collab/hmq
3
0
Fork 0
mirror of https://github.com/fhmq/hmq.git synced 2026-04-24 10:38:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Bugfix - authfile plugin did wrongly use username as IP and IP as username in ACL checks (#100)

Browse Source 
* adding test + fix issue with wrong order in acl check

* reduce to featureset from original fork
This commit is contained in:
turtletramp
2020-12-02 03:05:46 +01:00
committed by GitHub
parent 6cb307d252
commit 6be79cbe88
2 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/auth/authfile/acl.go
View File

@@ -19,5 +19,5 @@ func (a *aclAuth) CheckConnect(clientID, username, password string) bool {
} }
func (a *aclAuth) CheckACL(action, clientID, username, ip, topic string) bool { func (a *aclAuth) CheckACL(action, clientID, username, ip, topic string) bool {
return checkTopicAuth(a.config, action, username, ip, clientID, topic) return checkTopicAuth(a.config, action, ip, username, clientID, topic)
} }

23
plugins/auth/authfile/acl_test.go Normal file
View File

@@ -0,0 +1,23 @@
//+build test
package acl
import (
"os"
"testing"
"github.com/stretchr/testify/assert"
)
func TestOrigAcls(t *testing.T) {
pwd, _ := os.Getwd()
os.Chdir("../../../")
aclOrig := Init()
os.Chdir(pwd)
// rule: allow ip 127.0.0.1 2 $SYS/#
origAllowed := aclOrig.CheckACL(PUB, "dummyClientID", "dummyUser", "127.0.0.1", "$SYS/something")
assert.True(t, origAllowed)
origAllowed = aclOrig.CheckACL(SUB, "dummyClientID", "dummyUser", "127.0.0.1", "$SYS/something")
assert.False(t, origAllowed)
}