I use the Bunny gem and configured a user in RabbitMQ like this:
virtual host /
configure: device1\..*
write: .*
read: device1\..*
The goal is: the user should be able to create a queue named like this: device1.mail and should be able to read / write to it. To all other queues I only want to give the user write access (but not read).
When I try to write to an existing durable queue named calc with Bunny I get an error:
conn = Bunny.new('amqp://device1:device1@128.0.0.0:5672')
conn.start
ch = conn.create_channel
q = ch.queue("calc", durable: true)
Bunny::AccessRefused (ACCESS_REFUSED - access to queue 'calc' in vhost '/' refused for user 'device1')
When I set the configure rights to .* for the user, then it works. I'm able to write to the queue, but not read. However like that the user can create queues named like he wants...
So it seems the configure right is needed in order to open the queue (even though it's an existing queue?).
What am I missing here?