From 739c4ea8b7181b058531e1c3fe83a841b28f7a18 Mon Sep 17 00:00:00 2001 From: Gordon Sim Date: Tue, 22 Oct 2013 12:24:40 +0000 Subject: QPID-5246: update ACL code to recognise self-destruct policy git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1534613 13f79535-47bb-0310-9956-ffa450edef68 --- qpid/cpp/src/qpid/acl/AclValidator.cpp | 2 +- qpid/cpp/src/qpid/broker/Broker.cpp | 4 ++-- qpid/cpp/src/qpid/broker/QueueSettings.cpp | 6 ++++++ qpid/cpp/src/qpid/broker/QueueSettings.h | 1 + qpid/cpp/src/tests/acl.py | 15 +++++++++++++-- 5 files changed, 23 insertions(+), 5 deletions(-) (limited to 'qpid/cpp/src') diff --git a/qpid/cpp/src/qpid/acl/AclValidator.cpp b/qpid/cpp/src/qpid/acl/AclValidator.cpp index 73b49b2959..a077667a33 100644 --- a/qpid/cpp/src/qpid/acl/AclValidator.cpp +++ b/qpid/cpp/src/qpid/acl/AclValidator.cpp @@ -110,7 +110,7 @@ namespace acl { boost::shared_ptr( new IntPropertyType(0,std::numeric_limits::max())))); - std::string policyTypes[] = {"ring", "ring_strict", "flow_to_disk", "reject"}; + std::string policyTypes[] = {"ring", "self-destruct", "reject"}; std::vector v(policyTypes, policyTypes + sizeof(policyTypes) / sizeof(std::string)); validators.insert(Validator(acl::SPECPROP_POLICYTYPE, boost::shared_ptr( diff --git a/qpid/cpp/src/qpid/broker/Broker.cpp b/qpid/cpp/src/qpid/broker/Broker.cpp index f02689a327..cf2912a9b1 100644 --- a/qpid/cpp/src/qpid/broker/Broker.cpp +++ b/qpid/cpp/src/qpid/broker/Broker.cpp @@ -1285,7 +1285,7 @@ std::pair, bool> Broker::createQueue( params.insert(make_pair(acl::PROP_DURABLE, settings.durable ? _TRUE : _FALSE)); params.insert(make_pair(acl::PROP_EXCLUSIVE, owner ? _TRUE : _FALSE)); params.insert(make_pair(acl::PROP_AUTODELETE, settings.autodelete ? _TRUE : _FALSE)); - params.insert(make_pair(acl::PROP_POLICYTYPE, settings.dropMessagesAtLimit ? "ring" : "reject")); + params.insert(make_pair(acl::PROP_POLICYTYPE, settings.getLimitPolicy())); params.insert(make_pair(acl::PROP_MAXQUEUECOUNT, boost::lexical_cast(settings.maxDepth.getCount()))); params.insert(make_pair(acl::PROP_MAXQUEUESIZE, boost::lexical_cast(settings.maxDepth.getSize()))); params.insert(make_pair(acl::PROP_MAXFILECOUNT, boost::lexical_cast(settings.maxFileCount))); @@ -1338,7 +1338,7 @@ void Broker::deleteQueue(const std::string& name, const std::string& userId, params.insert(make_pair(acl::PROP_DURABLE, queue->isDurable() ? _TRUE : _FALSE)); params.insert(make_pair(acl::PROP_EXCLUSIVE, queue->hasExclusiveOwner() ? _TRUE : _FALSE)); params.insert(make_pair(acl::PROP_AUTODELETE, queue->isAutoDelete() ? _TRUE : _FALSE)); - params.insert(make_pair(acl::PROP_POLICYTYPE, queue->getSettings().dropMessagesAtLimit ? "ring" : "reject")); + params.insert(make_pair(acl::PROP_POLICYTYPE, queue->getSettings().getLimitPolicy())); if (!acl->authorise(userId,acl::ACT_DELETE,acl::OBJ_QUEUE,name,¶ms) ) throw framing::UnauthorizedAccessException(QPID_MSG("ACL denied queue delete request from " << userId)); diff --git a/qpid/cpp/src/qpid/broker/QueueSettings.cpp b/qpid/cpp/src/qpid/broker/QueueSettings.cpp index 0b4a268489..53194cf064 100644 --- a/qpid/cpp/src/qpid/broker/QueueSettings.cpp +++ b/qpid/cpp/src/qpid/broker/QueueSettings.cpp @@ -314,4 +314,10 @@ QueueSettings::Aliases::Aliases() insert(value_type("x-qpid-maximum-message-size", "qpid.alert_size")); } +std::string QueueSettings::getLimitPolicy() const +{ + if (dropMessagesAtLimit) return POLICY_TYPE_RING; + else if (selfDestructAtLimit) return POLICY_TYPE_SELF_DESTRUCT; + else return POLICY_TYPE_REJECT; +} }} // namespace qpid::broker diff --git a/qpid/cpp/src/qpid/broker/QueueSettings.h b/qpid/cpp/src/qpid/broker/QueueSettings.h index e150e365c2..9fda51e17a 100644 --- a/qpid/cpp/src/qpid/broker/QueueSettings.h +++ b/qpid/cpp/src/qpid/broker/QueueSettings.h @@ -111,6 +111,7 @@ struct QueueSettings QPID_BROKER_EXTERN void populate(const std::map& inputs, std::map& unused); QPID_BROKER_EXTERN void populate(const qpid::framing::FieldTable& inputs, qpid::framing::FieldTable& unused); QPID_BROKER_EXTERN std::map asMap() const; + std::string getLimitPolicy() const; struct Aliases : std::map { diff --git a/qpid/cpp/src/tests/acl.py b/qpid/cpp/src/tests/acl.py index 666ae46a39..fe8254a6fa 100755 --- a/qpid/cpp/src/tests/acl.py +++ b/qpid/cpp/src/tests/acl.py @@ -382,8 +382,7 @@ class ACLTests(TestBase010): aclf.close() result = self.reload_acl() - expected = "ding is not a valid value for 'policytype', possible values are one of" \ - " { 'ring' 'ring_strict' 'flow_to_disk' 'reject' }"; + expected = "ding is not a valid value for 'policytype', possible values are one of" if (result.find(expected) == -1): self.fail(result) @@ -802,6 +801,7 @@ class ACLTests(TestBase010): aclf.write('acl allow bob@QPID delete queue name=q4\n') aclf.write('acl allow bob@QPID create queue name=q5 maxqueuesize=1000 maxqueuecount=100\n') aclf.write('acl allow bob@QPID create queue name=q6 queuemaxsizelowerlimit=50 queuemaxsizeupperlimit=100 queuemaxcountlowerlimit=50 queuemaxcountupperlimit=100\n') + aclf.write('acl allow bob@QPID create queue name=q7 policytype=self-destruct\n') aclf.write('acl allow anonymous all all\n') aclf.write('acl deny all all') aclf.close() @@ -914,6 +914,17 @@ class ACLTests(TestBase010): if (403 == e.args[0].error_code): self.fail("ACL should allow queue create request for q2 with exclusive=true policytype=ring"); + try: + session.queue_declare(queue="q7", arguments={"qpid.policy_type": "ring"}) + self.fail("ACL should not allow queue create request for q7 with policytype=ring"); + except qpid.session.SessionException, e: + session = self.get_session('bob','bob') + + try: + session.queue_declare(queue="q7", arguments={"qpid.policy_type": "self-destruct"}) + except qpid.session.SessionException, e: + self.fail("ACL should allow queue create request for q7 with policytype=self-destruct"); + try: session.queue_declare(queue="q3") session.queue_declare(queue="q4") -- cgit v1.2.1