You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ra...@apache.org on 2010/02/18 19:23:54 UTC
svn commit: r911509 - in /qpid/trunk/qpid/cpp/src/qpid/acl: Acl.cpp
AclData.cpp AclData.h
Author: rajith
Date: Thu Feb 18 18:23:54 2010
New Revision: 911509
URL: http://svn.apache.org/viewvc?rev=911509&view=rev
Log:
This is related to QPID-2413
Added a mechanism to catch the lexical cast errors and print an error message.
I also fixed up some formatting as well.
Modified:
qpid/trunk/qpid/cpp/src/qpid/acl/Acl.cpp
qpid/trunk/qpid/cpp/src/qpid/acl/AclData.cpp
qpid/trunk/qpid/cpp/src/qpid/acl/AclData.h
Modified: qpid/trunk/qpid/cpp/src/qpid/acl/Acl.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/acl/Acl.cpp?rev=911509&r1=911508&r2=911509&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/acl/Acl.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/acl/Acl.cpp Thu Feb 18 18:23:54 2010
@@ -60,7 +60,7 @@
if (mgmtObject!=0) mgmtObject->set_enforcingAcl(0);
}
QPID_LOG(info, "ACL Plugin loaded");
- if (mgmtObject!=0) mgmtObject->set_enforcingAcl(1);
+ if (mgmtObject!=0) mgmtObject->set_enforcingAcl(1);
}
bool Acl::authorise(const std::string& id, const Action& action, const ObjectType& objType, const std::string& name, std::map<Property, std::string>* params)
@@ -130,6 +130,7 @@
data = d;
transferAcl = data->transferAcl; // any transfer ACL
+ data->aclSource = aclFile;
if (mgmtObject!=0){
mgmtObject->set_transferAcl(transferAcl?1:0);
mgmtObject->set_policyFile(aclFile);
Modified: qpid/trunk/qpid/cpp/src/qpid/acl/AclData.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/acl/AclData.cpp?rev=911509&r1=911508&r2=911509&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/acl/AclData.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/acl/AclData.cpp Thu Feb 18 18:23:54 2010
@@ -24,7 +24,7 @@
namespace qpid {
namespace acl {
-AclData::AclData():decisionMode(qpid::acl::DENY),transferAcl(false)
+AclData::AclData():decisionMode(qpid::acl::DENY),transferAcl(false),aclSource("UNKNOWN")
{
for (unsigned int cnt=0; cnt< qpid::acl::ACTIONSIZE; cnt++){
actionList[cnt]=0;
@@ -95,14 +95,40 @@
<< AclHelper::getPropertyStr(pMItr->first) << "'");
}else if ( pMItr->first == acl::PROP_MAXQUEUECOUNT || pMItr->first == acl::PROP_MAXQUEUESIZE ) {
if ( pMItr->first == paramItr->first ) {
- uint64_t aclMax = boost::lexical_cast<uint64_t>(pMItr->second);
- uint64_t paramMax = boost::lexical_cast<uint64_t>(paramItr->second);
+
+ uint64_t aclMax = 0;
+ uint64_t paramMax = 0;
+
+ try{
+ aclMax = boost::lexical_cast<uint64_t>(pMItr->second);
+ }catch(const boost::bad_lexical_cast& e){
+ match = false;
+ QPID_LOG(error,"Error evaluating rule. " <<
+ "Illegal value given in ACL source <" << aclSource <<
+ "> for property '" <<
+ AclHelper::getPropertyStr(pMItr->first) << "' : " <<
+ boost::lexical_cast<std::string>(pMItr->second));
+ break;
+ }
+
+ try{
+ paramMax = boost::lexical_cast<uint64_t>(paramItr->second);
+ }catch(const boost::bad_lexical_cast& e){
+ match = false;
+ QPID_LOG(error,"Error evaluating rule. " <<
+ "Illegal value given in lookup for property '" <<
+ AclHelper::getPropertyStr(pMItr->first) << "' : " <<
+ boost::lexical_cast<std::string>(paramItr->second));
+ break;
+ }
+
QPID_LOG(debug, "ACL: Numeric comparison for property " <<
AclHelper::getPropertyStr(paramItr->first) <<
" (value given in lookup = " <<
boost::lexical_cast<std::string>(paramItr->second) <<
", value give in rule = " <<
- boost::lexical_cast<std::string>(pMItr->second) << " )");
+ boost::lexical_cast<std::string>(pMItr->second) << " )");
+
if (( aclMax ) && ( paramMax == 0 || paramMax > aclMax)){
match = decisionMode == qpid::acl::ALLOW ;
QPID_LOG(debug, "ACL: Limit exceeded and match=" <<
@@ -110,8 +136,8 @@
" as decision mode is " << AclHelper::getAclResultStr(decisionMode));
}
}
- }else if (matchProp(pMItr->second, paramItr->second)) {
- QPID_LOG(debug, "ACL: the pair("
+ }else if (matchProp(pMItr->second, paramItr->second)) {
+ QPID_LOG(debug, "ACL: the pair("
<< AclHelper::getPropertyStr(paramItr->first) << "," << paramItr->second
<< ") given in lookup matched the pair("
<< AclHelper::getPropertyStr(pMItr->first) << "," << pMItr->second << ") given in the rule");
@@ -121,8 +147,7 @@
<< ") given in lookup doesn't match the pair("
<< AclHelper::getPropertyStr(pMItr->first) << "," << pMItr->second << ") given in the rule");
match = false;
-
- }
+ }
}
}
if (match)
Modified: qpid/trunk/qpid/cpp/src/qpid/acl/AclData.h
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/acl/AclData.h?rev=911509&r1=911508&r2=911509&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/acl/AclData.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/acl/AclData.h Thu Feb 18 18:23:54 2010
@@ -64,9 +64,10 @@
// Action*[] -> Object*[] -> map<user -> set<Rule> >
aclAction* actionList[qpid::acl::ACTIONSIZE];
- qpid::acl::AclResult decisionMode; // determines if the rule set is an deny or accept basis.
+ qpid::acl::AclResult decisionMode; // determines if the rule set is a deny or allow mode.
bool transferAcl;
-
+ std::string aclSource;
+
AclResult lookup(const std::string& id, const Action& action, const ObjectType& objType, const std::string& name, std::map<Property, std::string>* params=0);
AclResult lookup(const std::string& id, const Action& action, const ObjectType& objType, const std::string& ExchangeName, const std::string& RoutingKey);
AclResult getACLResult(bool logOnly, bool log);
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org