|
23 | 23 |
|
24 | 24 | -export([description/0, p/1, q/1, join_tags/1]). |
25 | 25 | -export([user_login_authentication/2, user_login_authorization/2, |
26 | | - check_vhost_access/3, check_resource_access/3, check_topic_access/4]). |
| 26 | + check_vhost_access/3, check_resource_access/4, check_topic_access/4]). |
27 | 27 |
|
28 | 28 | %% If keepalive connection is closed, retry N times before failing. |
29 | 29 | -define(RETRY_ON_KEEPALIVE_CLOSED, 3). |
@@ -58,21 +58,25 @@ user_login_authorization(Username, AuthProps) -> |
58 | 58 | Else -> Else |
59 | 59 | end. |
60 | 60 |
|
61 | | -check_vhost_access(#auth_user{username = Username, tags = Tags}, VHost, #{peeraddr := PeerAddr}) -> |
| 61 | +check_vhost_access(#auth_user{username = Username, tags = Tags}, VHost, AuthzData = #{peeraddr := PeerAddr}) -> |
| 62 | + AuthzData1 = maps:remove(peeraddr, AuthzData), |
| 63 | + OptionsParameters = context_as_parameters(AuthzData1), |
62 | 64 | bool_req(vhost_path, [{username, Username}, |
63 | 65 | {vhost, VHost}, |
64 | 66 | {ip, parse_peeraddr(PeerAddr)}, |
65 | | - {tags, join_tags(Tags)}]). |
| 67 | + {tags, join_tags(Tags)}] ++ OptionsParameters). |
66 | 68 |
|
67 | 69 | check_resource_access(#auth_user{username = Username, tags = Tags}, |
68 | 70 | #resource{virtual_host = VHost, kind = Type, name = Name}, |
69 | | - Permission) -> |
| 71 | + Permission, |
| 72 | + AuthzContext) -> |
| 73 | + OptionsParameters = context_as_parameters(AuthzContext), |
70 | 74 | bool_req(resource_path, [{username, Username}, |
71 | 75 | {vhost, VHost}, |
72 | 76 | {resource, Type}, |
73 | 77 | {name, Name}, |
74 | 78 | {permission, Permission}, |
75 | | - {tags, join_tags(Tags)}]). |
| 79 | + {tags, join_tags(Tags)}] ++ OptionsParameters). |
76 | 80 |
|
77 | 81 | check_topic_access(#auth_user{username = Username, tags = Tags}, |
78 | 82 | #resource{virtual_host = VHost, kind = topic = Type, name = Name}, |
|
0 commit comments