search

jpmens / mosquitto-auth-plug

Authentication plugin for Mosquitto with multiple back-ends (MySQL, Redis, CDB, SQLite3)
Other
825 stars 496 forks source link

ACL issue (acc=4) #376

Closed oskouei closed 6 years ago

oskouei commented 6 years ago

Hello, I use Mosquitto 1.5.3 with Auth plugin (HTTP backend); The ACL check sends the value of "acc = 4" in the url arguments; however, the documentation states that this value should be 1 (sub) or 2 (pub); With a value of 4 for acc, ACL check return 403 response.

knutanderss commented 6 years ago

+1

knutanderss commented 6 years ago

We got around by changing the acl check (postgres) from (rw >= $2) to (rw >= $2 OR $2 = 4 AND rw >= 1).

jpmens commented 6 years ago

Mosquitto 1.5.4 with current git compile of auth plugin uses the constants provided by Mosquitto when performing ACL checks over HTTP: these correspond to what is documented: 1 on subscribe and 2 on publish.

jpmens commented 6 years ago

If the issue persists for you please submit a minimal, reproducible example.