange unbind request for exchange='amq.topic', queue='bar', binding_key='fooz.bar'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_query(name='amq.topic')
self.fail("ACL should deny exchange query request for amq.topic");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk2.*')
self.fail("ACL should deny exchange bound request for amq.topic with queuename=q1 and routing_key='rk2.*' ");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_query(name='myEx')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange query request for exchange='myEx'");
try:
session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk1.*')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bound request for myEx with queuename=q1 and binding_key='rk1.*'");
try:
session.exchange_delete(exchange='myXml')
self.fail("ACL should deny exchange delete request for myXml");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_delete(exchange='myEx')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange delete request for myEx");
#=====================================
@@ -785,27 +785,27 @@ class ACLTests(TestBase010):
session.queue_declare(queue='q2')
session.queue_declare(queue='q3')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow create queue request");
try:
session.message_subscribe(queue='q1', destination='myq1')
self.fail("ACL should deny subscription for queue='q1'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.message_subscribe(queue='q2', destination='myq1')
self.fail("ACL should deny subscription for queue='q2'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.message_subscribe(queue='q3', destination='myq1')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow subscription for q3");
@@ -833,21 +833,21 @@ class ACLTests(TestBase010):
session.queue_declare(queue='q2')
session.queue_declare(queue='q3')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow create queue request");
try:
session.message_subscribe(queue='q1', destination='myq1')
session.message_subscribe(queue='q2', destination='myq2')
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow subscription for q1 and q2");
try:
session.message_subscribe(queue='q3', destination='myq3')
self.fail("ACL should deny subscription for queue='q3'");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
@@ -878,21 +878,21 @@ class ACLTests(TestBase010):
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=amq.direct routingkey=rk1");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.message_transfer(destination="amq.topic", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=amq.topic");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_declare(exchange='myEx', type='direct', durable=False)
session.message_transfer(destination="myEx", message=Message(props,"Test"))
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow message transfer to exchange myEx with routing key rk1");
@@ -900,7 +900,7 @@ class ACLTests(TestBase010):
try:
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow message transfer to exchange amq.direct with routing key rk2");
@@ -929,20 +929,20 @@ class ACLTests(TestBase010):
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=amq.direct routingkey=rk2");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.message_transfer(destination="amq.topic", message=Message(props,"Test"))
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow message transfer to exchange amq.topic with any routing key");
try:
session.exchange_declare(exchange='myEx', type='direct', durable=False)
session.message_transfer(destination="myEx", message=Message(props,"Test"))
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow message transfer to exchange myEx with routing key=rk2");
props = session.delivery_properties(routing_key="rk1")
@@ -951,11 +951,11 @@ class ACLTests(TestBase010):
session.message_transfer(destination="myEx", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=myEx routingkey=rk1");
except qpid.session.SessionException, e:
- self.assertEqual(530,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
except qpid.session.SessionException, e:
- if (530 == e.args[0].error_code):
+ if (403 == e.args[0].error_code):
self.fail("ACL should allow message transfer to exchange amq.direct with routing key rk1");
diff --git a/cpp/src/tests/cluster_test.cpp b/cpp/src/tests/cluster_test.cpp
index 5e7409dd8e..d07c0ecdb5 100644
--- a/cpp/src/tests/cluster_test.cpp
+++ b/cpp/src/tests/cluster_test.cpp
@@ -248,7 +248,7 @@ QPID_AUTO_TEST_CASE(testAcl) {
{
ScopedSuppressLogging sl;
- BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::NotAllowedException);
+ BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::UnauthorizedAccessException);
}
BOOST_CHECK(c0.session.queueQuery("bar").getQueue().empty());
BOOST_CHECK(c1.session.queueQuery("bar").getQueue().empty());
@@ -257,7 +257,7 @@ QPID_AUTO_TEST_CASE(testAcl) {
Client c2(aclSettings(cluster[2], "c2"), "c2");
{
ScopedSuppressLogging sl;
- BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::NotAllowedException);
+ BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::UnauthorizedAccessException);
}
BOOST_CHECK(c2.session.queueQuery("bar").getQueue().empty());
}
View Lorry Controller Status