fixups for PR comments

2026-04-02 03:38:42 -07:00 · 2016-06-17 09:59:39 -07:00
parent 49e5dfd797
commit 67ed61c837
7 changed files with 10 additions and 8 deletions
--- a/TODO.md
+++ b/TODO.md
@@ -1,6 +1,7 @@

 # General

+- [ ] Blacklist or ERR escalation to close connection for auth/permissions
 - [ ] Protocol updates, MAP, MPUB, etc
 - [ ] Multiple listen endpoints
 - [ ] Websocket / HTTP2 strategy
--- a/server/client.go
+++ b/server/client.go
@@ -171,6 +171,7 @@ func (c *client) RegisterUser(user *User) {
 	c.mu.Lock()
 	defer c.mu.Unlock()

+	// Pre-allocate all to simplify checks later.
 	c.perms = &permissions{}
 	c.perms.sub = NewSublist()
 	c.perms.pub = NewSublist()
@@ -641,7 +642,7 @@ func (c *client) processSub(argo []byte) (err error) {
 	}

 	// Check permissions if applicable.
-	if c.perms != nil && c.perms.sub != nil {
+	if c.perms != nil {
 		r := c.perms.sub.Match(string(sub.subject))
 		if len(r.psubs) == 0 {
 			c.mu.Unlock()
@@ -884,7 +885,7 @@ func (c *client) processMsg(msg []byte) {
 	}

 	// Check if published subject is allowed if we have permissions in place.
-	if c.perms != nil && c.perms.pub != nil {
+	if c.perms != nil {
 		allowed, ok := c.perms.pcache[string(c.pa.subject)]
 		if ok && !allowed {
 			c.pubPermissionViolation(c.pa.subject)
--- a/server/errors.go
+++ b/server/errors.go
@@ -17,6 +17,6 @@ var (
 	// ErrMaxPayload represents an error condition when the payload is too big.
 	ErrMaxPayload = errors.New("Maximum Payload Exceeded")

-	// ErrReservedPublish represents an error condition when the payload is too big.
+	// ErrReservedPublishSubject represents an error condition when sending to a reserved subject, e.g. _SYS.>
 	ErrReservedPublishSubject = errors.New("Reserved Internal Subject")
 )
--- a/server/opts.go
+++ b/server/opts.go
@@ -78,7 +78,7 @@ type Options struct {
 	TLSConfig          *tls.Config   `json:"-"`
 }

-// Configuration file  quthorization section.
+// Configuration file authorization section.
 type authorization struct {
 	// Singles
 	user string
@@ -442,7 +442,7 @@ func parseSubjects(v interface{}) ([]string, error) {
 		for _, i := range v.([]interface{}) {
 			subject, ok := i.(string)
 			if !ok {
-				return nil, fmt.Errorf("Subject in permissions array can not be cast to string")
+				return nil, fmt.Errorf("Subject in permissions array cannot be cast to string")
 			}
 			subjects = append(subjects, subject)
 		}
--- a/server/opts_test.go
+++ b/server/opts_test.go
@@ -399,7 +399,7 @@ func TestMultipleUsersConfig(t *testing.T) {
 }

 // Test highly depends on contents of the config file listed below. Any changes to that file
-// may very weel break this test.
+// may very well break this test.
 func TestAuthorizationConfig(t *testing.T) {
 	opts, err := ProcessConfigFile("./configs/authorization.conf")
 	if err != nil {
--- a/test/client_auth_test.go
+++ b/test/client_auth_test.go
@@ -44,7 +44,7 @@ func TestMultipleUserAuth(t *testing.T) {

 	nc, err = nats.Connect(url)
 	if err != nil {
-		t.Fatalf("Expected a succesful connect, got %v\n", err)
+		t.Fatalf("Expected a successful connect, got %v\n", err)
 	}
 	defer nc.Close()
 }
--- a/test/configs/authorization.conf
+++ b/test/configs/authorization.conf
@@ -34,7 +34,7 @@ authorization {
  # Just foo for testing
  PASS: $2a$10$UHR6GhotWhpLsKtVP0/i6.Nh9.fuY73cWjLoJjb2sKT8KISBcUW5q

-  # Users listed with persmissions.
+  # Users listed with permissions.
  users = [
    {user: alice, password: $PASS, permissions: $ADMIN}
    {user: bob,   password: $PASS, permissions: $REQUESTOR}