Qpid
  1. Qpid
  2. QPID-3918

Add management acl-query test methods to C++ broker ACL plugin

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.14
    • Fix Version/s: 0.17
    • Component/s: C++ Broker
    • Labels:
      None

      Description

      In its current form the ACL module is not testable in a customer deployment. The ACL module loads the ACL file and from then on only real-world activity triggers allow and deny decisions.

      This feature proposal adds two management methods that are directly tied to the ACL decision Lookup functions. Using them a customer may start a dummy broker process that uses his actual (1) ACL rule file. Then using a management application the customer may fire off a set of lookups against his rule file to see if the ACL rules deliver the intended results.

      This feature could also be used to augment the self tests. It is very hard to stage enough driver code to trigger some of the ACL queries. Using the proposed methods then the self test can launch any ACL query directly.

      (1) As usual the ACL file must be bent enough to allow 'anonymous' to have access to the management methods

      1. acl-test-01.log
        52 kB
        Chuck Rolke
      2. acl-test-01.py
        6 kB
        Chuck Rolke
      3. acl-test-01-brokerlog.txt
        0.5 kB
        Chuck Rolke
      4. acl-test-01-rules.acl
        2 kB
        Chuck Rolke

        Activity

        Hide
        Chuck Rolke added a comment -

        Fixed in 0.17

        Show
        Chuck Rolke added a comment - Fixed in 0.17
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/#review6693
        -----------------------------------------------------------

        Ship it!

        This looks great. Clean up the whitespace in the Python code.

        • Ted

        On 2012-04-04 15:42:02, Chug Rolke wrote:

        -----------------------------------------------------------

        This is an automatically generated e-mail. To reply, visit:

        https://reviews.apache.org/r/4525/

        -----------------------------------------------------------

        (Updated 2012-04-04 15:42:02)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary

        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.

        https://issues.apache.org/jira/browse/QPID-3918

        Diffs

        -----

        trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073

        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073

        trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073

        trunk/qpid/cpp/src/tests/acl.py 1307073

        trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073

        Diff: https://reviews.apache.org/r/4525/diff

        Testing

        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/#review6693 ----------------------------------------------------------- Ship it! This looks great. Clean up the whitespace in the Python code. Ted On 2012-04-04 15:42:02, Chug Rolke wrote: ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-04-04 15:42:02) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs ----- trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073 trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073 trunk/qpid/cpp/src/tests/acl.py 1307073 trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/#review6691
        -----------------------------------------------------------

        Ship it!

        • Alan

        On 2012-04-04 15:42:02, Chug Rolke wrote:

        -----------------------------------------------------------

        This is an automatically generated e-mail. To reply, visit:

        https://reviews.apache.org/r/4525/

        -----------------------------------------------------------

        (Updated 2012-04-04 15:42:02)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary

        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.

        https://issues.apache.org/jira/browse/QPID-3918

        Diffs

        -----

        trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073

        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073

        trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073

        trunk/qpid/cpp/src/tests/acl.py 1307073

        trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073

        Diff: https://reviews.apache.org/r/4525/diff

        Testing

        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/#review6691 ----------------------------------------------------------- Ship it! Alan On 2012-04-04 15:42:02, Chug Rolke wrote: ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-04-04 15:42:02) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs ----- trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073 trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073 trunk/qpid/cpp/src/tests/acl.py 1307073 trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/#review6690
        -----------------------------------------------------------

        Ship it!

        Except for the whitespace, this looks good.

        trunk/qpid/cpp/src/tests/acl.py
        <https://reviews.apache.org/r/4525/#comment14493>

        Looks like a bunch of whitespace errors here.

        • Andrew

        On 2012-04-04 15:42:02, Chug Rolke wrote:

        -----------------------------------------------------------

        This is an automatically generated e-mail. To reply, visit:

        https://reviews.apache.org/r/4525/

        -----------------------------------------------------------

        (Updated 2012-04-04 15:42:02)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary

        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.

        https://issues.apache.org/jira/browse/QPID-3918

        Diffs

        -----

        trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073

        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073

        trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073

        trunk/qpid/cpp/src/tests/acl.py 1307073

        trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073

        Diff: https://reviews.apache.org/r/4525/diff

        Testing

        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/#review6690 ----------------------------------------------------------- Ship it! Except for the whitespace, this looks good. trunk/qpid/cpp/src/tests/acl.py < https://reviews.apache.org/r/4525/#comment14493 > Looks like a bunch of whitespace errors here. Andrew On 2012-04-04 15:42:02, Chug Rolke wrote: ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-04-04 15:42:02) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs ----- trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073 trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073 trunk/qpid/cpp/src/tests/acl.py 1307073 trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/#review6619
        -----------------------------------------------------------

        • Alan

        On 2012-04-04 15:42:02, Chug Rolke wrote:

        -----------------------------------------------------------

        This is an automatically generated e-mail. To reply, visit:

        https://reviews.apache.org/r/4525/

        -----------------------------------------------------------

        (Updated 2012-04-04 15:42:02)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary

        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.

        https://issues.apache.org/jira/browse/QPID-3918

        Diffs

        -----

        trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073

        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073

        trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073

        trunk/qpid/cpp/src/tests/acl.py 1307073

        trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073

        Diff: https://reviews.apache.org/r/4525/diff

        Testing

        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/#review6619 ----------------------------------------------------------- Alan On 2012-04-04 15:42:02, Chug Rolke wrote: ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-04-04 15:42:02) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs ----- trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073 trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073 trunk/qpid/cpp/src/tests/acl.py 1307073 trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/
        -----------------------------------------------------------

        (Updated 2012-04-04 15:42:02.279036)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Changes
        -------

        Use the management hooks in the acl.py self test.
        There are two parts to the ACL tests: 1) When something happens in the broker does the correct authorise() function get called? and 2) When an authorise() function gets called does the ACL logic evaluate correctly? This patch addresses part 2 making it clear and easy to test the ACL logic.

        Summary
        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.
        https://issues.apache.org/jira/browse/QPID-3918

        Diffs (updated)


        trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073
        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073
        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073
        trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073
        trunk/qpid/cpp/src/tests/acl.py 1307073
        trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073

        Diff: https://reviews.apache.org/r/4525/diff

        Testing
        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-04-04 15:42:02.279036) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Changes ------- Use the management hooks in the acl.py self test. There are two parts to the ACL tests: 1) When something happens in the broker does the correct authorise() function get called? and 2) When an authorise() function gets called does the ACL logic evaluate correctly? This patch addresses part 2 making it clear and easy to test the ACL logic. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs (updated) trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073 trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073 trunk/qpid/cpp/src/tests/acl.py 1307073 trunk/qpid/tools/src/py/qpidtoollibs/broker.py 1307073 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        Chuck Rolke added a comment -

        Refreshed user test scenario:
        1. Start the broker using the acl-test-01-rules.acl file.
        2. Run the python script acl-test-01.py
        3. The python output is shown in acl-test-01.log
        4. The broker was started with QPID_LOG_ENABLE=debug+:acl
        A short bit of the broker log is in acl-test-01-brokerlog.txt

        The ACL wiki page could use a description of how a user uses these features to verify his ACL settings.

        Show
        Chuck Rolke added a comment - Refreshed user test scenario: 1. Start the broker using the acl-test-01-rules.acl file. 2. Run the python script acl-test-01.py 3. The python output is shown in acl-test-01.log 4. The broker was started with QPID_LOG_ENABLE=debug+:acl A short bit of the broker log is in acl-test-01-brokerlog.txt The ACL wiki page could use a description of how a user uses these features to verify his ACL settings.
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/
        -----------------------------------------------------------

        (Updated 2012-03-30 15:54:07.491139)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Changes
        -------

        1. Don't log module load.
        2. Check in unrelated bug fixes separately.
        3. Change function try/catch scheme: Just have one try/catch. Change 'throw str' exception generation to 'throw qpid::Exception(str)' and then catch only std::exception.

        There was some push back to exclude this patch: it does not add to the function of a broker and becomes one more piece of unrelated code that fails to be maintained. An alternative is to create a separate library or executable that loads acl.so and implements the query functions there. This has the possibility of loading any acl.so and to give query results from any version of qpidd.

        I favor keeping this patch not just because it's complete and ready to go. Adding the proposed library or executable is a much larger task and is likely 'not worth doing'. This patch is very focused and exists in an optional, loadable module; as such it doesn't burden the broker at run-time or change any of its performance characteristics. Also, by being in the broker itself it can never give wrong results because it loaded the wrong acl.so file.

        Summary
        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.
        https://issues.apache.org/jira/browse/QPID-3918

        Diffs (updated)


        trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073
        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073
        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073
        trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073

        Diff: https://reviews.apache.org/r/4525/diff

        Testing
        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-03-30 15:54:07.491139) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Changes ------- 1. Don't log module load. 2. Check in unrelated bug fixes separately. 3. Change function try/catch scheme: Just have one try/catch. Change 'throw str' exception generation to 'throw qpid::Exception(str)' and then catch only std::exception. There was some push back to exclude this patch: it does not add to the function of a broker and becomes one more piece of unrelated code that fails to be maintained. An alternative is to create a separate library or executable that loads acl.so and implements the query functions there. This has the possibility of loading any acl.so and to give query results from any version of qpidd. I favor keeping this patch not just because it's complete and ready to go. Adding the proposed library or executable is a much larger task and is likely 'not worth doing'. This patch is very focused and exists in an optional, loadable module; as such it doesn't burden the broker at run-time or change any of its performance characteristics. Also, by being in the broker itself it can never give wrong results because it loaded the wrong acl.so file. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs (updated) trunk/qpid/cpp/src/qpid/acl/Acl.h 1307073 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1307073 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1307073 trunk/qpid/cpp/src/qpid/broker/AclModule.h 1307073 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/#review6454
        -----------------------------------------------------------

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp
        <https://reviews.apache.org/r/4525/#comment14084>

        never use "catch (...)" unless you also use "throw"

        • it thoroughly screws up debugging on windows.
        • If you don't know at least roughly what you are expecting you shouldn't be catching it the most general you should catch is std::exception&.

        [I also agree with Alan's assessment about the try blocks being way too granular]

        • Andrew

        On 2012-03-27 19:10:23, Chug Rolke wrote:

        -----------------------------------------------------------

        This is an automatically generated e-mail. To reply, visit:

        https://reviews.apache.org/r/4525/

        -----------------------------------------------------------

        (Updated 2012-03-27 19:10:23)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary

        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.

        https://issues.apache.org/jira/browse/QPID-3918

        Diffs

        -----

        trunk/qpid/cpp/src/qpid/Modules.cpp 1305877

        trunk/qpid/cpp/src/qpid/acl/Acl.h 1305877

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1305877

        trunk/qpid/cpp/src/qpid/acl/AclData.cpp 1305877

        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1305877

        Diff: https://reviews.apache.org/r/4525/diff

        Testing

        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/#review6454 ----------------------------------------------------------- trunk/qpid/cpp/src/qpid/acl/Acl.cpp < https://reviews.apache.org/r/4525/#comment14084 > never use "catch (...)" unless you also use "throw" it thoroughly screws up debugging on windows. If you don't know at least roughly what you are expecting you shouldn't be catching it the most general you should catch is std::exception&. [I also agree with Alan's assessment about the try blocks being way too granular] Andrew On 2012-03-27 19:10:23, Chug Rolke wrote: ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-03-27 19:10:23) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs ----- trunk/qpid/cpp/src/qpid/Modules.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/Acl.h 1305877 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/AclData.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1305877 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/#review6449
        -----------------------------------------------------------

        trunk/qpid/cpp/src/qpid/Modules.cpp
        <https://reviews.apache.org/r/4525/#comment14072>

        We had this before and took it out. Causes logging before the logging subsystem is properly initialized. Don't remember the exact symptoms but the log text can wind up in inappropriate places.

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp
        <https://reviews.apache.org/r/4525/#comment14073>

        I'm not keen on individual try/catch around every step, it makes the code hard to follow. I'd put a single try-catch around the lot, or just let the exception get thrown: the management infrastructure will catch it and put the exception message in the QMF response.

        • Alan

        On 2012-03-27 19:10:23, Chug Rolke wrote:

        -----------------------------------------------------------

        This is an automatically generated e-mail. To reply, visit:

        https://reviews.apache.org/r/4525/

        -----------------------------------------------------------

        (Updated 2012-03-27 19:10:23)

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary

        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.

        https://issues.apache.org/jira/browse/QPID-3918

        Diffs

        -----

        trunk/qpid/cpp/src/qpid/Modules.cpp 1305877

        trunk/qpid/cpp/src/qpid/acl/Acl.h 1305877

        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1305877

        trunk/qpid/cpp/src/qpid/acl/AclData.cpp 1305877

        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1305877

        Diff: https://reviews.apache.org/r/4525/diff

        Testing

        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/#review6449 ----------------------------------------------------------- trunk/qpid/cpp/src/qpid/Modules.cpp < https://reviews.apache.org/r/4525/#comment14072 > We had this before and took it out. Causes logging before the logging subsystem is properly initialized. Don't remember the exact symptoms but the log text can wind up in inappropriate places. trunk/qpid/cpp/src/qpid/acl/Acl.cpp < https://reviews.apache.org/r/4525/#comment14073 > I'm not keen on individual try/catch around every step, it makes the code hard to follow. I'd put a single try-catch around the lot, or just let the exception get thrown: the management infrastructure will catch it and put the exception message in the QMF response. Alan On 2012-03-27 19:10:23, Chug Rolke wrote: ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- (Updated 2012-03-27 19:10:23) Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs ----- trunk/qpid/cpp/src/qpid/Modules.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/Acl.h 1305877 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/AclData.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1305877 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug
        Hide
        Chuck Rolke added a comment -

        The attached files demonstrate how this feature would work.

        • The rules file is a simple but non-trivial ACL file.
        • The py file is a qmf.console test driver that runs queries against the broker with the ACLs.
        • The log shows the result.
        Show
        Chuck Rolke added a comment - The attached files demonstrate how this feature would work. The rules file is a simple but non-trivial ACL file. The py file is a qmf.console test driver that runs queries against the broker with the ACLs. The log shows the result.
        Hide
        jiraposter@reviews.apache.org added a comment -

        -----------------------------------------------------------
        This is an automatically generated e-mail. To reply, visit:
        https://reviews.apache.org/r/4525/
        -----------------------------------------------------------

        Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu.

        Summary
        -------

        Add management methods that let a customer drive arbitrary ACL lookup queries.

        This addresses bug QPID-3918.
        https://issues.apache.org/jira/browse/QPID-3918

        Diffs


        trunk/qpid/cpp/src/qpid/Modules.cpp 1305877
        trunk/qpid/cpp/src/qpid/acl/Acl.h 1305877
        trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1305877
        trunk/qpid/cpp/src/qpid/acl/AclData.cpp 1305877
        trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1305877

        Diff: https://reviews.apache.org/r/4525/diff

        Testing
        -------

        Thanks,

        Chug

        Show
        jiraposter@reviews.apache.org added a comment - ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/4525/ ----------------------------------------------------------- Review request for qpid, Alan Conway, Gordon Sim, and rajith attapattu. Summary ------- Add management methods that let a customer drive arbitrary ACL lookup queries. This addresses bug QPID-3918 . https://issues.apache.org/jira/browse/QPID-3918 Diffs trunk/qpid/cpp/src/qpid/Modules.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/Acl.h 1305877 trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/AclData.cpp 1305877 trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1305877 Diff: https://reviews.apache.org/r/4525/diff Testing ------- Thanks, Chug

          People

          • Assignee:
            Chuck Rolke
            Reporter:
            Chuck Rolke
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development