Skip to content

Commit

Permalink
Reorder message matching
Browse files Browse the repository at this point in the history
  • Loading branch information
@oteffahi
oteffahi committed Jul 24, 2024
1 parent bf7fb08 commit 8db19ec
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 30 deletions.
56 changes: 28 additions & 28 deletions zenoh/src/net/routing/interceptor/access_control.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,21 @@ impl InterceptorTrait for IngressAclEnforcer {
.or_else(|| ctx.full_expr());

match &ctx.msg.body {
NetworkBody::Request(Request {
payload: RequestBody::Query(_),
..
}) => {
if self.action(AclMessage::Query, "Query (ingress)", key_expr?) == Permission::Deny
{
return None;
}
}
NetworkBody::Response(Response { .. }) => {
if self.action(AclMessage::Reply, "Reply (ingress)", key_expr?) == Permission::Deny
{
return None;
}
}
NetworkBody::Push(Push {
payload: PushBody::Put(_),
..
Expand All @@ -253,15 +268,6 @@ impl InterceptorTrait for IngressAclEnforcer {
return None;
}
}
NetworkBody::Request(Request {
payload: RequestBody::Query(_),
..
}) => {
if self.action(AclMessage::Query, "Query (ingress)", key_expr?) == Permission::Deny
{
return None;
}
}
NetworkBody::Declare(Declare {
body: DeclareBody::DeclareSubscriber(_),
..
Expand All @@ -288,12 +294,6 @@ impl InterceptorTrait for IngressAclEnforcer {
return None;
}
}
NetworkBody::Response(Response { .. }) => {
if self.action(AclMessage::Reply, "Reply (ingress)", key_expr?) == Permission::Deny
{
return None;
}
}
// Unfiltered Declare messages
NetworkBody::Declare(Declare {
body: DeclareBody::DeclareKeyExpr(_),
Expand Down Expand Up @@ -352,6 +352,19 @@ impl InterceptorTrait for EgressAclEnforcer {
.or_else(|| ctx.full_expr());

match &ctx.msg.body {
NetworkBody::Request(Request {
payload: RequestBody::Query(_),
..
}) => {
if self.action(AclMessage::Query, "Query (egress)", key_expr?) == Permission::Deny {
return None;
}
}
NetworkBody::Response(Response { .. }) => {
if self.action(AclMessage::Reply, "Reply (egress)", key_expr?) == Permission::Deny {
return None;
}
}
NetworkBody::Push(Push {
payload: PushBody::Put(_),
..
Expand All @@ -369,14 +382,6 @@ impl InterceptorTrait for EgressAclEnforcer {
return None;
}
}
NetworkBody::Request(Request {
payload: RequestBody::Query(_),
..
}) => {
if self.action(AclMessage::Query, "Query (egress)", key_expr?) == Permission::Deny {
return None;
}
}
NetworkBody::Declare(Declare {
body: DeclareBody::DeclareSubscriber(_),
..
Expand All @@ -403,11 +408,6 @@ impl InterceptorTrait for EgressAclEnforcer {
return None;
}
}
NetworkBody::Response(Response { .. }) => {
if self.action(AclMessage::Reply, "Reply (egress)", key_expr?) == Permission::Deny {
return None;
}
}
// Unfiltered Declare messages
NetworkBody::Declare(Declare {
body: DeclareBody::DeclareKeyExpr(_),
Expand Down
4 changes: 2 additions & 2 deletions zenoh/src/net/routing/interceptor/authorization.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,21 +194,21 @@ impl ActionPolicy {
fn action(&self, action: AclMessage) -> &PermissionPolicy {
match action {
AclMessage::Query => &self.query,
AclMessage::Reply => &self.reply,
AclMessage::Put => &self.put,
AclMessage::Delete => &self.delete,
AclMessage::DeclareSubscriber => &self.declare_subscriber,
AclMessage::DeclareQueryable => &self.declare_queryable,
AclMessage::Reply => &self.reply,
}
}
fn action_mut(&mut self, action: AclMessage) -> &mut PermissionPolicy {
match action {
AclMessage::Query => &mut self.query,
AclMessage::Reply => &mut self.reply,
AclMessage::Put => &mut self.put,
AclMessage::Delete => &mut self.delete,
AclMessage::DeclareSubscriber => &mut self.declare_subscriber,
AclMessage::DeclareQueryable => &mut self.declare_queryable,
AclMessage::Reply => &mut self.reply,
}
}
}
Expand Down

0 comments on commit 8db19ec

Please sign in to comment.