fix check_acl

This commit is contained in:
Feng Lee 2015-04-16 23:51:37 +08:00
parent 2ed2426a33
commit 94dd3b042d
2 changed files with 6 additions and 6 deletions

View File

@ -95,7 +95,7 @@ auth(Client, Password, [{Mod, State} | Mods]) ->
check_acl(Client, PubSub, Topic) when PubSub =:= publish orelse PubSub =:= subscribe -> check_acl(Client, PubSub, Topic) when PubSub =:= publish orelse PubSub =:= subscribe ->
case lookup_mods(acl) of case lookup_mods(acl) of
[] -> allow; [] -> allow;
[{_, AclMods}] -> check_acl(Client, PubSub, Topic, AclMods) AclMods -> check_acl(Client, PubSub, Topic, AclMods)
end. end.
check_acl(#mqtt_client{clientid = ClientId}, PubSub, Topic, []) -> check_acl(#mqtt_client{clientid = ClientId}, PubSub, Topic, []) ->
lager:error("ACL: nomatch when ~s ~s ~s", [ClientId, PubSub, Topic]), lager:error("ACL: nomatch when ~s ~s ~s", [ClientId, PubSub, Topic]),
@ -124,7 +124,7 @@ reload_acl() ->
%% @end %% @end
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
-spec register_mod(Type :: auth | acl, Mod :: atom(), Opts :: list()) -> ok | {error, any()}. -spec register_mod(Type :: auth | acl, Mod :: atom(), Opts :: list()) -> ok | {error, any()}.
register_mod(Type, Mod, Opts) -> register_mod(Type, Mod, Opts) when Type =:= auth; Type =:= acl->
gen_server:call(?SERVER, {register_mod, Type, Mod, Opts}). gen_server:call(?SERVER, {register_mod, Type, Mod, Opts}).
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
@ -134,7 +134,7 @@ register_mod(Type, Mod, Opts) ->
%% @end %% @end
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
-spec unregister_mod(Type :: auth | acl, Mod :: atom()) -> ok | {error, any()}. -spec unregister_mod(Type :: auth | acl, Mod :: atom()) -> ok | {error, any()}.
unregister_mod(Type, Mod) -> unregister_mod(Type, Mod) when Type =:= auth; Type =:= acl ->
gen_server:call(?SERVER, {unregister_mod, Type, Mod}). gen_server:call(?SERVER, {unregister_mod, Type, Mod}).
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
@ -169,8 +169,8 @@ stop() ->
init([AcOpts]) -> init([AcOpts]) ->
ets:new(?ACCESS_CONTROL_TAB, [set, named_table, protected, {read_concurrency, true}]), ets:new(?ACCESS_CONTROL_TAB, [set, named_table, protected, {read_concurrency, true}]),
ets:insert(?ACCESS_CONTROL_TAB, init_mods(auth, proplists:get_value(auth, AcOpts))), ets:insert(?ACCESS_CONTROL_TAB, {auth_modules, init_mods(auth, proplists:get_value(auth, AcOpts))}),
ets:insert(?ACCESS_CONTROL_TAB, init_mods(acl, proplists:get_value(acl, AcOpts))), ets:insert(?ACCESS_CONTROL_TAB, {acl_modules, init_mods(acl, proplists:get_value(acl, AcOpts))}),
{ok, state}. {ok, state}.
init_mods(auth, AuthMods) -> init_mods(auth, AuthMods) ->

View File

@ -167,7 +167,7 @@ handle(Packet = ?PUBLISH_PACKET(?QOS_1, Topic, PacketId, _Payload),
handle(Packet = ?PUBLISH_PACKET(?QOS_2, Topic, PacketId, _Payload), handle(Packet = ?PUBLISH_PACKET(?QOS_2, Topic, PacketId, _Payload),
State = #proto_state{clientid = ClientId, session = Session}) -> State = #proto_state{clientid = ClientId, session = Session}) ->
case emqttd_access_control:check_acl({client(State), publish, Topic}) of case emqttd_access_control:check_acl(client(State), publish, Topic) of
allow -> allow ->
NewSession = emqttd_session:publish(Session, ClientId, {?QOS_2, emqtt_message:from_packet(Packet)}), NewSession = emqttd_session:publish(Session, ClientId, {?QOS_2, emqtt_message:from_packet(Packet)}),
send(?PUBACK_PACKET(?PUBREC, PacketId), State#proto_state{session = NewSession}); send(?PUBACK_PACKET(?PUBREC, PacketId), State#proto_state{session = NewSession});