forked from dgiot/dgiot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
acl.conf
41 lines (29 loc) · 1.16 KB
/
acl.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
%%--------------------------------------------------------------------
%% [ACL](https://docs.emqx.io/broker/v3/en/config.html)
%%
%% -type(who() :: all | binary() |
%% {ipaddr, esockd_access:cidr()} |
%% {ipaddrs, [esockd_access:cidr()]} |
%% {client, binary()} |
%% {user, binary()}).
%%
%% -type(access() :: subscribe | publish | pubsub).
%%
%% -type(topic() :: binary()).
%%
%% -type(rule() :: {allow, all} |
%% {allow, who(), access(), list(topic())} |
%% {deny, all} |
%% {deny, who(), access(), list(topic())}).
%%--------------------------------------------------------------------
{allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}.
{allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}.
{deny, all, subscribe, ["$SYS/#", {eq, "#"}]}.
{allow, {ipaddr, "127.0.0.1"}, pubsub, ["$dg/#", "#"]}.
{allow, all, pubsub, ["$dg/device/%c/#"]}.
{allow, all, pubsub, ["$dg/thing/%c/#"]}.
{allow, all, pubsub, ["$dg/device/%u/#"]}.
{allow, all, pubsub, ["$dg/thing/%u/#"]}.
{deny, all, subscribe, ["$dg/device/#"]}.
{deny, all, subscribe, ["$dg/thing/#"]}.
{allow, all}.