[
https://issues.apache.org/jira/browse/QPID-8565?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17436836#comment-17436836
]
ASF GitHub Bot commented on QPID-8565:
--------------------------------------
alex-rufous commented on a change in pull request #113:
URL: https://github.com/apache/qpid-broker-j/pull/113#discussion_r740212386
##########
File path:
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicatesBuilder.java
##########
@@ -123,6 +123,16 @@ else if (property == Property.ATTRIBUTES)
{
_attributeNames.addAll(splitToSet(value));
}
+ else if (property == Property.CONNECTION_LIMIT)
+ {
+ LOGGER.warn("The ACL Rule property 'connection_limit' has been
deprecated");
Review comment:
The log message is misleading. The feature was completely removed. Only
syntax support was left behind
##########
File path:
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicatesBuilder.java
##########
@@ -123,6 +123,16 @@ else if (property == Property.ATTRIBUTES)
{
_attributeNames.addAll(splitToSet(value));
}
+ else if (property == Property.CONNECTION_LIMIT)
+ {
+ LOGGER.warn("The ACL Rule property 'connection_limit' has been
deprecated");
+ return false;
+ }
+ else if (property == Property.CONNECTION_FREQUENCY_LIMIT)
+ {
+ LOGGER.warn("The ACL Rule property 'connection_frequency_limit'
has been deprecated");
Review comment:
The log message is misleading. The feature was completely removed. Only
syntax support was left behind
##########
File path:
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RulePredicate.java
##########
@@ -62,5 +71,16 @@ public boolean matches(LegacyOperation operation,
ObjectProperties objectPropert
return true;
}
+ @Override
+ public RulePredicate and(RulePredicate other)
Review comment:
IMHO, this breaks a semantic of logical and,
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
> [Broker-J] Enhancement of ACL rule predicates evaluation
> --------------------------------------------------------
>
> Key: QPID-8565
> URL: https://issues.apache.org/jira/browse/QPID-8565
> Project: Qpid
> Issue Type: Improvement
> Components: Broker-J
> Reporter: Marek Laca
> Priority: Minor
> Labels: Broker, Java
>
> The access control plugin checks the rights of the user to perform an action
> on the broker's component. The access control plugin iterates through the ACL
> rules and checks their predicates. The user action is denied or allowed based
> on the test result.
> The aim of this task are refactoring of the code that is required for the
> [QPID-8487|https://issues.apache.org/jira/browse/QPID-8487] and
> [QPID-8488|https://issues.apache.org/jira/browse/QPID-8488], improving the
> test of the ACL rule predicates and removing useless classes. Changes should
> not have any impact on the functionality of the access control plugin.
> The ObjectProperties class has two responsibilities, it holds the rule
> predicates and also the objects properties that are checked. The
> responsibilities of ObjectProperties class should be split because the code
> should honor the principle of one responsibility per class.
> The Rule class is treated as immutable but the immutability is not enforce by
> the code.
> The Action, AclAction and ClientAction classes are only data holders that
> don't have any real responsibility.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
