root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Split rabbit_access_control up.

This commit is contained in:
Simon MacMullen 2010-12-21 13:00:38 +00:00
parent a32f1193ea
commit b8cc1a3c55
11 changed files with 29 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deps/rabbitmq_management/src/rabbit_mgmt_db.erl vendored
View File

@ -241,7 +241,7 @@ handle_call({get_channel, Name}, _From, State = #state{tables = Tables}) ->
handle_call({get_overview, Username}, _From, State = #state{tables = Tables}) ->
VHosts = case Username of
all -> rabbit_access_control:list_vhosts();
all -> rabbit_vhost:list();
_ -> rabbit_mgmt_util:vhosts(Username)
end,
Qs0 = [rabbit_mgmt_format:queue(Q) || V <- VHosts,

5
deps/rabbitmq_management/src/rabbit_mgmt_util.erl vendored
View File

@ -85,7 +85,7 @@ is_authorized(ReqData, Context, Fun) ->
vhost(ReqData) ->
case id(vhost, ReqData) of
none -> none;
VHost -> case rabbit_access_control:vhost_exists(VHost) of
VHost -> case rabbit_vhost:exists(VHost) of
true -> VHost;
false -> not_found
end
@ -275,8 +275,7 @@ amqp_request(VHost, ReqData, Context, Method) ->
all_or_one_vhost(ReqData, Fun) ->
case rabbit_mgmt_util:vhost(ReqData) of
none -> lists:append(
[Fun(V) || V <- rabbit_access_control:list_vhosts()]);
none -> lists:append([Fun(V) || V <- rabbit_vhost:list()]);
not_found -> vhost_not_found;
VHost -> Fun(VHost)
end.

2
deps/rabbitmq_management/src/rabbit_mgmt_wm_all_configuration.erl vendored
View File

@ -186,7 +186,7 @@ add_vhost(VHost) ->
rabbit_mgmt_wm_vhost:put_vhost(VHostName).
add_permission(Permission) ->
rabbit_access_control:set_permissions(pget(user, Permission),
rabbit_auth_backend_internal:set_permissions(pget(user, Permission),
pget(vhost, Permission),
pget(configure, Permission),
pget(write, Permission),

11
deps/rabbitmq_management/src/rabbit_mgmt_wm_permission.erl vendored
View File

@ -58,7 +58,7 @@ accept_content(ReqData, Context) ->
rabbit_mgmt_util:with_decode(
[configure, write, read], ReqData, Context,
fun([Conf, Write, Read]) ->
rabbit_access_control:set_permissions(
rabbit_auth_backend_internal:set_permissions(
User, VHost, Conf, Write, Read),
{true, ReqData, Context}
end)
@ -67,7 +67,7 @@ accept_content(ReqData, Context) ->
delete_resource(ReqData, Context) ->
User = rabbit_mgmt_util:id(user, ReqData),
VHost = rabbit_mgmt_util:id(vhost, ReqData),
rabbit_access_control:clear_permissions(User, VHost),
rabbit_auth_backend_internal:clear_permissions(User, VHost),
{true, ReqData, Context}.
is_authorized(ReqData, Context) ->
@ -77,14 +77,15 @@ is_authorized(ReqData, Context) ->
perms(ReqData) ->
User = rabbit_mgmt_util:id(user, ReqData),
case rabbit_access_control:lookup_user(User) of
case rabbit_auth_backend_internal:lookup_user(User) of
{ok, _} ->
case rabbit_mgmt_util:vhost(ReqData) of
not_found ->
not_found;
VHost ->
Perms = rabbit_access_control:list_user_vhost_permissions(
User, VHost),
Perms =
rabbit_auth_backend_internal:list_user_vhost_permissions(
User, VHost),
case Perms of
[{Configure, Write, Read}] ->
{User, VHost, Configure, Write, Read};

2
deps/rabbitmq_management/src/rabbit_mgmt_wm_permissions.erl vendored
View File

@ -39,4 +39,4 @@ is_authorized(ReqData, Context) ->
permissions() ->
[rabbit_mgmt_format:permissions(P) ||
P <- rabbit_access_control:list_permissions()].
P <- rabbit_auth_backend_internal:list_permissions()].

2
deps/rabbitmq_management/src/rabbit_mgmt_wm_permissions_user.erl vendored
View File

@ -29,7 +29,7 @@ content_types_provided(ReqData, Context) ->
to_json(ReqData, Context) ->
User = rabbit_mgmt_util:id(user, ReqData),
Perms = rabbit_access_control:list_user_permissions(User),
Perms = rabbit_auth_backend_internal:list_user_permissions(User),
rabbit_mgmt_util:reply_list(
[rabbit_mgmt_format:permissions({User, VHost,
Conf, Write, Read}) ||

2
deps/rabbitmq_management/src/rabbit_mgmt_wm_permissions_vhost.erl vendored
View File

@ -29,7 +29,7 @@ content_types_provided(ReqData, Context) ->
to_json(ReqData, Context) ->
VHost = rabbit_mgmt_util:id(vhost, ReqData),
Perms = rabbit_access_control:list_vhost_permissions(VHost),
Perms = rabbit_auth_backend_internal:list_vhost_permissions(VHost),
rabbit_mgmt_util:reply_list(
[rabbit_mgmt_format:permissions({User, VHost,
Conf, Write, Read}) ||

18
deps/rabbitmq_management/src/rabbit_mgmt_wm_user.erl vendored
View File

@ -57,7 +57,7 @@ accept_content(ReqData, Context) ->
delete_resource(ReqData, Context) ->
User = rabbit_mgmt_util:id(user, ReqData),
rabbit_access_control:delete_user(User),
rabbit_auth_backend_internal:delete_user(User),
{true, ReqData, Context}.
is_authorized(ReqData, Context) ->
@ -66,35 +66,35 @@ is_authorized(ReqData, Context) ->
%%--------------------------------------------------------------------
user(ReqData) ->
rabbit_access_control:lookup_user(rabbit_mgmt_util:id(user, ReqData)).
rabbit_auth_backend_internal:lookup_user(rabbit_mgmt_util:id(user, ReqData)).
put_user(User) ->
case {proplists:is_defined(password, User),
proplists:is_defined(password_hash, User)} of
{true, _} ->
Pass = proplists:get_value(password, User),
put_user(User, Pass, fun rabbit_access_control:change_password/2);
put_user(User, Pass, fun rabbit_auth_backend_internal:change_password/2);
{_, true} ->
Hash = base64:decode(proplists:get_value(password_hash, User)),
put_user(User, Hash,
fun rabbit_access_control:change_password_hash/2);
fun rabbit_auth_backend_internal:change_password_hash/2);
_ ->
put_user(User, <<>>,
fun rabbit_access_control:change_password_hash/2)
fun rabbit_auth_backend_internal:change_password_hash/2)
end.
put_user(User, PWArg, PWFun) ->
Username = proplists:get_value(name, User),
IsAdmin = proplists:get_value(administrator, User),
case rabbit_access_control:lookup_user(Username) of
case rabbit_auth_backend_internal:lookup_user(Username) of
{error, not_found} ->
rabbit_access_control:add_user(
rabbit_auth_backend_internal:add_user(
Username, rabbit_guid:binstring_guid("tmp_"));
_ ->
ok
end,
PWFun(Username, PWArg),
case rabbit_mgmt_util:parse_bool(IsAdmin) of
true -> rabbit_access_control:set_admin(Username);
false -> rabbit_access_control:clear_admin(Username)
true -> rabbit_auth_backend_internal:set_admin(Username);
false -> rabbit_auth_backend_internal:clear_admin(Username)
end.

4
deps/rabbitmq_management/src/rabbit_mgmt_wm_users.erl vendored
View File

@ -38,6 +38,6 @@ is_authorized(ReqData, Context) ->
users() ->
[begin
{ok, User} = rabbit_access_control:lookup_user(U),
{ok, User} = rabbit_auth_backend_internal:lookup_user(U),
rabbit_mgmt_format:internal_user(User)
end || {U, _} <- rabbit_access_control:list_users()].
end || {U, _} <- rabbit_auth_backend_internal:list_users()].

8
deps/rabbitmq_management/src/rabbit_mgmt_wm_vhost.erl vendored
View File

@ -36,7 +36,7 @@ allowed_methods(ReqData, Context) ->
{['HEAD', 'GET', 'PUT', 'DELETE'], ReqData, Context}.
resource_exists(ReqData, Context) ->
{rabbit_access_control:vhost_exists(id(ReqData)), ReqData, Context}.
{rabbit_vhost:exists(id(ReqData)), ReqData, Context}.
to_json(ReqData, Context) ->
VHost = [{name, id(ReqData)}],
@ -48,7 +48,7 @@ accept_content(ReqData, Context) ->
delete_resource(ReqData, Context) ->
VHost = id(ReqData),
rabbit_access_control:delete_vhost(VHost),
rabbit_vhost:delete(VHost),
{true, ReqData, Context}.
is_authorized(ReqData, Context) ->
@ -60,7 +60,7 @@ id(ReqData) ->
rabbit_mgmt_util:id(vhost, ReqData).
put_vhost(VHost) ->
case rabbit_access_control:vhost_exists(VHost) of
case rabbit_vhost:exists(VHost) of
true -> ok;
false -> rabbit_access_control:add_vhost(VHost)
false -> rabbit_vhost:add(VHost)
end.

2
deps/rabbitmq_management/src/rabbit_mgmt_wm_vhosts.erl vendored
View File

@ -38,7 +38,7 @@ is_authorized(ReqData, Context) ->
%%--------------------------------------------------------------------
vhosts() ->
format(rabbit_access_control:list_vhosts()).
format(rabbit_vhost:list()).
format(Vs) ->
[[{name, N}] || N <- Vs].