#777

2017-03-29 15:28:24 +08:00 · 2017-03-29 15:28:24 +08:00 · 4f0bd74f87
parent ec28773893
commit 4f0bd74f87
3 changed files with 13 additions and 10 deletions
--- a/etc/emq.conf
+++ b/etc/emq.conf
@ -100,6 +100,9 @@ log.crash.file = {{ platform_log_dir }}/crash.log
 ## Allow Anonymous authentication
 mqtt.allow_anonymous = true

+## ACL nomatch
+mqtt.acl_nomatch = allow
+
 ## Default ACL File
 mqtt.acl_file = {{ platform_etc_dir }}/acl.conf

--- a/priv/emq.schema
+++ b/priv/emq.schema
@ -307,6 +307,12 @@ end}.
  {datatype, {enum, [true, false]}}
 ]}.

+%% @doc ACL nomatch
+{mapping, "mqtt.acl_nomatch", "emqttd.acl_nomatch", [
+  {default, allow},
+  {datatype, {enum, [allow, deny]}}
+]}.
+
 %% @doc Default ACL File
 {mapping, "mqtt.acl_file", "emqttd.acl_file", [
  {datatype, string},
--- a/src/emqttd_access_control.erl
+++ b/src/emqttd_access_control.erl
@ -71,16 +71,10 @@ auth(Client, Password, [{Mod, State, _Seq} | Mods]) ->
      PubSub :: pubsub(),
      Topic  :: binary()).
 check_acl(Client, PubSub, Topic) when ?PS(PubSub) ->
-    case lookup_mods(acl) of
-        []      -> case emqttd:env(allow_anonymous, false) of
-                       true  -> allow;
-                       false -> deny
-                   end;
-        AclMods -> check_acl(Client, PubSub, Topic, AclMods)
-    end.
-check_acl(#mqtt_client{client_id = ClientId}, PubSub, Topic, []) ->
-    lager:error("ACL: nomatch for ~s ~s ~s", [ClientId, PubSub, Topic]),
-    allow;
+    check_acl(Client, PubSub, Topic, lookup_mods(acl)).
+
+check_acl(_Client, _PubSub, _Topic, []) ->
+    emqttd:env(acl_nomatch, allow);
 check_acl(Client, PubSub, Topic, [{Mod, State, _Seq}|AclMods]) ->
    case Mod:check_acl({Client, PubSub, Topic}, State) of
        allow  -> allow;