From 6aa724ef31b47a8f2ad684ff8483faef0dac5f21 Mon Sep 17 00:00:00 2001 From: Ery Lee Date: Wed, 25 Mar 2015 22:46:47 +0800 Subject: [PATCH] acl --- apps/emqttd/src/emqttd_access.erl | 42 ++++++++++++++++++++++++++++--- 1 file changed, 39 insertions(+), 3 deletions(-) diff --git a/apps/emqttd/src/emqttd_access.erl b/apps/emqttd/src/emqttd_access.erl index 7be0d044c..4fc301fd6 100644 --- a/apps/emqttd/src/emqttd_access.erl +++ b/apps/emqttd/src/emqttd_access.erl @@ -28,8 +28,44 @@ -include("emqttd.hrl"). --export([match/2]). +-export([match/3]). -match({User, Topic}, Rules) -> - ok. +-type who() :: all | + {clientid, binary()} | + {peername, string() | inet:ip_address()} | + {username, binary()}. +-type rule() :: {allow, all} | + {allow, who(), binary()} | + {deny, all} | + {deny, who(), binary()}. + +-spec match(mqtt_user(), binary(), list(rule())) -> allow | deny | nomatch. +match(_User, _Topic, []) -> + nomatch; +match(_User, _Topic, [{AllowDeny, all}|_]) -> + AllowDeny; +match(User, Topic, [{AllowDeny, all, TopicFilter}|Rules]) -> + case emqttd_topic:match(Topic, TopicFilter) of + true -> AllowDeny; + false -> match(User, Topic, Rules) + end; + +match(User = #mqtt_user{clientid = ClientId}, Topic, [{AllowDeny, ClientId, TopicFilter}|Rules]) when is_binary(ClientId) -> + case emqttd_topic:match(Topic, TopicFilter) of + true -> AllowDeny; + false -> match(User, Topic, Rules) + end; +match(User = #mqtt_user{peername = IpAddr}, Topic, [{AllowDeny, {peername, CIDR}, TopicFilter}|Rules]) -> + case {match_cidr(IpAddr, CIDR), emqttd_topic:match(Topic, TopicFilter)} of + {true, true} -> AllowDeny; + _ -> match(User, Topic, Rules) + end; +match(User = #mqtt_user{username = Username}, Topic, [{AllowDeny, {username, Username}, TopicFilter}|Rules]) -> + case emqttd_topic:match(Topic, TopicFilter) of + true -> AllowDeny; + false -> match(User, Topic, Rules) + end. + +match_cidr(IpAddr, CIDR) -> true. +