Security for removing address
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/644db633 Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/644db633 Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/644db633 Branch: refs/heads/ARTEMIS-780 Commit: 644db6334d9665421054df7c7926457e1e629ffd Parents: dad0496 Author: jbertram <[email protected]> Authored: Wed Nov 23 13:34:00 2016 -0600 Committer: jbertram <[email protected]> Committed: Mon Nov 28 14:19:20 2016 -0600 ---------------------------------------------------------------------- .../core/management/impl/ActiveMQServerControlImpl.java | 2 +- .../apache/activemq/artemis/core/security/CheckType.java | 6 ++++++ .../apache/activemq/artemis/core/server/ActiveMQServer.java | 2 +- .../artemis/core/server/impl/ActiveMQServerImpl.java | 9 +++++++-- 4 files changed, 15 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/644db633/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java ---------------------------------------------------------------------- diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java index 185d5c4..c237b70 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/management/impl/ActiveMQServerControlImpl.java @@ -580,7 +580,7 @@ public class ActiveMQServerControlImpl extends AbstractControl implements Active clearIO(); try { - server.removeAddressInfo(new SimpleString(name)); + server.removeAddressInfo(new SimpleString(name), null); } finally { blockOnIO(); } http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/644db633/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/CheckType.java ---------------------------------------------------------------------- diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/CheckType.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/CheckType.java index abea943..92e92df 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/CheckType.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/security/CheckType.java @@ -35,6 +35,12 @@ public enum CheckType { return role.isCreateAddress(); } }, + DELETE_ADDRESS { + @Override + public boolean hasRole(final Role role) { + return role.isDeleteAddress(); + } + }, CREATE_DURABLE_QUEUE { @Override public boolean hasRole(final Role role) { http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/644db633/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQServer.java ---------------------------------------------------------------------- diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQServer.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQServer.java index 31a6080..443ced7 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQServer.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/ActiveMQServer.java @@ -448,7 +448,7 @@ public interface ActiveMQServer extends ActiveMQComponent { AddressInfo createOrUpdateAddressInfo(AddressInfo addressInfo) throws Exception; - void removeAddressInfo(SimpleString address) throws Exception; + void removeAddressInfo(SimpleString address, SecurityAuth session) throws Exception; String getInternalNamingPrefix(); } http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/644db633/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ActiveMQServerImpl.java ---------------------------------------------------------------------- diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ActiveMQServerImpl.java b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ActiveMQServerImpl.java index 9128424..5f60429 100644 --- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ActiveMQServerImpl.java +++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/server/impl/ActiveMQServerImpl.java @@ -1647,7 +1647,7 @@ public class ActiveMQServerImpl implements ActiveMQServer { if (autoDeleteAddress && postOffice != null) { try { - removeAddressInfo(address); + removeAddressInfo(address, session); } catch (ActiveMQDeleteAddressException e) { // Could be thrown if the address has bindings or is not deletable. } @@ -2322,7 +2322,12 @@ public class ActiveMQServerImpl implements ActiveMQServer { } @Override - public void removeAddressInfo(SimpleString address) throws Exception { + public void removeAddressInfo(final SimpleString address, + final SecurityAuth session) throws Exception { + if (session != null) { + securityStore.check(address, CheckType.DELETE_ADDRESS, session); + } + AddressInfo addressInfo = getAddressInfo(address); if (postOffice.removeAddressInfo(address) == null) { throw ActiveMQMessageBundle.BUNDLE.addressDoesNotExist(address);
