The access control plugin checks the rights of the user to perform an action on the broker's component. The access control plugin iterates through the ACL rules and checks their predicates. The user action is denied or allowed based on the test result.
The aim of this task are refactoring of the code that is required for the QPID-8487 and QPID-8488, improving the test of the ACL rule predicates and removing useless classes. Changes should not have any impact on the functionality of the access control plugin.
The ObjectProperties class has two responsibilities, it holds the rule predicates and also the objects properties that are checked. The responsibilities of ObjectProperties class should be split because the code should honor the principle of one responsibility per class.
The Rule class is treated as immutable but the immutability is not enforce by the code.
The Action, AclAction and ClientAction classes are only data holders that don't have any real responsibility.