From b3c0906a9f996135c8204feeb34415a96f720fb6 Mon Sep 17 00:00:00 2001 From: Oussama Teffahi Date: Tue, 23 Jul 2024 16:48:14 +0200 Subject: [PATCH] Specify all existing message types in ACL interceptor matching --- .../net/routing/interceptor/access_control.rs | 78 ++++++++++++++++++- 1 file changed, 75 insertions(+), 3 deletions(-) diff --git a/zenoh/src/net/routing/interceptor/access_control.rs b/zenoh/src/net/routing/interceptor/access_control.rs index 2af9648ba5..a71d301260 100644 --- a/zenoh/src/net/routing/interceptor/access_control.rs +++ b/zenoh/src/net/routing/interceptor/access_control.rs @@ -26,7 +26,7 @@ use zenoh_config::{ }; use zenoh_protocol::{ core::ZenohIdProto, - network::{Declare, DeclareBody, NetworkBody, NetworkMessage, Push, Request}, + network::{Declare, DeclareBody, NetworkBody, NetworkMessage, Push, Request, Response}, zenoh::{PushBody, RequestBody}, }; use zenoh_result::ZResult; @@ -284,7 +284,43 @@ impl InterceptorTrait for IngressAclEnforcer { return None; } } - _ => {} + // Unfiltered Delete messages + NetworkBody::Push(Push { + payload: PushBody::Del(_), + .. + }) => {} + // Unfiltered Declare messages + NetworkBody::Declare(Declare { + body: DeclareBody::DeclareKeyExpr(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::DeclareFinal(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::DeclareToken(_), + .. + }) => {} + // Unfiltered Undeclare messages + NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareKeyExpr(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareToken(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareQueryable(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareSubscriber(_), + .. + }) => {} + // Unfiltered remaining message types + NetworkBody::Interest(_) | NetworkBody::OAM(_) | NetworkBody::ResponseFinal(_) => {} } Some(ctx) } @@ -358,7 +394,43 @@ impl InterceptorTrait for EgressAclEnforcer { return None; } } - _ => {} + // Unfiltered Delete messages + NetworkBody::Push(Push { + payload: PushBody::Del(_), + .. + }) => {} + // Unfiltered Declare messages + NetworkBody::Declare(Declare { + body: DeclareBody::DeclareKeyExpr(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::DeclareFinal(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::DeclareToken(_), + .. + }) => {} + // Unfiltered Undeclare messages + NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareKeyExpr(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareToken(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareQueryable(_), + .. + }) + | NetworkBody::Declare(Declare { + body: DeclareBody::UndeclareSubscriber(_), + .. + }) => {} + // Unfiltered remaining message types + NetworkBody::Interest(_) | NetworkBody::OAM(_) | NetworkBody::ResponseFinal(_) => {} } Some(ctx) }