This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
commit 935108a8fa093e71fee13385dc2a0c94348eeb5c
Author: Alex Rudyy <oru...@apache.org>
AuthorDate: Mon Nov 1 01:20:09 2021 +0000
QPID-8565: [Broker-J] Tidy-up ACL refactoring
This closes #110
---
.../config/{predicates => }/AclRulePredicates.java | 14 ++---
.../{predicates => }/AclRulePredicatesBuilder.java | 13 +----
.../access/{firewall => config}/FirewallRule.java | 8 +--
.../qpid/server/security/access/config/Rule.java | 21 +++----
.../security/access/config/RuleCollector.java | 1 -
.../security/access/config/RulePredicate.java | 66 ++++++++++++++++++++++
.../config/predicates/AbstractPredicate.java | 48 ----------------
.../config/predicates/{Some.java => AnyValue.java} | 27 ++-------
.../access/config/predicates/AttributeNames.java | 21 ++-----
.../security/access/config/predicates/Equal.java | 27 ++-------
...ulePredicate.java => RulePredicateBuilder.java} | 60 +++-----------------
.../access/config/predicates/WildCard.java | 26 ++-------
.../access/firewall/AbstractFirewallRuleImpl.java | 30 +---------
.../access/firewall/FirewallRuleFactory.java | 2 +
.../access/firewall/HostnameFirewallRule.java | 15 -----
.../access/firewall/NetworkFirewallRule.java | 16 +-----
.../security/access/config/AclFileParserTest.java | 12 ----
.../{predicates => }/AclRulePredicatesTest.java | 23 ++------
.../access/config/RuleBasedAccessControlTest.java | 2 -
.../server/security/access/config/RuleSetTest.java | 1 -
.../server/security/access/config/RuleTest.java | 1 -
.../access/config/predicates/TestFirewallRule.java | 2 +-
.../security/access/firewall/FirewallRuleTest.java | 27 ++++-----
23 files changed, 137 insertions(+), 326 deletions(-)
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicates.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicates.java
similarity index 88%
rename from
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicates.java
rename to
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicates.java
index fd304eb..3d4cad4 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicates.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicates.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.qpid.server.security.access.config.predicates;
+package org.apache.qpid.server.security.access.config;
import java.util.AbstractMap;
import java.util.Collection;
@@ -28,9 +28,7 @@ import java.util.stream.Collectors;
import javax.security.auth.Subject;
-import org.apache.qpid.server.security.access.config.LegacyOperation;
-import org.apache.qpid.server.security.access.config.ObjectProperties;
-import org.apache.qpid.server.security.access.config.Property;
+import
org.apache.qpid.server.security.access.config.predicates.RulePredicateBuilder;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
import com.google.common.base.Joiner;
@@ -57,14 +55,14 @@ public final class AclRulePredicates extends
AbstractMap<Property, Set<Object>>
{
super();
_properties = newProperties(builder);
- _rulePredicate = RulePredicate.build(builder.getParsedProperties());
+ _rulePredicate =
RulePredicateBuilder.build(builder.getParsedProperties());
}
AclRulePredicates(FirewallRuleFactory factory, AclRulePredicatesBuilder
builder)
{
super();
_properties = newProperties(builder);
- _rulePredicate = RulePredicate.build(factory,
builder.getParsedProperties());
+ _rulePredicate = RulePredicateBuilder.build(factory,
builder.getParsedProperties());
}
private Map<Property, Set<Object>> newProperties(AclRulePredicatesBuilder
builder)
@@ -104,9 +102,9 @@ public final class AclRulePredicates extends
AbstractMap<Property, Set<Object>>
}
@Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ public boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
{
- return _rulePredicate.test(operation, objectProperties, subject);
+ return _rulePredicate.matches(operation, objectProperties, subject);
}
@Override
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicatesBuilder.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicatesBuilder.java
similarity index 92%
rename from
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicatesBuilder.java
rename to
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicatesBuilder.java
index 89e1fdb..a05317f 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicatesBuilder.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/AclRulePredicatesBuilder.java
@@ -16,7 +16,7 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.qpid.server.security.access.config.predicates;
+package org.apache.qpid.server.security.access.config;
import java.util.Arrays;
import java.util.Collections;
@@ -27,7 +27,6 @@ import java.util.Map;
import java.util.Objects;
import java.util.Set;
-import org.apache.qpid.server.security.access.config.Property;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
import org.slf4j.Logger;
@@ -124,16 +123,6 @@ public final class AclRulePredicatesBuilder
{
_attributeNames.addAll(splitToSet(value));
}
- else if (property == Property.CONNECTION_LIMIT)
- {
- LOGGER.warn("The ACL Rule property 'connection_limit' has been
deprecated");
- return false;
- }
- else if (property == Property.CONNECTION_FREQUENCY_LIMIT)
- {
- LOGGER.warn("The ACL Rule property 'connection_frequency_limit'
has been deprecated");
- return false;
- }
else
{
_parsedProperties.put(property,
Collections.singleton(sanitiseValue(property, value)));
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRule.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/FirewallRule.java
similarity index 72%
rename from
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRule.java
rename to
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/FirewallRule.java
index 602420c..60e1398 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRule.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/FirewallRule.java
@@ -17,21 +17,17 @@
* under the License.
*/
-package org.apache.qpid.server.security.access.firewall;
+package org.apache.qpid.server.security.access.config;
import javax.security.auth.Subject;
-import org.apache.qpid.server.security.access.config.LegacyOperation;
-import org.apache.qpid.server.security.access.config.ObjectProperties;
-import org.apache.qpid.server.security.access.config.predicates.RulePredicate;
-
@FunctionalInterface
public interface FirewallRule extends RulePredicate
{
boolean matches(Subject subject);
@Override
- default boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ default boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
{
return matches(subject);
}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/Rule.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/Rule.java
index 15f558f..1bf4213 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/Rule.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/Rule.java
@@ -25,9 +25,6 @@ import java.util.Objects;
import javax.security.auth.Subject;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicates;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicatesBuilder;
-import org.apache.qpid.server.security.access.config.predicates.RulePredicate;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
import org.apache.qpid.server.security.access.plugins.AclRule;
import org.apache.qpid.server.security.access.plugins.RuleOutcome;
@@ -104,7 +101,7 @@ public class Rule
private boolean propertiesAttributesMatch(LegacyOperation operation,
ObjectProperties objectProperties, Subject subject)
{
- return _rulePredicate.test(operation, objectProperties, subject);
+ return _rulePredicate.matches(operation, objectProperties, subject);
}
private boolean operationsMatch(LegacyOperation actionOperation)
@@ -220,12 +217,12 @@ public class Rule
private ObjectType _object = ObjectType.ALL;
private RuleOutcome _outcome = RuleOutcome.DENY_LOG;
- private final AclRulePredicatesBuilder _predicates;
+ private final AclRulePredicatesBuilder _aclRulePredicatesBuilder;
public Builder()
{
super();
- _predicates = new AclRulePredicatesBuilder();
+ _aclRulePredicatesBuilder = new AclRulePredicatesBuilder();
}
public Builder withIdentity(String identity)
@@ -254,13 +251,13 @@ public class Rule
public Builder withPredicate(String key, String value)
{
- _predicates.parse(key, value);
+ _aclRulePredicatesBuilder.parse(key, value);
return this;
}
public Builder withPredicate(Property key, String value)
{
- _predicates.put(key, value);
+ _aclRulePredicatesBuilder.put(key, value);
return this;
}
@@ -274,11 +271,11 @@ public class Rule
{
for (final Map.Entry<Property, Object> entry :
properties.getAll().entrySet())
{
- _predicates.put(entry.getKey(), entry.getValue().toString());
+ _aclRulePredicatesBuilder.put(entry.getKey(),
entry.getValue().toString());
}
for (final String name : properties.getAttributeNames())
{
- _predicates.put(Property.ATTRIBUTES, name);
+ _aclRulePredicatesBuilder.put(Property.ATTRIBUTES, name);
}
return this;
}
@@ -286,13 +283,13 @@ public class Rule
public Rule build()
{
validate();
- return new Rule(_identity, _operation, _object,
_predicates.build(), _outcome);
+ return new Rule(_identity, _operation, _object,
_aclRulePredicatesBuilder.build(), _outcome);
}
public Rule build(FirewallRuleFactory firewallRuleFactory)
{
validate();
- return new Rule(_identity, _operation, _object,
_predicates.build(firewallRuleFactory), _outcome);
+ return new Rule(_identity, _operation, _object,
_aclRulePredicatesBuilder.build(firewallRuleFactory), _outcome);
}
private void validate()
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleCollector.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleCollector.java
index bbfdf7e..0981435 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleCollector.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleCollector.java
@@ -28,7 +28,6 @@ import java.util.TreeMap;
import org.apache.qpid.server.logging.EventLoggerProvider;
import org.apache.qpid.server.security.Result;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicates;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RulePredicate.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RulePredicate.java
new file mode 100644
index 0000000..73792df
--- /dev/null
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RulePredicate.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.qpid.server.security.access.config;
+
+import java.util.Objects;
+
+import javax.security.auth.Subject;
+
+@FunctionalInterface
+public interface RulePredicate
+{
+ boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject);
+
+ default RulePredicate and(RulePredicate other)
+ {
+ Objects.requireNonNull(other);
+ return (operation, objectProperties, subject) ->
+ RulePredicate.this.matches(operation, objectProperties,
subject)
+ && other.matches(operation, objectProperties, subject);
+ }
+
+ default RulePredicate or(RulePredicate other) {
+ Objects.requireNonNull(other);
+ return (operation, objectProperties, subject) ->
+ RulePredicate.this.matches(operation, objectProperties,
subject)
+ || other.matches(operation, objectProperties, subject);
+ }
+
+ static RulePredicate any()
+ {
+ return Any.INSTANCE;
+ }
+
+ final class Any implements RulePredicate
+ {
+ public static final RulePredicate INSTANCE = new Any();
+
+ private Any()
+ {
+ super();
+ }
+
+ @Override
+ public boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ {
+ return true;
+ }
+
+ }
+}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AbstractPredicate.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AbstractPredicate.java
deleted file mode 100644
index 77b7763..0000000
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AbstractPredicate.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.qpid.server.security.access.config.predicates;
-
-import java.util.Objects;
-
-abstract class AbstractPredicate implements RulePredicate
-{
- final RulePredicate _previousPredicate;
-
- abstract RulePredicate copy(RulePredicate subPredicate);
-
- AbstractPredicate(RulePredicate previousPredicate)
- {
- _previousPredicate = Objects.requireNonNull(previousPredicate);
- }
-
- AbstractPredicate()
- {
- this(RulePredicate.any());
- }
-
- @Override
- public RulePredicate and(RulePredicate other)
- {
- if (other instanceof Any)
- {
- return this;
- }
- return copy(_previousPredicate.and(other));
- }
-}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Some.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AnyValue.java
similarity index 64%
rename from
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Some.java
rename to
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AnyValue.java
index 7202b4e..2b39e7d 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Some.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AnyValue.java
@@ -25,42 +25,27 @@ import javax.security.auth.Subject;
import org.apache.qpid.server.security.access.config.LegacyOperation;
import org.apache.qpid.server.security.access.config.ObjectProperties;
import org.apache.qpid.server.security.access.config.Property;
+import org.apache.qpid.server.security.access.config.RulePredicate;
-final class Some extends AbstractPredicate
+final class AnyValue implements RulePredicate
{
private final Property _property;
static RulePredicate newInstance(Property property)
{
- return new Some(property);
+ return new AnyValue(property);
}
- private Some(Property property)
+ private AnyValue(Property property)
{
super();
_property = Objects.requireNonNull(property);
}
- private Some(Property property, RulePredicate subPredicate)
- {
- super(subPredicate);
- _property = Objects.requireNonNull(property);
- }
-
- private Some(Some predicate, RulePredicate subPredicate)
- {
- this(predicate._property, subPredicate);
- }
-
@Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ public boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
{
- return objectProperties.get(_property) != null &&
_previousPredicate.test(operation, objectProperties, subject);
+ return objectProperties.get(_property) != null;
}
- @Override
- RulePredicate copy(RulePredicate subPredicate)
- {
- return new Some(this, subPredicate);
- }
}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AttributeNames.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AttributeNames.java
index 6882f64..a54d72a 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AttributeNames.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/AttributeNames.java
@@ -25,12 +25,13 @@ import javax.security.auth.Subject;
import org.apache.qpid.server.security.access.config.LegacyOperation;
import org.apache.qpid.server.security.access.config.ObjectProperties;
+import org.apache.qpid.server.security.access.config.RulePredicate;
-final class AttributeNames extends AbstractPredicate
+final class AttributeNames implements RulePredicate
{
private final Set<String> _attributeNames;
- static RulePredicate newInstance(Set<String> attributeNames)
+ public static RulePredicate newInstance(Set<String> attributeNames)
{
return attributeNames.isEmpty() ? RulePredicate.any() : new
AttributeNames(attributeNames);
}
@@ -41,23 +42,11 @@ final class AttributeNames extends AbstractPredicate
_attributeNames = new HashSet<>(attributeNames);
}
- private AttributeNames(AttributeNames predicate, RulePredicate
subPredicate)
- {
- super(subPredicate);
- _attributeNames = predicate._attributeNames;
- }
-
@Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ public boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
{
return (operation != LegacyOperation.UPDATE ||
-
_attributeNames.containsAll(objectProperties.getAttributeNames())) &&
- _previousPredicate.test(operation, objectProperties, subject);
+
_attributeNames.containsAll(objectProperties.getAttributeNames()));
}
- @Override
- RulePredicate copy(RulePredicate subPredicate)
- {
- return new AttributeNames(this, subPredicate);
- }
}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Equal.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Equal.java
index cd69063..5656e3e 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Equal.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/Equal.java
@@ -25,14 +25,15 @@ import javax.security.auth.Subject;
import org.apache.qpid.server.security.access.config.LegacyOperation;
import org.apache.qpid.server.security.access.config.ObjectProperties;
import org.apache.qpid.server.security.access.config.Property;
+import org.apache.qpid.server.security.access.config.RulePredicate;
-final class Equal extends AbstractPredicate
+final class Equal implements RulePredicate
{
private final Object _value;
private final Property _property;
- static RulePredicate newInstance(Property property, Object value)
+ public static RulePredicate newInstance(Property property, Object value)
{
return value == null ? RulePredicate.any() : new Equal(property,
value);
}
@@ -44,28 +45,10 @@ final class Equal extends AbstractPredicate
_value = Objects.requireNonNull(value);
}
- private Equal(Property property, Object value, RulePredicate subPredicate)
- {
- super(subPredicate);
- _property = Objects.requireNonNull(property);
- _value = Objects.requireNonNull(value);
- }
-
- private Equal(Equal predicate, RulePredicate subPredicate)
- {
- this(predicate._property, predicate._value, subPredicate);
- }
-
@Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ public boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
{
- return _value.equals(objectProperties.get(_property)) &&
- _previousPredicate.test(operation, objectProperties, subject);
+ return _value.equals(objectProperties.get(_property));
}
- @Override
- RulePredicate copy(RulePredicate subPredicate)
- {
- return new Equal(this, subPredicate);
- }
}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/RulePredicate.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/RulePredicateBuilder.java
similarity index 66%
rename from
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/RulePredicate.java
rename to
broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/RulePredicateBuilder.java
index 7caca59..6f95ca8 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/RulePredicate.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/RulePredicateBuilder.java
@@ -19,66 +19,27 @@
package org.apache.qpid.server.security.access.config.predicates;
import java.util.Map;
-import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
-import javax.security.auth.Subject;
-
-import org.apache.qpid.server.security.access.config.LegacyOperation;
-import org.apache.qpid.server.security.access.config.ObjectProperties;
+import org.apache.qpid.server.security.access.config.AclRulePredicatesBuilder;
+import org.apache.qpid.server.security.access.config.RulePredicate;
import org.apache.qpid.server.security.access.config.Property;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
-@FunctionalInterface
-public interface RulePredicate
+public final class RulePredicateBuilder
{
- boolean test(LegacyOperation operation, ObjectProperties objectProperties,
Subject subject);
-
- default RulePredicate and(RulePredicate other)
- {
- if (Objects.requireNonNull(other) instanceof Any)
- {
- return this;
- }
- return (operation, objectProperties, subject) ->
- RulePredicate.this.test(operation, objectProperties, subject)
- && other.test(operation, objectProperties, subject);
- }
-
- static RulePredicate any()
- {
- return Any.INSTANCE;
- }
-
- final class Any implements RulePredicate
+ private RulePredicateBuilder()
{
- public static final RulePredicate INSTANCE = new Any();
-
- private Any()
- {
- super();
- }
-
- @Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
- {
- return true;
- }
-
- @Override
- public RulePredicate and(RulePredicate other)
- {
- return Objects.requireNonNull(other);
- }
+ super();
}
- static RulePredicate build(Map<Property, Set<?>> properties)
+ public static RulePredicate build(Map<Property, Set<?>> properties)
{
return build(new FirewallRuleFactory(), properties);
}
- static RulePredicate build(FirewallRuleFactory firewallRuleFactory,
Map<Property, Set<?>> properties)
+ public static RulePredicate build(FirewallRuleFactory firewallRuleFactory,
Map<Property, Set<?>> properties)
{
RulePredicate predicate = RulePredicate.any();
for (final Map.Entry<Property, Set<?>> entry : properties.entrySet())
@@ -88,7 +49,7 @@ public interface RulePredicate
return predicate;
}
- static RulePredicate build(FirewallRuleFactory firewallRuleFactory,
Property property, Set<?> values)
+ public static RulePredicate build(FirewallRuleFactory firewallRuleFactory,
Property property, Set<?> values)
{
RulePredicate predicate = RulePredicate.any();
switch (property)
@@ -111,9 +72,6 @@ public interface RulePredicate
predicate = AttributeNames.newInstance(
values.stream().map(Object::toString).collect(Collectors.toSet()));
break;
- case CONNECTION_LIMIT:
- case CONNECTION_FREQUENCY_LIMIT:
- break;
default:
for (final Object value : values)
{
@@ -122,7 +80,7 @@ public interface RulePredicate
final String str = (String) value;
if (AclRulePredicatesBuilder.WILD_CARD.equals(str))
{
- predicate =
predicate.and(Some.newInstance(property));
+ predicate =
predicate.and(AnyValue.newInstance(property));
}
else if
(str.endsWith(AclRulePredicatesBuilder.WILD_CARD))
{
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/WildCard.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/WildCard.java
index f3879d6..aa6dd1f 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/WildCard.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/predicates/WildCard.java
@@ -25,8 +25,9 @@ import javax.security.auth.Subject;
import org.apache.qpid.server.security.access.config.LegacyOperation;
import org.apache.qpid.server.security.access.config.ObjectProperties;
import org.apache.qpid.server.security.access.config.Property;
+import org.apache.qpid.server.security.access.config.RulePredicate;
-final class WildCard extends AbstractPredicate
+final class WildCard implements RulePredicate
{
private final String _prefix;
@@ -44,30 +45,11 @@ final class WildCard extends AbstractPredicate
_prefix = Objects.requireNonNull(prefix);
}
- private WildCard(Property property, String prefix, RulePredicate
subPredicate)
- {
- super(subPredicate);
- _property = Objects.requireNonNull(property);
- _prefix = Objects.requireNonNull(prefix);
- }
-
- private WildCard(WildCard predicate, RulePredicate subPredicate)
- {
- this(predicate._property, predicate._prefix, subPredicate);
- }
-
@Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
+ public boolean matches(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
{
final Object value = objectProperties.get(_property);
- return (value instanceof String) &&
- ((String) value).startsWith(_prefix) &&
- _previousPredicate.test(operation, objectProperties, subject);
+ return (value instanceof String) && ((String)
value).startsWith(_prefix);
}
- @Override
- RulePredicate copy(RulePredicate subPredicate)
- {
- return new WildCard(this, subPredicate);
- }
}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/AbstractFirewallRuleImpl.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/AbstractFirewallRuleImpl.java
index 9792b10..e335b2f 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/AbstractFirewallRuleImpl.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/AbstractFirewallRuleImpl.java
@@ -21,34 +21,17 @@ package org.apache.qpid.server.security.access.firewall;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
-import java.util.Objects;
import javax.security.auth.Subject;
import org.apache.qpid.server.connection.ConnectionPrincipal;
-import org.apache.qpid.server.security.access.config.LegacyOperation;
-import org.apache.qpid.server.security.access.config.ObjectProperties;
-import org.apache.qpid.server.security.access.config.predicates.RulePredicate;
+import org.apache.qpid.server.security.access.config.FirewallRule;
abstract class AbstractFirewallRuleImpl implements FirewallRule
{
- private final RulePredicate _previousPredicate;
-
AbstractFirewallRuleImpl()
{
super();
- _previousPredicate = RulePredicate.any();
- }
-
- AbstractFirewallRuleImpl(RulePredicate previousPredicate)
- {
- _previousPredicate = Objects.requireNonNull(previousPredicate);
- }
-
- @Override
- public boolean test(LegacyOperation operation, ObjectProperties
objectProperties, Subject subject)
- {
- return matches(subject) && _previousPredicate.test(operation,
objectProperties, subject);
}
@Override
@@ -65,17 +48,6 @@ abstract class AbstractFirewallRuleImpl implements
FirewallRule
return true;
}
- @Override
- public RulePredicate and(RulePredicate other)
- {
- if (other instanceof Any)
- {
- return this;
- }
- return copy(_previousPredicate.and(other));
- }
-
abstract boolean matches(InetAddress addressOfClient);
- abstract RulePredicate copy(RulePredicate subPredicate);
}
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRuleFactory.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRuleFactory.java
index dcb3273..d0f632a 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRuleFactory.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/FirewallRuleFactory.java
@@ -20,6 +20,8 @@ package org.apache.qpid.server.security.access.firewall;
import java.util.Collection;
+import org.apache.qpid.server.security.access.config.FirewallRule;
+
public class FirewallRuleFactory
{
public FirewallRule createForHostname(Collection<String> hostnames)
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/HostnameFirewallRule.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/HostnameFirewallRule.java
index 38397bd..d382829 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/HostnameFirewallRule.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/HostnameFirewallRule.java
@@ -36,8 +36,6 @@ import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.regex.Pattern;
-import org.apache.qpid.server.security.access.config.predicates.RulePredicate;
-
public class HostnameFirewallRule extends AbstractFirewallRuleImpl
{
private static final Logger LOGGER =
LoggerFactory.getLogger(HostnameFirewallRule.class);
@@ -67,13 +65,6 @@ public class HostnameFirewallRule extends
AbstractFirewallRuleImpl
LOGGER.debug("Created {}", this);
}
- private HostnameFirewallRule(HostnameFirewallRule rule, RulePredicate
subPredicate)
- {
- super(subPredicate);
- _hostnames = rule._hostnames;
- _hostnamePatterns = rule._hostnamePatterns;
- }
-
@Override
boolean matches(InetAddress remote)
{
@@ -94,12 +85,6 @@ public class HostnameFirewallRule extends
AbstractFirewallRuleImpl
return false;
}
- @Override
- RulePredicate copy(RulePredicate subPredicate)
- {
- return new HostnameFirewallRule(this, subPredicate);
- }
-
/**
* @param remote the InetAddress to look up
* @return the hostname, null if not found, takes longer than
diff --git
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/NetworkFirewallRule.java
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/NetworkFirewallRule.java
index 9ac26c1..118c5ac 100644
---
a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/NetworkFirewallRule.java
+++
b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/firewall/NetworkFirewallRule.java
@@ -25,8 +25,6 @@ import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
-import org.apache.qpid.server.security.access.config.predicates.RulePredicate;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -34,7 +32,7 @@ public class NetworkFirewallRule extends
AbstractFirewallRuleImpl
{
private static final Logger LOGGER =
LoggerFactory.getLogger(NetworkFirewallRule.class);
- private Set<InetNetwork> _networks = new HashSet<>();
+ private final Set<InetNetwork> _networks = new HashSet<>();
public NetworkFirewallRule(String... networks)
{
@@ -58,12 +56,6 @@ public class NetworkFirewallRule extends
AbstractFirewallRuleImpl
LOGGER.debug("Created {}", this);
}
- private NetworkFirewallRule(NetworkFirewallRule rule, RulePredicate
subPredicate)
- {
- super(subPredicate);
- _networks = rule._networks;
- }
-
@Override
boolean matches(InetAddress ip)
{
@@ -80,12 +72,6 @@ public class NetworkFirewallRule extends
AbstractFirewallRuleImpl
}
@Override
- RulePredicate copy(RulePredicate subPredicate)
- {
- return new NetworkFirewallRule(this, subPredicate);
- }
-
- @Override
public boolean equals(final Object o)
{
if (this == o)
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclFileParserTest.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclFileParserTest.java
index 9d786f3..247e569 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclFileParserTest.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclFileParserTest.java
@@ -38,8 +38,6 @@ import org.mockito.Mockito;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.logging.EventLoggerProvider;
import org.apache.qpid.server.security.Result;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicates;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicatesBuilder;
import org.apache.qpid.test.utils.UnitTestBase;
public class AclFileParserTest extends UnitTestBase
@@ -642,16 +640,6 @@ public class AclFileParserTest extends UnitTestBase
}
@Test
- public void testDynamicRuleParsing() throws Exception
- {
- validateRule(writeACLConfig("ACL ALLOW all ACCESS VIRTUALHOST
connection_limit=10 connection_frequency_limit=12"),
- Rule.ALL,
- LegacyOperation.ACCESS,
- ObjectType.VIRTUALHOST,
- EMPTY);
- }
-
- @Test
public void testBrokerRuleParsing() throws Exception
{
validateRule(writeACLConfig("ACL ALLOW user1 CONFIGURE BROKER"),
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicatesTest.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclRulePredicatesTest.java
similarity index 94%
rename from
broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicatesTest.java
rename to
broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclRulePredicatesTest.java
index 2880b6d..91343fe 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/AclRulePredicatesTest.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/AclRulePredicatesTest.java
@@ -16,15 +16,18 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.qpid.server.security.access.config.predicates;
+package org.apache.qpid.server.security.access.config;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
+import org.apache.qpid.server.security.access.config.AclRulePredicates;
+import org.apache.qpid.server.security.access.config.AclRulePredicatesBuilder;
import org.apache.qpid.server.security.access.config.Property;
-import org.apache.qpid.server.security.access.firewall.FirewallRule;
+import org.apache.qpid.server.security.access.config.FirewallRule;
+import
org.apache.qpid.server.security.access.config.predicates.TestFirewallRule;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
import org.apache.qpid.test.utils.UnitTestBase;
@@ -36,8 +39,6 @@ import org.mockito.internal.util.collections.Sets;
import static
org.apache.qpid.server.security.access.config.Property.ATTRIBUTES;
import static org.apache.qpid.server.security.access.config.Property.CLASS;
-import static
org.apache.qpid.server.security.access.config.Property.CONNECTION_FREQUENCY_LIMIT;
-import static
org.apache.qpid.server.security.access.config.Property.CONNECTION_LIMIT;
import static org.apache.qpid.server.security.access.config.Property.DURABLE;
import static
org.apache.qpid.server.security.access.config.Property.FROM_HOSTNAME;
import static
org.apache.qpid.server.security.access.config.Property.FROM_NETWORK;
@@ -104,20 +105,6 @@ public class AclRulePredicatesTest extends UnitTestBase
}
@Test
- public void testParseConnectionLimitRule()
- {
- final String limit = "20";
- _builder.parse(CONNECTION_LIMIT.name(),
limit).build(_firewallRuleFactory);
- }
-
- @Test
- public void testParseConnectionFrequencyLimitRule()
- {
- final String limit = "20";
- _builder.parse(CONNECTION_FREQUENCY_LIMIT.name(),
limit).build(_firewallRuleFactory);
- }
-
- @Test
public void testParseThrowsExceptionIfBothHostnameAndNetworkSpecified()
{
_builder.parse(FROM_NETWORK.name(), "network1,network2");
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControlTest.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControlTest.java
index eb9e86c..8b6702f 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControlTest.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleBasedAccessControlTest.java
@@ -33,8 +33,6 @@ import org.apache.qpid.server.logging.EventLoggerProvider;
import org.apache.qpid.server.logging.UnitTestMessageLogger;
import org.apache.qpid.server.model.BrokerModel;
import org.apache.qpid.server.security.Result;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicates;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicatesBuilder;
import org.apache.qpid.server.security.access.plugins.RuleOutcome;
import org.apache.qpid.server.security.auth.TestPrincipalUtils;
import org.apache.qpid.server.transport.AMQPConnection;
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleSetTest.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleSetTest.java
index e2eb404..af2f643 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleSetTest.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleSetTest.java
@@ -35,7 +35,6 @@ import org.junit.Test;
import org.apache.qpid.server.logging.EventLoggerProvider;
import org.apache.qpid.server.security.Result;
import org.apache.qpid.server.security.access.config.Rule.Builder;
-import
org.apache.qpid.server.security.access.config.predicates.AclRulePredicatesBuilder;
import org.apache.qpid.server.security.access.plugins.RuleOutcome;
import org.apache.qpid.server.security.auth.TestPrincipalUtils;
import org.apache.qpid.test.utils.UnitTestBase;
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleTest.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleTest.java
index 546f275..f04d3ba 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleTest.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/RuleTest.java
@@ -24,7 +24,6 @@ import java.util.Map;
import javax.security.auth.Subject;
-import org.apache.qpid.server.security.access.firewall.FirewallRule;
import org.apache.qpid.server.security.access.firewall.FirewallRuleFactory;
import org.apache.qpid.server.security.access.plugins.RuleOutcome;
import org.apache.qpid.server.security.auth.TestPrincipalUtils;
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/TestFirewallRule.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/TestFirewallRule.java
index dfb6139..b04c8e5 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/TestFirewallRule.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/config/predicates/TestFirewallRule.java
@@ -20,7 +20,7 @@ package
org.apache.qpid.server.security.access.config.predicates;
import javax.security.auth.Subject;
-import org.apache.qpid.server.security.access.firewall.FirewallRule;
+import org.apache.qpid.server.security.access.config.FirewallRule;
public class TestFirewallRule implements FirewallRule
{
diff --git
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/firewall/FirewallRuleTest.java
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/firewall/FirewallRuleTest.java
index b2ecce4..793839e 100644
---
a/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/firewall/FirewallRuleTest.java
+++
b/broker-plugins/access-control/src/test/java/org/apache/qpid/server/security/access/firewall/FirewallRuleTest.java
@@ -23,9 +23,10 @@ import java.util.Collections;
import javax.security.auth.Subject;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.security.access.config.FirewallRule;
import org.apache.qpid.server.security.access.config.LegacyOperation;
import org.apache.qpid.server.security.access.config.ObjectProperties;
-import org.apache.qpid.server.security.access.config.predicates.RulePredicate;
+import org.apache.qpid.server.security.access.config.RulePredicate;
import org.apache.qpid.server.security.auth.UsernamePrincipal;
import org.apache.qpid.test.utils.UnitTestBase;
@@ -44,21 +45,21 @@ public class FirewallRuleTest extends UnitTestBase
final FirewallRule rule1 = s -> s.equals(subject);
final FirewallRule rule2 = s -> s.equals(subject);
- assertTrue(rule1.and(rule2).test(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
- assertTrue(rule2.and(rule1).test(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+ assertTrue(rule1.and(rule2).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+ assertTrue(rule2.and(rule1).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
- assertTrue(rule1.and(RulePredicate.any()).test(LegacyOperation.ACCESS,
new ObjectProperties(), subject));
- assertTrue(RulePredicate.any().and(rule2).test(LegacyOperation.ACCESS,
new ObjectProperties(), subject));
+
assertTrue(rule1.and(RulePredicate.any()).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+
assertTrue(RulePredicate.any().and(rule2).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
final Subject anotherSubject = new Subject(false,
Collections.singleton(new UsernamePrincipal("name",
Mockito.mock(AuthenticationProvider.class))),
Collections.emptySet(),
Collections.emptySet());
- assertFalse(rule1.and(rule2).test(LegacyOperation.ACCESS, new
ObjectProperties(),anotherSubject));
- assertFalse(rule2.and(rule1).test(LegacyOperation.ACCESS, new
ObjectProperties(),anotherSubject));
+ assertFalse(rule1.and(rule2).matches(LegacyOperation.ACCESS, new
ObjectProperties(), anotherSubject));
+ assertFalse(rule2.and(rule1).matches(LegacyOperation.ACCESS, new
ObjectProperties(), anotherSubject));
-
assertFalse(rule1.and(RulePredicate.any()).test(LegacyOperation.ACCESS, new
ObjectProperties(), anotherSubject));
-
assertFalse(RulePredicate.any().and(rule1).test(LegacyOperation.ACCESS, new
ObjectProperties(), anotherSubject));
+
assertFalse(rule1.and(RulePredicate.any()).matches(LegacyOperation.ACCESS, new
ObjectProperties(), anotherSubject));
+
assertFalse(RulePredicate.any().and(rule1).matches(LegacyOperation.ACCESS, new
ObjectProperties(), anotherSubject));
}
@Test
@@ -68,11 +69,11 @@ public class FirewallRuleTest extends UnitTestBase
final FirewallRule rule1 = s -> s.equals(subject);
final FirewallRule rule2 = s -> !s.equals(subject);
- assertFalse(rule1.and(rule2).test(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
- assertFalse(rule2.and(rule1).test(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+ assertFalse(rule1.and(rule2).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+ assertFalse(rule2.and(rule1).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
-
assertFalse(RulePredicate.any().and(rule2).test(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
-
assertFalse(rule2.and(RulePredicate.any()).test(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+
assertFalse(RulePredicate.any().and(rule2).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
+
assertFalse(rule2.and(RulePredicate.any()).matches(LegacyOperation.ACCESS, new
ObjectProperties(), subject));
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org
