[jira] [Closed] (QPID-5565) [C++ broker] ACL queue create rules to take zero as unlimited value

Wed, 26 Feb 2014 06:16:36 -0800 

     [ 
https://issues.apache.org/jira/browse/QPID-5565?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pavel Moravec closed QPID-5565.
-------------------------------


> [C++ broker] ACL queue create rules to take zero as unlimited value
> -------------------------------------------------------------------
>
>                 Key: QPID-5565
>                 URL: https://issues.apache.org/jira/browse/QPID-5565
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker
>            Reporter: Pavel Moravec
>            Assignee: Pavel Moravec
>            Priority: Minor
>             Fix For: 0.27
>
>
> When declaring queue with e.g. qpid.max_size=0, the zero is interpreted as 
> "no limit in queue depth". While ACLs deal with zero as "queue depth is 
> zero". Therefore:
> 1) ACL rule like:
> acl allow all create queue queuemaxsizelowerlimit=10
> is not matched
> 2) ACL rule like:
> acl allow all create queue queuemaxsizeupperlimit=1000
> is matched.
> While both is wrong.
> The same applies to any numerically-compared properties of ACL queue create 
> rule, specifically to:
> acl::PROP_MAXPAGES
> acl::PROP_MAXPAGEFACTOR
> acl::PROP_MAXQUEUECOUNT
> acl::PROP_MAXQUEUESIZE
> acl::PROP_MAXFILECOUNT
> acl::PROP_MAXFILESIZE
> There are two approaches how to fix it:
> 1) in Broker.cpp, before calling ACL to authorize queue creation, replace 
> zero value by 9223372036854775807 (as hardcoded maximum for ACL numerical 
> value; see src/tests/Variant.cpp and/or src/tests/acl.py for more)
> 2) Within ACL, deal zero value as unlimited
> The first approach would allow future parameters having 0 as real zero value. 
> But Broker class would mimic/workaround some ACL work.
> The second approach would resolve the problem in better place, but it would 
> enforce that zero is interpreted as infinity everytime (can't it break 
> something? or on the other side, can't it unify handling 
> connection-limit-per-ip or max-queues-per-user options?)



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to