----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/5015/#review7640 -----------------------------------------------------------
Definitely needs to replicate state in a cluster. Shout if you need pointers. trunk/qpid/cpp/src/qpid/broker/Broker.cpp <https://reviews.apache.org/r/5015/#comment16850> This doesn't count deletions of auto-delete queues. Perhaps better to put this check in Queue::destroyed trunk/qpid/cpp/src/tests/acl.py <https://reviews.apache.org/r/5015/#comment16851> No need to catch an exception just to fail the test as a result. Allow the exception to cause the test to fail directly, that gives you a deeper stack trace to debug. - Alan On 2012-05-04 19:41:45, Chug Rolke wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/5015/ > ----------------------------------------------------------- > > (Updated 2012-05-04 19:41:45) > > > Review request for qpid, Alan Conway, Kim van der Riet, and Ted Ross. > > > Summary > ------- > > This patch fulfills a long-standing request to keep users from abusing broker > queue resources. If a user is allowed to create one queue he then can create > them by the thousdands. > > The code is more of a quota than an access control but it fits naturally in > the current ACL module. The implementation here is queue-centric but could be > generalized to support limiting exchanges as well. > > A few concerns arise: > > 1. This code counts/protects live requests coming in to single node. This > code does not protect queues that are presisting. The concern is that a user > creates his quota of persistent queues and then upon system restart the same > user can create another batch of queues since the persisted queues aren't > tracked. Is this a vaild concern? > > 2. The patch provides only a single setting for all users. > > 3. The patch makes no effort to replicate the queue count state across a > cluster. Surely this is a problem for clusters. > > > This addresses bug QPID-2393. > https://issues.apache.org/jira/browse/QPID-2393 > > > Diffs > ----- > > trunk/qpid/cpp/src/qpid/acl/Acl.h 1334118 > trunk/qpid/cpp/src/qpid/acl/Acl.cpp 1334118 > trunk/qpid/cpp/src/qpid/acl/AclPlugin.cpp 1334118 > trunk/qpid/cpp/src/qpid/acl/management-schema.xml 1334118 > trunk/qpid/cpp/src/qpid/broker/AclModule.h 1334118 > trunk/qpid/cpp/src/qpid/broker/Broker.cpp 1334118 > trunk/qpid/cpp/src/tests/acl.py 1334118 > trunk/qpid/cpp/src/tests/run_acl_tests 1334118 > > Diff: https://reviews.apache.org/r/5015/diff > > > Testing > ------- > > Unit tests included. > > > Thanks, > > Chug > >
