chore: rename acl to permissions

SharksT · SharksT · commit 6f9926d65189 · 2025-01-27T20:43:51.000-03:00
diff --git a/src/cli/run.rs b/src/cli/run.rs
@@ -5,8 +5,8 @@ use tashi_collections::HashMap;
 
 use crate::cli::LogFormat;
 use crate::config;
-use crate::config::acl::AclConfig;
 use crate::config::addresses::Addresses;
+use crate::config::permissions::PermissionsConfig;
 use crate::config::users::{AuthConfig, UsersConfig};
 use crate::mqtt::broker::{self, MqttBroker};
 use crate::mqtt::{KeepAlive, TceState};
@@ -182,7 +182,7 @@ impl SecretKeyOpt {
 
 pub fn main(args: RunArgs) -> crate::Result<()> {
     let mut users = config::users::read(&args.config_dir.join("users.toml"))?;
-    let acl = config::acl::read(&args.config_dir.join("acl.toml"))?;
+    let acl = config::permissions::read(&args.config_dir.join("permissions.toml"))?;
 
     // Merge any auth overrides from the command-line.
     users.auth.merge(&args.auth_config);
@@ -271,7 +271,7 @@ pub fn main(args: RunArgs) -> crate::Result<()> {
 async fn main_async(
     args: RunArgs,
     users: UsersConfig,
-    acl_config: AclConfig,
+    permissions_config: PermissionsConfig,
     tce_config: Option<TceConfig>,
     tls_config: Option<broker::TlsConfig>,
     ws_config: Option<WsConfig>,
@@ -301,7 +301,7 @@ async fn main_async(
         tls_config,
         ws_config,
         users,
-        acl_config,
+        permissions_config,
         tce,
         KeepAlive::from_seconds(args.max_keep_alive),
     )
diff --git a/src/config/mod.rs b/src/config/mod.rs
@@ -3,8 +3,8 @@ use serde::de::DeserializeOwned;
 use std::path::Path;
 use std::{fs, io};
 
-pub mod acl;
 pub mod addresses;
+pub mod permissions;
 pub mod users;
 
 fn read_toml<T: DeserializeOwned>(name: &str, path: &Path) -> crate::Result<T> {
diff --git a/src/config/permissions.rs b/src/config/permissions.rs
@@ -5,7 +5,7 @@ use tashi_collections::HashMap;
 use crate::mqtt::trie::Filter;
 
 #[derive(serde::Deserialize, Default)]
-pub struct AclConfig {
+pub struct PermissionsConfig {
     #[serde(default)]
     pub permissions: HashMap<String, TopicsConfig>,
 }
@@ -40,7 +40,7 @@ pub enum TransactionType {
     Publish,
 }
 
-impl AclConfig {
+impl PermissionsConfig {
     pub fn get_topics_acl_config(&self, user: &str) -> Option<&TopicsConfig> {
         match self.permissions.get(user) {
             Some(permission) => Some(permission),
@@ -68,13 +68,15 @@ impl AclConfig {
     }
 }
 
-pub fn read(path: &Path) -> crate::Result<AclConfig> {
-    Ok(super::read_toml_optional("acl", path)?.unwrap_or_else(|| {
-        tracing::debug!(
-            "acl file not found at {}; any user can do anything with the topics.",
-            path.display()
-        );
+pub fn read(path: &Path) -> crate::Result<PermissionsConfig> {
+    Ok(
+        super::read_toml_optional("permissions", path)?.unwrap_or_else(|| {
+            tracing::debug!(
+                "permissions file not found at {}; any user can do anything with the topics.",
+                path.display()
+            );
 
-        AclConfig::default()
-    }))
+            PermissionsConfig::default()
+        }),
+    )
 }
diff --git a/src/mqtt/broker/mod.rs b/src/mqtt/broker/mod.rs
@@ -21,7 +21,7 @@ use connection::Connection;
 use rumqttd_protocol::QoS;
 
 use crate::cli::run::WsConfig;
-use crate::config::acl::AclConfig;
+use crate::config::permissions::PermissionsConfig;
 use crate::config::users::UsersConfig;
 use crate::mqtt::broker::socket::{DirectSocket, MqttSocket};
 use crate::mqtt::broker::tls::TlsAcceptor;
@@ -178,7 +178,7 @@ impl MqttBroker {
         tls_config: Option<TlsConfig>,
         ws_config: Option<WsConfig>,
         users: UsersConfig,
-        acl_config: AclConfig,
+        permissions_config: PermissionsConfig,
         tce: Option<TceState>,
         max_keep_alive: KeepAlive,
     ) -> crate::Result<Self> {
@@ -210,7 +210,7 @@ impl MqttBroker {
 
         let tce_platform = tce.as_ref().map(|tce| tce.platform.clone());
 
-        let router = MqttRouter::start(tce, token.clone(), acl_config);
+        let router = MqttRouter::start(tce, token.clone(), permissions_config);
 
         Ok(MqttBroker {
             listen_addr,
diff --git a/src/mqtt/router.rs b/src/mqtt/router.rs
@@ -23,7 +23,7 @@ use tracing::{Instrument, Span};
 
 use rumqttd_protocol::{QoS, RetainForwardRule, SubscribeReasonCode, UnsubAckReason};
 
-use crate::config::acl::AclConfig;
+use crate::config::permissions::PermissionsConfig;
 use crate::map_join_error;
 use crate::mqtt::mailbox::MailSender;
 use crate::mqtt::packets::PacketId;
@@ -78,7 +78,11 @@ pub struct TceState {
 }
 
 impl MqttRouter {
-    pub fn start(tce: Option<TceState>, token: CancellationToken, acl: AclConfig) -> Self {
+    pub fn start(
+        tce: Option<TceState>,
+        token: CancellationToken,
+        permissions: PermissionsConfig,
+    ) -> Self {
         let (command_tx, command_rx) = mpsc::channel(COMMAND_CAPACITY);
 
         let (system_tx, system_rx) = mpsc::unbounded_channel();
@@ -89,7 +93,7 @@ impl MqttRouter {
 
         let state = RouterState {
             token,
-            acl,
+            permissions,
             clients: SecondaryMap::new(),
             dead_clients: HashSet::default(),
             subscriptions: Subscriptions::default(),
@@ -339,7 +343,7 @@ struct RouterState {
     clients: SecondaryMap<ClientIndex, ClientState>,
     dead_clients: HashSet<ClientIndex>,
 
-    acl: AclConfig,
+    permissions: PermissionsConfig,
 
     subscriptions: Subscriptions,
     command_rx: mpsc::Receiver<(ClientIndex, RouterCommand)>,
@@ -686,7 +690,7 @@ fn handle_subscribe(state: &mut RouterState, client_idx: ClientIndex, request: S
         return;
     };
 
-    let permissions = state.acl.get_topics_acl_config(&client.user);
+    let permissions = state.permissions.get_topics_acl_config(&client.user);
 
     // if state.connections[conn_id].message_tx.is_closed() {
     //     return;
@@ -704,10 +708,10 @@ fn handle_subscribe(state: &mut RouterState, client_idx: ClientIndex, request: S
                 // as they would have failed validation on the frontend.
                 .ok_or(SubscribeReasonCode::Unspecified)
                 .and_then(|(filter, props)| {
-                    if !state.acl.check_acl_config(
+                    if !state.permissions.check_acl_config(
                         permissions,
                         filter.as_str(),
-                        crate::config::acl::TransactionType::Subscribe,
+                        crate::config::permissions::TransactionType::Subscribe,
                     ) {
                         Err(SubscribeReasonCode::NotAuthorized)?
                     }
@@ -1009,12 +1013,12 @@ fn dispatch(state: &mut RouterState, publish: Arc<PublishTrasaction>, origin: Pu
             return;
         };
 
-        let topics_config = state.acl.get_topics_acl_config(&client.user);
+        let topics_config = state.permissions.get_topics_acl_config(&client.user);
 
-        if !state.acl.check_acl_config(
+        if !state.permissions.check_acl_config(
             topics_config,
             &publish.topic,
-            crate::config::acl::TransactionType::Publish,
+            crate::config::permissions::TransactionType::Publish,
         ) {
             return;
         }
diff --git a/tests/foxmq.d/acl.toml b/tests/foxmq.d/acl.toml
