[rabbitmq-discuss] Missing ^ on access control doc page regex example?
James Gardner
james.gardner at noaa.gov
Mon Mar 18 22:02:53 GMT 2013
Thanks, but...I just tested this and if you set, say, the config
permission using the regex in the example:
^amq\.gen.*|amq\.default$
it will allow me to create a queue, for example, with the name:
testamq.default
so it is clearly not equivalent to
'^(amq\.gen.*|amq\.default)$'
which does /not/ allow me to create the above queue.
Again, although granting someone permission as in that particular doc
example is unlikely to accidentally grant permission since the entity
would have to be named <something>amq.default, it is still a misleading
example to give to people who might use that pattern to form other more
dangerously permissive regex's, under the false assumption that later
alternations are anchored at the beginning.
On 03/18/2013 12:04 PM, Emile Joubert wrote:
> Hi James,
>
> On 18/03/13 16:22, James Gardner wrote:
>> In the RabbitMQ.com documentation, under Access Control, paragraph six,
>> it gives this as an example of a regex:
>> '^amq\.gen.*|amq\.default$'
> The regular expression syntax and semantics available in RabbitMQ
> resemble those of Perl and is based on PCRE. In that flavour of RE the
> example is correct - the alternate options are all subject to the
> anchors while matching.
>
>> Shouldn't it be
>> '^(amq\.gen.*|amq\.default)$'
> The expression is already equivalent to this one.
>
>
>
> -Emile
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130318/341c0a41/attachment.htm>
More information about the rabbitmq-discuss
mailing list