Major Description
-
- Why
Today, James requires management API rights to list mail queues.
Why?
- List of mailqueues can be heterogeneous across the cluster (especially in case of specialized instances)
- AMQP client do not support listing mail queues
- Thus we ended up relying on the management plugin.
This, of course, is a security violation, as it might lead to right escalation, and might affect other tenants co-hosted on RabbitMQ.
-
- Definition of Done
- [ ] James no longer require administrative rights
- [ ] An ADR needs to be written about this
-
- How
As deleting a mail queue is not a supporting implementation, we can rely on a `Set<String>` cassandra table containing the names of the mail queues in use.
James nodes can then rely on this to know if a mail queue is used or not.
Eventual consistency will be achieved between this cassandra view and the actual rabbitMQ content:
- Register a created queue in Cassandra first, then create it in Rabbit.
- Given a cassandra registered queue, not existing in rabbit, a james node restart configured with that queue will create the queue in rabbit.
