QPID-3799-acl acl fixup - whitespace
git-svn-id: https://svn.apache.org/repos/asf/qpid/branches/QPID-3799-acl@1295616 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/cpp/src/qpid/acl/Acl.cpp b/cpp/src/qpid/acl/Acl.cpp
index a4cc24c..6f758e4 100644
--- a/cpp/src/qpid/acl/Acl.cpp
+++ b/cpp/src/qpid/acl/Acl.cpp
@@ -74,7 +74,7 @@
std::map<Property, std::string>* params)
{
boost::shared_ptr<AclData> dataLocal;
- {
+ {
Mutex::ScopedLock locker(dataLock);
dataLocal = data; //rcu copy
}
@@ -114,7 +114,7 @@
const std::string& name)
{
bool result(false);
-
+
switch (aclreslt)
{
case ALLOWLOG:
@@ -159,7 +159,7 @@
return readAclFile(aclValues.aclFile, errorText);
}
-bool Acl::readAclFile(std::string& aclFile, std::string& errorText) {
+bool Acl::readAclFile(std::string& aclFile, std::string& errorText) {
boost::shared_ptr<AclData> d(new AclData);
AclReader ar;
if (ar.read(aclFile, d)){
@@ -172,7 +172,7 @@
AclValidator validator;
validator.validate(d);
- {
+ {
Mutex::ScopedLock locker(dataLock);
data = d;
}
@@ -182,7 +182,7 @@
QPID_LOG(debug,"ACL: Transfer ACL is Enabled!");
}
- data->aclSource = aclFile;
+ data->aclSource = aclFile;
if (mgmtObject!=0){
mgmtObject->set_transferAcl(transferAcl?1:0);
mgmtObject->set_policyFile(aclFile);
diff --git a/cpp/src/qpid/acl/Acl.h b/cpp/src/qpid/acl/Acl.h
index 74b0872..cc90fa4 100644
--- a/cpp/src/qpid/acl/Acl.h
+++ b/cpp/src/qpid/acl/Acl.h
@@ -56,15 +56,15 @@
boost::shared_ptr<AclData> data;
qmf::org::apache::qpid::acl::Acl* mgmtObject; // mgnt owns lifecycle
qpid::management::ManagementAgent* agent;
- mutable qpid::sys::Mutex dataLock;
+ mutable qpid::sys::Mutex dataLock;
public:
Acl (AclValues& av, broker::Broker& b);
void initialize();
-
+
inline virtual bool doTransferAcl() {return transferAcl;};
-
+
// create specilied authorise methods for cases that need faster matching as needed.
virtual bool authorise(
const std::string& id,
diff --git a/cpp/src/qpid/acl/AclData.cpp b/cpp/src/qpid/acl/AclData.cpp
index 30e4b67..03a8a19 100644
--- a/cpp/src/qpid/acl/AclData.cpp
+++ b/cpp/src/qpid/acl/AclData.cpp
@@ -38,7 +38,7 @@
}
}
-
+
//
// clear
//
@@ -49,7 +49,7 @@
if (actionList[cnt])
{
for (unsigned int cnt1=0; cnt1< qpid::acl::OBJECTSIZE; cnt1++)
- delete actionList[cnt][cnt1];
+ delete actionList[cnt][cnt1];
}
delete[] actionList[cnt];
}
@@ -105,7 +105,7 @@
// with params { durable=false passive=false autodelete=false
// exclusive=false alternate= policytype= maxqueuesize=0
// maxqueuecount=0 }
-
+
// Default result is blanket decision mode for the entire ACL list.
AclResult aclresult = decisionMode;
@@ -138,7 +138,7 @@
// in the lookup param list. The lookup may specify things
// (they usually do) that are not in the rule properties but
// these things don't interfere with the rule match.
-
+
for (specPropertyMapItr rulePropMapItr = rsItr->props.begin();
(rulePropMapItr != rsItr->props.end()) && match;
rulePropMapItr++)
@@ -186,7 +186,7 @@
lookupParamItr = params->find((Property)rulePropMapItr->first);
break;
};
-
+
if (lookupParamItr == params->end())
{
// Now the rule has a specified property
@@ -348,7 +348,7 @@
{
case acl::SPECPROP_NAME:
if (matchProp(pMItr->second, name))
- {
+ {
QPID_LOG(debug, "ACL: lookup exchange name '"
<< name << "' matched with rule name '"
<< pMItr->second << "'");
@@ -415,10 +415,10 @@
bool AclData::compareIntMax(const qpid::acl::SpecProperty theProperty,
const std::string theAclValue,
const std::string theLookupValue)
- {
+ {
uint64_t aclMax (0);
uint64_t paramMax (0);
-
+
try
{
aclMax = boost::lexical_cast<uint64_t>(theAclValue);
@@ -428,7 +428,7 @@
assert (false);
return false;
}
-
+
try
{
paramMax = boost::lexical_cast<uint64_t>(theLookupValue);
@@ -441,12 +441,12 @@
<< "' : " << theLookupValue);
return false;
}
-
+
QPID_LOG(debug, "ACL: Numeric greater-than comparison for property "
<< AclHelper::getPropertyStr(theProperty)
<< " (value given in lookup = " << theLookupValue
<< ", value give in rule = " << theAclValue << " )");
-
+
if (( aclMax ) && ( paramMax == 0 || paramMax > aclMax))
{
QPID_LOG(debug, "ACL: Max limit exceeded for property '"
@@ -467,7 +467,7 @@
{
uint64_t aclMin (0);
uint64_t paramMin (0);
-
+
try
{
aclMin = boost::lexical_cast<uint64_t>(theAclValue);
@@ -477,7 +477,7 @@
assert (false);
return false;
}
-
+
try
{
paramMin = boost::lexical_cast<uint64_t>(theLookupValue);
@@ -490,19 +490,19 @@
<< "' : " << theLookupValue);
return false;
}
-
+
QPID_LOG(debug, "ACL: Numeric less-than comparison for property "
<< AclHelper::getPropertyStr(theProperty)
<< " (value given in lookup = " << theLookupValue
<< ", value give in rule = " << theAclValue << " )");
-
+
if (( aclMin ) && ( paramMin == 0 || paramMin < aclMin))
{
QPID_LOG(debug, "ACL: Min limit exceeded for property '"
<< AclHelper::getPropertyStr(theProperty) << "'");
return false;
}
-
+
return true;
}
diff --git a/cpp/src/qpid/acl/AclData.h b/cpp/src/qpid/acl/AclData.h
index 7510628..1c1cb3e 100644
--- a/cpp/src/qpid/acl/AclData.h
+++ b/cpp/src/qpid/acl/AclData.h
@@ -34,7 +34,7 @@
typedef std::map<qpid::acl::Property, std::string> propertyMap;
typedef propertyMap::const_iterator propertyMapItr;
-
+
typedef std::map<qpid::acl::SpecProperty, std::string> specPropertyMap;
typedef specPropertyMap::const_iterator specPropertyMapItr;
@@ -52,7 +52,7 @@
int rawRuleNum; // rule number in ACL file
qpid::acl::AclResult ruleMode; // combined allow/deny log/nolog
- specPropertyMap props; //
+ specPropertyMap props; //
rule (int ruleNum, qpid::acl::AclResult res, specPropertyMap& p) :
@@ -77,10 +77,10 @@
return ruleStr.str();
}
};
-
+
typedef std::vector<rule> ruleSet;
typedef ruleSet::const_iterator ruleSetItr;
- typedef std::map<std::string, ruleSet > actionObject; // user
+ typedef std::map<std::string, ruleSet > actionObject; // user
typedef actionObject::iterator actObjItr;
typedef actionObject* aclAction;
@@ -88,7 +88,7 @@
aclAction* actionList[qpid::acl::ACTIONSIZE];
qpid::acl::AclResult decisionMode; // allow/deny[-log] if no matching rule found
bool transferAcl;
- std::string aclSource;
+ std::string aclSource;
AclResult lookup(
const std::string& id, // actor id
@@ -96,7 +96,7 @@
const ObjectType& objType,
const std::string& name, // object name
std::map<Property, std::string>* params=0);
-
+
AclResult lookup(
const std::string& id, // actor id
const Action& action,
diff --git a/cpp/src/qpid/acl/AclReader.h b/cpp/src/qpid/acl/AclReader.h
index beeedf9..730013f 100644
--- a/cpp/src/qpid/acl/AclReader.h
+++ b/cpp/src/qpid/acl/AclReader.h
@@ -54,7 +54,7 @@
class aclRule {
public:
enum objectStatus {NONE, VALUE, ALL};
-
+
AclResult res;
nameSet names;
bool actionAll; // True if action is set to keyword "all"
diff --git a/cpp/src/qpid/acl/AclValidator.cpp b/cpp/src/qpid/acl/AclValidator.cpp
index d9ce373..49bb65d 100644
--- a/cpp/src/qpid/acl/AclValidator.cpp
+++ b/cpp/src/qpid/acl/AclValidator.cpp
@@ -29,7 +29,7 @@
namespace qpid {
namespace acl {
- AclValidator::IntPropertyType::IntPropertyType(int64_t i,int64_t j) : min(i), max(j){
+ AclValidator::IntPropertyType::IntPropertyType(int64_t i,int64_t j) : min(i), max(j){
}
bool AclValidator::IntPropertyType::validate(const std::string& val) {
@@ -49,12 +49,12 @@
}
std::string AclValidator::IntPropertyType::allowedValues() {
- return "values should be between " +
+ return "values should be between " +
boost::lexical_cast<std::string>(min) + " and " +
boost::lexical_cast<std::string>(max);
}
- AclValidator::EnumPropertyType::EnumPropertyType(std::vector<std::string>& allowed): values(allowed){
+ AclValidator::EnumPropertyType::EnumPropertyType(std::vector<std::string>& allowed): values(allowed){
}
bool AclValidator::EnumPropertyType::validate(const std::string& val) {
@@ -89,11 +89,11 @@
validators.insert(Validator(acl::SPECPROP_MAXQUEUECOUNTLOWERLIMIT,
boost::shared_ptr<PropertyType>(
new IntPropertyType(0,std::numeric_limits<int64_t>::max()))));
-
+
validators.insert(Validator(acl::SPECPROP_MAXQUEUECOUNTUPPERLIMIT,
boost::shared_ptr<PropertyType>(
new IntPropertyType(0,std::numeric_limits<int64_t>::max()))));
-
+
std::string policyTypes[] = {"ring", "ring_strict", "flow_to_disk", "reject"};
std::vector<std::string> v(policyTypes, policyTypes + sizeof(policyTypes) / sizeof(std::string));
validators.insert(Validator(acl::SPECPROP_POLICYTYPE,
@@ -118,8 +118,8 @@
std::for_each(d->actionList[cnt][cnt1]->begin(),
d->actionList[cnt][cnt1]->end(),
- boost::bind(&AclValidator::validateRuleSet, this, _1));
- }//if
+ boost::bind(&AclValidator::validateRuleSet, this, _1));
+ }//if
}//for
}//if
}//for
@@ -128,13 +128,13 @@
void AclValidator::validateRuleSet(std::pair<const std::string, qpid::acl::AclData::ruleSet>& rules){
std::for_each(rules.second.begin(),
rules.second.end(),
- boost::bind(&AclValidator::validateRule, this, _1));
+ boost::bind(&AclValidator::validateRule, this, _1));
}
void AclValidator::validateRule(qpid::acl::AclData::rule& rule){
std::for_each(rule.props.begin(),
rule.props.end(),
- boost::bind(&AclValidator::validateProperty, this, _1));
+ boost::bind(&AclValidator::validateProperty, this, _1));
}
void AclValidator::validateProperty(std::pair<const qpid::acl::SpecProperty, std::string>& prop){
@@ -146,11 +146,11 @@
if (!itr->second->validate(prop.second)){
QPID_LOG(debug, "ACL: Property failed validation. '" << prop.second << "' is not a valid value for '"
<< AclHelper::getPropertyStr(prop.first) << "'");
-
- throw Exception( prop.second + " is not a valid value for '" +
+
+ throw Exception( prop.second + " is not a valid value for '" +
AclHelper::getPropertyStr(prop.first) + "', " +
itr->second->allowedValues());
- }
+ }
}
}
diff --git a/cpp/src/qpid/acl/AclValidator.h b/cpp/src/qpid/acl/AclValidator.h
index 414f618..f85c241 100644
--- a/cpp/src/qpid/acl/AclValidator.h
+++ b/cpp/src/qpid/acl/AclValidator.h
@@ -33,18 +33,18 @@
class AclValidator {
/* Base Property */
- class PropertyType{
-
+ class PropertyType{
+
public:
virtual ~PropertyType(){};
virtual bool validate(const std::string& val)=0;
virtual std::string allowedValues()=0;
};
- class IntPropertyType : public PropertyType{
+ class IntPropertyType : public PropertyType{
int64_t min;
int64_t max;
-
+
public:
IntPropertyType(int64_t min,int64_t max);
virtual ~IntPropertyType (){};
@@ -53,7 +53,7 @@
};
class EnumPropertyType : public PropertyType{
- std::vector<std::string> values;
+ std::vector<std::string> values;
public:
EnumPropertyType(std::vector<std::string>& allowed);
@@ -61,11 +61,11 @@
virtual bool validate(const std::string& val);
virtual std::string allowedValues();
};
-
+
typedef std::pair<acl::SpecProperty,boost::shared_ptr<PropertyType> > Validator;
typedef std::map<acl::SpecProperty,boost::shared_ptr<PropertyType> > ValidatorMap;
typedef ValidatorMap::iterator ValidatorItr;
-
+
ValidatorMap validators;
public:
@@ -73,11 +73,11 @@
void validateRuleSet(std::pair<const std::string, qpid::acl::AclData::ruleSet>& rules);
void validateRule(qpid::acl::AclData::rule& rule);
void validateProperty(std::pair<const qpid::acl::SpecProperty, std::string>& prop);
- void validate(boost::shared_ptr<AclData> d);
+ void validate(boost::shared_ptr<AclData> d);
AclValidator();
~AclValidator();
};
-
+
}} // namespace qpid::acl
#endif // QPID_ACL_ACLVALIDATOR_H
diff --git a/cpp/src/qpid/broker/AclModule.h b/cpp/src/qpid/broker/AclModule.h
index a168fe6..be143a2 100644
--- a/cpp/src/qpid/broker/AclModule.h
+++ b/cpp/src/qpid/broker/AclModule.h
@@ -102,7 +102,7 @@
SPECPROP_MAXQUEUESIZEUPPERLIMIT,
SPECPROP_MAXQUEUECOUNTLOWERLIMIT,
SPECPROP_MAXQUEUECOUNTUPPERLIMIT };
-
+
// AclResult shared between ACL spec and ACL authorise interface
enum AclResult {
ALLOW,
@@ -130,7 +130,7 @@
const acl::ObjectType& objType,
const std::string& name,
std::map<acl::Property, std::string>* params=0)=0;
-
+
virtual bool authorise(
const std::string& id,
const acl::Action& action,
@@ -312,7 +312,7 @@
typedef propMap::const_iterator propMapItr;
typedef std::map<SpecProperty, std::string> specPropMap;
typedef specPropMap::const_iterator specPropMapItr;
-
+
// This map contains the legal combinations of object/action/properties
// found in an ACL file
static void loadValidationMap(objectMapPtr& map) {
@@ -407,10 +407,10 @@
ss << " }";
return ss.str();
}
-
+
};
-
+
}} // namespace qpid::acl
#endif // QPID_ACLMODULE_ACL_H
diff --git a/cpp/src/tests/acl.py b/cpp/src/tests/acl.py
index 5cc3b9c..4f9a558 100755
--- a/cpp/src/tests/acl.py
+++ b/cpp/src/tests/acl.py
@@ -7,9 +7,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -31,13 +31,13 @@
class ACLFile:
def __init__(self, policy='data_dir/policy.acl'):
self.f = open(policy,'w')
-
+
def write(self,line):
self.f.write(line)
-
+
def close(self):
self.f.close()
-
+
class ACLTests(TestBase010):
def get_session(self, user, passwd):
@@ -75,8 +75,8 @@
#=====================================
# ACL general tests
- #=====================================
-
+ #=====================================
+
def test_deny_mode(self):
"""
Test the deny all mode
@@ -85,12 +85,12 @@
aclf.write('acl allow anonymous all all\n')
aclf.write('acl allow bob@QPID create queue\n')
aclf.write('acl deny all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
try:
session.queue_declare(queue="deny_queue")
@@ -98,13 +98,13 @@
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request");
self.fail("Error during queue create request");
-
+
try:
session.exchange_bind(exchange="amq.direct", queue="deny_queue", binding_key="routing_key")
self.fail("ACL should deny queue bind request");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
-
+ self.assertEqual(403,e.args[0].error_code)
+
def test_allow_mode(self):
"""
Test the allow all mode
@@ -112,12 +112,12 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID bind exchange\n')
aclf.write('acl allow all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
try:
session.queue_declare(queue="allow_queue")
@@ -125,12 +125,12 @@
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request");
self.fail("Error during queue create request");
-
+
try:
session.exchange_bind(exchange="amq.direct", queue="allow_queue", binding_key="routing_key")
self.fail("ACL should deny queue bind request");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
def test_allow_mode_with_specfic_allow_override(self):
@@ -140,13 +140,13 @@
aclf = self.get_acl_file()
aclf.write('group admins bob@QPID joe@QPID \n')
aclf.write('acl allow bob@QPID create queue \n')
- aclf.write('acl deny admins create queue \n')
+ aclf.write('acl deny admins create queue \n')
aclf.write('acl allow all all')
- aclf.close()
+ aclf.close()
result = self.reload_acl()
if (result.text.find("format error",0,len(result.text)) != -1):
- self.fail(result)
+ self.fail(result)
session = self.get_session('bob','bob')
@@ -155,12 +155,12 @@
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow create queue request");
-
-
+
+
#=====================================
# ACL file format tests
- #=====================================
-
+ #=====================================
+
def test_empty_groups(self):
"""
Test empty groups
@@ -169,11 +169,11 @@
aclf.write('acl group\n')
aclf.write('acl group admins bob@QPID joe@QPID\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
if (result.find("Insufficient tokens for acl definition",0,len(result)) == -1):
- self.fail("ACL Reader should reject the acl file due to empty group name")
+ self.fail("ACL Reader should reject the acl file due to empty group name")
def test_illegal_acl_formats(self):
"""
@@ -183,24 +183,24 @@
aclf.write('acl group admins bob@QPID joe@QPID\n')
aclf.write('acl allow all all')
aclf.close()
-
- result = self.reload_acl()
+
+ result = self.reload_acl()
if (result.find("Unknown ACL permission",0,len(result)) == -1):
- self.fail(result)
-
+ self.fail(result)
+
def test_illegal_extension_lines(self):
"""
Test illegal extension lines
"""
-
+
aclf = self.get_acl_file()
aclf.write('group admins bob@QPID \n')
aclf.write(' \ \n')
aclf.write('joe@QPID \n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
if (result.find("contains an illegal extension",0,len(result)) == -1):
self.fail(result)
@@ -218,7 +218,7 @@
aclf.write('host/123.example.com@TEST.COM\n') # should be allowed
aclf.write('acl allow all all')
aclf.close()
-
+
result = self.reload_acl()
if (result):
self.fail(result)
@@ -233,7 +233,7 @@
aclf.write('acl deny admin bind exchange\n')
aclf.write('acl allow all all')
aclf.close()
-
+
result = self.reload_acl()
if (result.find("Username 'bob' must contain a realm",0,len(result)) == -1):
self.fail(result)
@@ -249,7 +249,7 @@
aclf.write('group test4 host/somemachine.example.com@EXAMPLE.COM\n') # should be allowed
aclf.write('acl allow all all')
aclf.close()
-
+
result = self.reload_acl()
if (result):
self.fail(result)
@@ -257,7 +257,7 @@
aclf = self.get_acl_file()
aclf.write('group test1 joe$H@EXAMPLE.com\n') # shouldn't be allowed
aclf.write('acl allow all all')
- aclf.close()
+ aclf.close()
result = self.reload_acl()
if (result.find("Username \"joe$H@EXAMPLE.com\" contains illegal characters",0,len(result)) == -1):
@@ -271,17 +271,17 @@
"""
Test illegal queue policy
"""
-
+
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 exclusive=true policytype=ding\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "ding is not a valid value for 'policytype', possible values are one of" \
- " { 'ring' 'ring_strict' 'flow_to_disk' 'reject' }";
+ " { 'ring' 'ring_strict' 'flow_to_disk' 'reject' }";
if (result.find(expected) == -1):
- self.fail(result)
+ self.fail(result)
def test_illegal_queuemaxsize_upper_limit_spec(self):
"""
@@ -293,24 +293,24 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 maxqueuesize=-1\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "-1 is not a valid value for 'queuemaxsizeupperlimit', " \
- "values should be between 0 and 9223372036854775807";
+ "values should be between 0 and 9223372036854775807";
if (result.find(expected) == -1):
- self.fail(result)
+ self.fail(result)
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 maxqueuesize=9223372036854775808\n')
- aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.write('acl allow all all')
+ aclf.close()
+
+ result = self.reload_acl()
expected = "9223372036854775808 is not a valid value for 'queuemaxsizeupperlimit', " \
"values should be between 0 and 9223372036854775807";
if (result.find(expected) == -1):
- self.fail(result)
+ self.fail(result)
#
# Use queuemaxsizeupperlimit
@@ -318,24 +318,24 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxsizeupperlimit=-1\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "-1 is not a valid value for 'queuemaxsizeupperlimit', " \
- "values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ "values should be between 0 and 9223372036854775807";
+ if (result.text != expected):
+ self.fail(result)
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxsizeupperlimit=9223372036854775808\n')
- aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.write('acl allow all all')
+ aclf.close()
+
+ result = self.reload_acl()
expected = "9223372036854775808 is not a valid value for 'queuemaxsizeupperlimit', " \
"values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ if (result.text != expected):
+ self.fail(result)
@@ -350,24 +350,24 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 maxqueuecount=-1\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "-1 is not a valid value for 'queuemaxcountupperlimit', " \
- "values should be between 0 and 9223372036854775807";
+ "values should be between 0 and 9223372036854775807";
if (result.find(expected) == -1):
- self.fail(result)
+ self.fail(result)
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 maxqueuecount=9223372036854775808\n')
- aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.write('acl allow all all')
+ aclf.close()
+
+ result = self.reload_acl()
expected = "9223372036854775808 is not a valid value for 'queuemaxcountupperlimit', " \
"values should be between 0 and 9223372036854775807";
if (result.find(expected) == -1):
- self.fail(result)
+ self.fail(result)
#
# use maxqueuecountupperlimit
@@ -375,24 +375,24 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxcountupperlimit=-1\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "-1 is not a valid value for 'queuemaxcountupperlimit', " \
- "values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ "values should be between 0 and 9223372036854775807";
+ if (result.text != expected):
+ self.fail(result)
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxcountupperlimit=9223372036854775808\n')
- aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.write('acl allow all all')
+ aclf.close()
+
+ result = self.reload_acl()
expected = "9223372036854775808 is not a valid value for 'queuemaxcountupperlimit', " \
"values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ if (result.text != expected):
+ self.fail(result)
def test_illegal_queuemaxsize_lower_limit_spec(self):
@@ -402,24 +402,24 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxsizelowerlimit=-1\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "-1 is not a valid value for 'queuemaxsizelowerlimit', " \
- "values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ "values should be between 0 and 9223372036854775807";
+ if (result.text != expected):
+ self.fail(result)
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxsizelowerlimit=9223372036854775808\n')
- aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.write('acl allow all all')
+ aclf.close()
+
+ result = self.reload_acl()
expected = "9223372036854775808 is not a valid value for 'queuemaxsizelowerlimit', " \
"values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ if (result.text != expected):
+ self.fail(result)
@@ -431,30 +431,30 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxcountlowerlimit=-1\n')
aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.close()
+
+ result = self.reload_acl()
expected = "-1 is not a valid value for 'queuemaxcountlowerlimit', " \
- "values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ "values should be between 0 and 9223372036854775807";
+ if (result.text != expected):
+ self.fail(result)
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID create queue name=q2 queuemaxcountlowerlimit=9223372036854775808\n')
- aclf.write('acl allow all all')
- aclf.close()
-
- result = self.reload_acl()
+ aclf.write('acl allow all all')
+ aclf.close()
+
+ result = self.reload_acl()
expected = "9223372036854775808 is not a valid value for 'queuemaxcountlowerlimit', " \
"values should be between 0 and 9223372036854775807";
- if (result.text != expected):
- self.fail(result)
+ if (result.text != expected):
+ self.fail(result)
#=====================================
# ACL queue tests
#=====================================
-
+
def test_queue_allow_mode(self):
"""
Test cases for queue acl in allow mode
@@ -464,37 +464,37 @@
aclf.write('acl deny bob@QPID create queue name=q2 exclusive=true policytype=ring\n')
aclf.write('acl deny bob@QPID access queue name=q3\n')
aclf.write('acl deny bob@QPID purge queue name=q3\n')
- aclf.write('acl deny bob@QPID delete queue name=q4\n')
- aclf.write('acl deny bob@QPID create queue name=q5 maxqueuesize=1000 maxqueuecount=100\n')
+ aclf.write('acl deny bob@QPID delete queue name=q4\n')
+ aclf.write('acl deny bob@QPID create queue name=q5 maxqueuesize=1000 maxqueuecount=100\n')
aclf.write('acl allow all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
-
+
try:
session.queue_declare(queue="q1", durable=True, passive=True)
self.fail("ACL should deny queue create request with name=q1 durable=true passive=true");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
queue_options = {}
- queue_options["qpid.policy_type"] = "ring"
+ queue_options["qpid.policy_type"] = "ring"
session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
self.fail("ACL should deny queue create request with name=q2 exclusive=true qpid.policy_type=ring");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
queue_options = {}
- queue_options["qpid.policy_type"] = "ring_strict"
- session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
+ queue_options["qpid.policy_type"] = "ring_strict"
+ session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q2 exclusive=true qpid.policy_type=ring_strict");
@@ -502,17 +502,17 @@
try:
queue_options = {}
queue_options["qpid.max_count"] = 200
- queue_options["qpid.max_size"] = 500
+ queue_options["qpid.max_size"] = 500
session.queue_declare(queue="q5", exclusive=True, arguments=queue_options)
self.fail("ACL should deny queue create request with name=q2, qpid.max_size=500 and qpid.max_count=200");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
queue_options = {}
queue_options["qpid.max_count"] = 200
- queue_options["qpid.max_size"] = 100
+ queue_options["qpid.max_size"] = 100
session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
@@ -530,33 +530,33 @@
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.queue_purge(queue="q3")
self.fail("ACL should deny queue purge request for q3");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.queue_purge(queue="q4")
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue purge request for q4");
-
+
try:
session.queue_delete(queue="q4")
self.fail("ACL should deny queue delete request for q4");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.queue_delete(queue="q3")
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue delete request for q3");
-
+
def test_queue_deny_mode(self):
"""
@@ -568,26 +568,26 @@
aclf.write('acl allow bob@QPID access queue name=q3\n')
aclf.write('acl allow bob@QPID purge queue name=q3\n')
aclf.write('acl allow bob@QPID create queue name=q3\n')
- aclf.write('acl allow bob@QPID create queue name=q4\n')
+ aclf.write('acl allow bob@QPID create queue name=q4\n')
aclf.write('acl allow bob@QPID delete queue name=q4\n')
aclf.write('acl allow bob@QPID create queue name=q5 maxqueuesize=1000 maxqueuecount=100\n')
aclf.write('acl allow bob@QPID create queue name=q6 queuemaxsizelowerlimit=50 queuemaxsizeupperlimit=100 queuemaxcountlowerlimit=50 queuemaxcountupperlimit=100\n')
aclf.write('acl allow anonymous all all\n')
aclf.write('acl deny all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
-
+
try:
session.queue_declare(queue="q1", durable=True, passive=True)
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q1 durable=true passive=true");
-
+
try:
session.queue_declare(queue="q1", durable=False, passive=False)
self.fail("ACL should deny queue create request with name=q1 durable=true passive=false");
@@ -599,24 +599,24 @@
session.queue_declare(queue="q2", exclusive=False)
self.fail("ACL should deny queue create request with name=q2 exclusive=false");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
queue_options = {}
queue_options["qpid.max_count"] = 200
- queue_options["qpid.max_size"] = 500
+ queue_options["qpid.max_size"] = 500
session.queue_declare(queue="q5", arguments=queue_options)
self.fail("ACL should deny queue create request with name=q5 maxqueuesize=500 maxqueuecount=200");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
queue_options = {}
queue_options["qpid.max_count"] = 100
- queue_options["qpid.max_size"] = 500
- session.queue_declare(queue="q5", arguments=queue_options)
+ queue_options["qpid.max_size"] = 500
+ session.queue_declare(queue="q5", arguments=queue_options)
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q5 maxqueuesize=500 maxqueuecount=200");
@@ -624,48 +624,48 @@
try:
queue_options = {}
queue_options["qpid.max_count"] = 49
- queue_options["qpid.max_size"] = 100
+ queue_options["qpid.max_size"] = 100
session.queue_declare(queue="q6", arguments=queue_options)
self.fail("ACL should deny queue create request with name=q6 maxqueuesize=100 maxqueuecount=49");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
queue_options = {}
queue_options["qpid.max_count"] = 101
queue_options["qpid.max_size"] = 100
- session.queue_declare(queue="q6", arguments=queue_options)
+ session.queue_declare(queue="q6", arguments=queue_options)
self.fail("ACL should allow queue create request with name=q6 maxqueuesize=100 maxqueuecount=101");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
queue_options = {}
queue_options["qpid.max_count"] = 100
- queue_options["qpid.max_size"] = 49
+ queue_options["qpid.max_size"] = 49
session.queue_declare(queue="q6", arguments=queue_options)
self.fail("ACL should deny queue create request with name=q6 maxqueuesize=49 maxqueuecount=100");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
queue_options = {}
queue_options["qpid.max_count"] = 100
- queue_options["qpid.max_size"] =101
+ queue_options["qpid.max_size"] =101
session.queue_declare(queue="q6", arguments=queue_options)
self.fail("ACL should deny queue create request with name=q6 maxqueuesize=101 maxqueuecount=100");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
queue_options = {}
queue_options["qpid.max_count"] = 50
- queue_options["qpid.max_size"] = 50
- session.queue_declare(queue="q6", arguments=queue_options)
+ queue_options["qpid.max_size"] = 50
+ session.queue_declare(queue="q6", arguments=queue_options)
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request with name=q6 maxqueuesize=50 maxqueuecount=50");
@@ -673,7 +673,7 @@
try:
queue_options = {}
queue_options["qpid.policy_type"] = "ring"
- session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
+ session.queue_declare(queue="q2", exclusive=True, arguments=queue_options)
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue create request for q2 with exclusive=true policytype=ring");
@@ -691,14 +691,14 @@
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.queue_purge(queue="q4")
self.fail("ACL should deny queue purge request for q4");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.queue_purge(queue="q3")
except qpid.session.SessionException, e:
@@ -710,14 +710,14 @@
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow queue query request for q3");
-
+
try:
session.queue_delete(queue="q3")
self.fail("ACL should deny queue delete request for q3");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.queue_delete(queue="q4")
except qpid.session.SessionException, e:
@@ -727,9 +727,9 @@
#=====================================
# ACL exchange tests
#=====================================
-
+
def test_exchange_acl_allow_mode(self):
- session = self.get_session('bob','bob')
+ session = self.get_session('bob','bob')
session.queue_declare(queue="baz")
"""
@@ -743,12 +743,12 @@
aclf.write('acl deny bob@QPID unbind exchange name=myEx queuename=q1 routingkey=rk1\n')
aclf.write('acl deny bob@QPID delete exchange name=myEx\n')
aclf.write('acl allow all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
session.queue_declare(queue='q1')
session.queue_declare(queue='q2')
@@ -760,21 +760,21 @@
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.exchange_declare(exchange='testEx', type='direct', durable=True, passive=False)
except qpid.session.SessionException, e:
print e
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange create request for testEx with any parameter other than durable=true and passive=true");
-
+
try:
session.exchange_declare(exchange='ex1', type='direct')
self.fail("ACL should deny exchange create request with name=ex1 type=direct");
- except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ except qpid.session.SessionException, e:
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.exchange_declare(exchange='myXml', type='direct')
except qpid.session.SessionException, e:
@@ -796,13 +796,13 @@
session = self.get_session('bob','bob')
try:
- session.exchange_query(name='amq.topic')
+ session.exchange_query(name='amq.topic')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange query request for exchange='amq.topic'");
-
+
try:
- session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk2.*')
+ session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk2.*')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bound request for myEx with queuename=q1 and binding_key='rk2.*'");
@@ -811,12 +811,12 @@
session.exchange_bind(exchange='myEx', queue='q1', binding_key='rk1')
self.fail("ACL should deny exchange bind request with exchange='myEx' queuename='q1' bindingkey='rk1'");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
session.exchange_bind(exchange='myEx', queue='q1', binding_key='x')
- except qpid.session.SessionException, e:
+ except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bind request for exchange='myEx', queue='q1', binding_key='x'");
@@ -830,7 +830,7 @@
session.exchange_unbind(exchange='myEx', queue='q1', binding_key='rk1')
self.fail("ACL should deny exchange unbind request with exchange='myEx' queuename='q1' bindingkey='rk1'");
except qpid.session.SessionException, e:
- self.assertEqual(403,e.args[0].error_code)
+ self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
try:
@@ -844,20 +844,20 @@
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange unbind request for exchange='myEx', queue='q2', binding_key='rk1'");
-
+
try:
session.exchange_delete(exchange='myEx')
self.fail("ACL should deny exchange delete request for myEx");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.exchange_delete(exchange='myXml')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange delete request for myXml");
-
+
def test_exchange_acl_deny_mode(self):
session = self.get_session('bob','bob')
@@ -868,18 +868,18 @@
"""
aclf = self.get_acl_file()
aclf.write('acl allow bob@QPID create exchange name=myEx durable=true passive=false\n')
- aclf.write('acl allow bob@QPID bind exchange name=amq.topic queuename=bar routingkey=foo.*\n')
+ aclf.write('acl allow bob@QPID bind exchange name=amq.topic queuename=bar routingkey=foo.*\n')
aclf.write('acl allow bob@QPID unbind exchange name=amq.topic queuename=bar routingkey=foo.*\n')
aclf.write('acl allow bob@QPID access exchange name=myEx queuename=q1 routingkey=rk1.*\n')
aclf.write('acl allow bob@QPID delete exchange name=myEx\n')
- aclf.write('acl allow anonymous all all\n')
+ aclf.write('acl allow anonymous all all\n')
aclf.write('acl deny all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
try:
@@ -887,14 +887,14 @@
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange create request for myEx with durable=true and passive=false");
-
+
try:
session.exchange_declare(exchange='myEx', type='direct', durable=False)
self.fail("ACL should deny exchange create request with name=myEx durable=false");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.exchange_bind(exchange='amq.topic', queue='bar', binding_key='foo.bar')
except qpid.session.SessionException, e:
@@ -949,13 +949,13 @@
session = self.get_session('bob','bob')
try:
- session.exchange_query(name='myEx')
+ session.exchange_query(name='myEx')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange query request for exchange='myEx'");
-
+
try:
- session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk1.*')
+ session.exchange_bound(exchange='myEx', queue='q1', binding_key='rk1.*')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow exchange bound request for myEx with queuename=q1 and binding_key='rk1.*'");
@@ -966,7 +966,7 @@
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.exchange_delete(exchange='myEx')
except qpid.session.SessionException, e:
@@ -1022,24 +1022,24 @@
#=====================================
# ACL consume tests
#=====================================
-
+
def test_consume_allow_mode(self):
"""
Test cases for consume in allow mode
"""
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID consume queue name=q1\n')
- aclf.write('acl deny bob@QPID consume queue name=q2\n')
+ aclf.write('acl deny bob@QPID consume queue name=q2\n')
aclf.write('acl allow all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
-
-
+
+
try:
session.queue_declare(queue='q1')
session.queue_declare(queue='q2')
@@ -1047,27 +1047,27 @@
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
self.fail("ACL should allow create queue request");
-
+
try:
session.message_subscribe(queue='q1', destination='myq1')
self.fail("ACL should deny subscription for queue='q1'");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.message_subscribe(queue='q2', destination='myq1')
self.fail("ACL should deny subscription for queue='q2'");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.message_subscribe(queue='q3', destination='myq1')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
- self.fail("ACL should allow subscription for q3");
-
+ self.fail("ACL should allow subscription for q3");
+
def test_consume_deny_mode(self):
"""
@@ -1076,18 +1076,18 @@
aclf = self.get_acl_file()
aclf.write('acl allow bob@QPID consume queue name=q1\n')
aclf.write('acl allow bob@QPID consume queue name=q2\n')
- aclf.write('acl allow bob@QPID create queue\n')
- aclf.write('acl allow anonymous all\n')
+ aclf.write('acl allow bob@QPID create queue\n')
+ aclf.write('acl allow anonymous all\n')
aclf.write('acl deny all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
-
-
+
+
try:
session.queue_declare(queue='q1')
session.queue_declare(queue='q2')
@@ -1101,20 +1101,20 @@
session.message_subscribe(queue='q2', destination='myq2')
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
- self.fail("ACL should allow subscription for q1 and q2");
-
+ self.fail("ACL should allow subscription for q1 and q2");
+
try:
session.message_subscribe(queue='q3', destination='myq3')
self.fail("ACL should deny subscription for queue='q3'");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
#=====================================
# ACL publish tests
#=====================================
-
+
def test_publish_acl_allow_mode(self):
"""
Test various publish acl
@@ -1122,40 +1122,40 @@
aclf = self.get_acl_file()
aclf.write('acl deny bob@QPID publish exchange name=amq.direct routingkey=rk1\n')
aclf.write('acl deny bob@QPID publish exchange name=amq.topic\n')
- aclf.write('acl deny bob@QPID publish exchange name=myEx routingkey=rk2\n')
+ aclf.write('acl deny bob@QPID publish exchange name=myEx routingkey=rk2\n')
aclf.write('acl allow all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
-
+
props = session.delivery_properties(routing_key="rk1")
-
- try:
+
+ try:
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=amq.direct routingkey=rk1");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
- session = self.get_session('bob','bob')
-
+ session = self.get_session('bob','bob')
+
try:
session.message_transfer(destination="amq.topic", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=amq.topic");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
session = self.get_session('bob','bob')
-
+
try:
session.exchange_declare(exchange='myEx', type='direct', durable=False)
session.message_transfer(destination="myEx", message=Message(props,"Test"))
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
- self.fail("ACL should allow message transfer to exchange myEx with routing key rk1");
-
-
+ self.fail("ACL should allow message transfer to exchange myEx with routing key rk1");
+
+
props = session.delivery_properties(routing_key="rk2")
try:
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
@@ -1172,39 +1172,39 @@
aclf.write('acl allow bob@QPID publish exchange name=amq.direct routingkey=rk1\n')
aclf.write('acl allow bob@QPID publish exchange name=amq.topic\n')
aclf.write('acl allow bob@QPID publish exchange name=myEx routingkey=rk2\n')
- aclf.write('acl allow bob@QPID create exchange\n')
- aclf.write('acl allow anonymous all all \n')
+ aclf.write('acl allow bob@QPID create exchange\n')
+ aclf.write('acl allow anonymous all all \n')
aclf.write('acl deny all all')
- aclf.close()
-
+ aclf.close()
+
result = self.reload_acl()
if (result):
- self.fail(result)
-
+ self.fail(result)
+
session = self.get_session('bob','bob')
-
+
props = session.delivery_properties(routing_key="rk2")
-
- try:
+
+ try:
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
self.fail("ACL should deny message transfer to name=amq.direct routingkey=rk2");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
- session = self.get_session('bob','bob')
-
+ session = self.get_session('bob','bob')
+
try:
session.message_transfer(destination="amq.topic", message=Message(props,"Test"))
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
- self.fail("ACL should allow message transfer to exchange amq.topic with any routing key");
-
+ self.fail("ACL should allow message transfer to exchange amq.topic with any routing key");
+
try:
session.exchange_declare(exchange='myEx', type='direct', durable=False)
session.message_transfer(destination="myEx", message=Message(props,"Test"))
except qpid.session.SessionException, e:
if (403 == e.args[0].error_code):
- self.fail("ACL should allow message transfer to exchange myEx with routing key=rk2");
-
+ self.fail("ACL should allow message transfer to exchange myEx with routing key=rk2");
+
props = session.delivery_properties(routing_key="rk1")
try:
@@ -1212,7 +1212,7 @@
self.fail("ACL should deny message transfer to name=myEx routingkey=rk1");
except qpid.session.SessionException, e:
self.assertEqual(403,e.args[0].error_code)
- session = self.get_session('bob','bob')
+ session = self.get_session('bob','bob')
try:
session.message_transfer(destination="amq.direct", message=Message(props,"Test"))
