Commit e6224fd3003a49e575aea2a3fd375cb02346ba82
Committed by
Wiebe Cazemier
Wiebe Cazemier
1 parent
541ef599
Some small docstring tweaks
Showing
2 changed files
with
9 additions
and
5 deletions
acltree.cpp
| @@ -202,13 +202,13 @@ void AclTree::findPermissionRecursive(std::vector<std::string>::const_iterator c | @@ -202,13 +202,13 @@ void AclTree::findPermissionRecursive(std::vector<std::string>::const_iterator c | ||
| 202 | } | 202 | } |
| 203 | 203 | ||
| 204 | /** | 204 | /** |
| 205 | - * @brief AclTree::findPermission tests permissions as loaded from the Mosquitto acl_file. | 205 | + * @brief AclTree::findPermission tests permissions as loaded from the Mosquitto-compatible acl_file. |
| 206 | * @param subtopicsPublish | 206 | * @param subtopicsPublish |
| 207 | - * @param access | ||
| 208 | - * @param username | 207 | + * @param access Whether to test read access or write access (`AclGrant::Read` or `AclGrant::Write` respectively). |
| 208 | + * @param username The user to test permission for. | ||
| 209 | * @return | 209 | * @return |
| 210 | * | 210 | * |
| 211 | - * It's behaves like Mosquitto's ACL file. Some of that behavior is a bit limited, but sticking to it for compatability: | 211 | + * It behaves like Mosquitto's ACL file. Some of that behavior is a bit limited, but sticking to it for compatability: |
| 212 | * | 212 | * |
| 213 | * - If your user is authenticated, there must a user specific definition for that user; it won't fall back on anonymous ACLs. | 213 | * - If your user is authenticated, there must a user specific definition for that user; it won't fall back on anonymous ACLs. |
| 214 | * - You can't combine ACLs, like 'all clients read bla/#' and add 'user john readwrite bla/#. User specific ACLs don't add | 214 | * - You can't combine ACLs, like 'all clients read bla/#' and add 'user john readwrite bla/#. User specific ACLs don't add |
acltree.h
| @@ -26,12 +26,16 @@ enum class AclTopicType | @@ -26,12 +26,16 @@ enum class AclTopicType | ||
| 26 | 26 | ||
| 27 | AclGrant stringToAclGrant(const std::string &s); | 27 | AclGrant stringToAclGrant(const std::string &s); |
| 28 | 28 | ||
| 29 | +/** | ||
| 30 | + * @brief Permissions for an MQTT topic path is a tree of `AclNode`s. Topic paths are broken up and matched down the tree. A '#' wildcard will match | ||
| 31 | + * all following subtopics, so therefore '#' is a 'grant', not a 'child'. | ||
| 32 | + */ | ||
| 29 | class AclNode | 33 | class AclNode |
| 30 | { | 34 | { |
| 31 | bool empty = false; | 35 | bool empty = false; |
| 32 | 36 | ||
| 33 | std::unordered_map<std::string, std::unique_ptr<AclNode>> children; | 37 | std::unordered_map<std::string, std::unique_ptr<AclNode>> children; |
| 34 | - std::unique_ptr<AclNode> childrenPlus; | 38 | + std::unique_ptr<AclNode> childrenPlus; // The + sign in MQTT represents a single-level wildcard |
| 35 | 39 | ||
| 36 | std::vector<AclGrant> grants; | 40 | std::vector<AclGrant> grants; |
| 37 | std::vector<AclGrant> grantsPound; // The # sign. This is short-hand for avoiding one memory access though a layer of std::unique_ptr<AclNode> | 41 | std::vector<AclGrant> grantsPound; // The # sign. This is short-hand for avoiding one memory access though a layer of std::unique_ptr<AclNode> |