acl

2015-03-25 22:46:47 +08:00 · 2015-03-25 22:46:47 +08:00 · 6aa724ef31
parent de87edac83
commit 6aa724ef31
1 changed files with 39 additions and 3 deletions
--- a/apps/emqttd/src/emqttd_access.erl
+++ b/apps/emqttd/src/emqttd_access.erl
@ -28,8 +28,44 @@

 -include("emqttd.hrl").

-export([match/2]).
+-export([match/3]).

-match({User, Topic}, Rules) ->
-    ok.
+-type who() :: all | 
+               {clientid, binary()} | 
+               {peername, string() | inet:ip_address()} |
+               {username, binary()}.

+-type rule() :: {allow, all} |
+                {allow, who(), binary()} |
+                {deny,  all} |
+                {deny,  who(), binary()}.
+
+-spec match(mqtt_user(), binary(), list(rule())) -> allow | deny | nomatch.
+match(_User, _Topic, []) ->
+    nomatch;
+match(_User, _Topic, [{AllowDeny, all}|_]) ->
+    AllowDeny;
+match(User, Topic, [{AllowDeny, all, TopicFilter}|Rules]) ->
+    case emqttd_topic:match(Topic, TopicFilter) of
+        true -> AllowDeny;
+        false -> match(User, Topic, Rules)
+    end;
+
+match(User = #mqtt_user{clientid = ClientId}, Topic, [{AllowDeny, ClientId, TopicFilter}|Rules]) when is_binary(ClientId) ->
+    case emqttd_topic:match(Topic, TopicFilter) of
+        true -> AllowDeny;
+        false -> match(User, Topic, Rules)
+    end;
+match(User = #mqtt_user{peername = IpAddr}, Topic, [{AllowDeny, {peername, CIDR}, TopicFilter}|Rules]) ->
+    case {match_cidr(IpAddr, CIDR), emqttd_topic:match(Topic, TopicFilter)} of
+        {true, true} -> AllowDeny;
+        _ -> match(User, Topic, Rules)
+    end;
+match(User = #mqtt_user{username = Username}, Topic, [{AllowDeny, {username, Username}, TopicFilter}|Rules]) ->
+    case emqttd_topic:match(Topic, TopicFilter) of
+        true -> AllowDeny;
+        false -> match(User, Topic, Rules)
+    end.
+
+match_cidr(IpAddr, CIDR) -> true.
+