44 lines
1.7 KiB
Erlang
44 lines
1.7 KiB
Erlang
%% -*- erlang -*-
|
|
[{rabbit, [{default_vhost, <<"test">>}]},
|
|
{rabbitmq_auth_backend_ldap,
|
|
[ {servers, ["localhost"]},
|
|
{user_dn_pattern, "cn=${username},ou=People,dc=example,dc=com"},
|
|
{other_bind, anon},
|
|
{use_ssl, false},
|
|
{port, 389},
|
|
{log, true},
|
|
{vhost_access_query, {exists, "ou=${vhost},ou=vhosts,dc=example,dc=com"}},
|
|
{resource_access_query,
|
|
{for, [{resource, exchange,
|
|
{for, [{permission, configure,
|
|
{in_group, "cn=wheel,ou=groups,dc=example,dc=com"}
|
|
},
|
|
{permission, write, {constant, true}},
|
|
{permission, read,
|
|
{match, {string, "${name}"},
|
|
{string, "^xch-${username}-.*"}}
|
|
}
|
|
]}},
|
|
{resource, queue,
|
|
{for, [{permission, configure,
|
|
{match, {attribute, "${user_dn}", "description"},
|
|
{string, "can-declare-queues"}}
|
|
},
|
|
{permission, write, {constant, true}},
|
|
{permission, read,
|
|
{'or',
|
|
[{'and',
|
|
[{equals, "${name}", "test1"},
|
|
{equals, "${username}", "Alice"}]},
|
|
{'and',
|
|
[{equals, "${name}", "test2"},
|
|
{'not', {equals, "${username}", "Bob"}}]}
|
|
]}}
|
|
]}}
|
|
]}},
|
|
{tag_queries, [{monitor, {constant, true}},
|
|
{administrator, {constant, false}},
|
|
{management, {constant, false}}]}
|
|
]}
|
|
].
|