Author: robbie
Date: Fri Oct 16 08:20:20 2009
New Revision: 825805
URL: http://svn.apache.org/viewvc?rev=825805&view=rev
Log:
QPID-1304: add vhost access check for missed corner cases, allowing for users
granted vhost access and otherwise abstaining.
Modified:
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
Modified:
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java?rev=825805&r1=825804&r2=825805&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
(original)
+++
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/security/access/PrincipalPermissions.java
Fri Oct 16 08:20:20 2009
@@ -378,7 +378,16 @@
case PURGE:
case UNBIND:
default:
- return AuthzResult.DENIED;
+ if(_fullVHostAccess)
+ {
+ //user has been granted full access to the vhost
+ return AuthzResult.ALLOWED;
+ }
+ else
+ {
+ //SimpleXML ACL does not implement these permissions and
should abstain
+ return AuthzResult.ABSTAIN;
+ }
}
}
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscr...@qpid.apache.org
