From b0cff47b5b9e8037fb09e28fcfa082c3d0f96525 Mon Sep 17 00:00:00 2001
From: Wiebe Cazemier <wiebe@halfgaar.net>
Date: Mon, 2 Aug 2021 21:32:07 +0200
Subject: [PATCH] Support lack of subscribe ACL in Mosquitto files

---
 authplugin.cpp | 8 ++++++++
 1 file changed, 8 insertions(+), 0 deletions(-)

diff --git a/authplugin.cpp b/authplugin.cpp
index 8d269d1..79cc88d 100644
--- a/authplugin.cpp
+++ b/authplugin.cpp
@@ -294,6 +294,10 @@ AuthResult Authentication::aclCheck(const std::string &clientid, const std::stri
 
     if (pluginVersion == PluginVersion::MosquittoV2)
     {
+        // We have to do this, because Mosquitto plugin v2 has no notion of checking subscribes.
+        if (access == AclAccess::subscribe)
+            return AuthResult::success;
+
         int result = acl_check_v2(pluginData, clientid.c_str(), username.c_str(), topic.c_str(), static_cast<int>(access));
         AuthResult result_ = static_cast<AuthResult>(result);
 
@@ -547,6 +551,10 @@ AuthResult Authentication::aclCheckFromMosquittoAclFile(const std::string &clien
     if (this->mosquittoAclFile.empty())
         return AuthResult::success;
 
+    // We have to do this because the Mosquitto ACL file has no notion of checking subscribes.
+    if (access == AclAccess::subscribe)
+        return AuthResult::success;
+
     AclGrant ag = access == AclAccess::write ? AclGrant::Write : AclGrant::Read;
     AuthResult result = aclTree.findPermission(subtopics, ag, username, clientid);
     return result;
--
libgit2 0.21.4