Allow guest subscriptions.

app/controllers/api/rmq_utils_controller.rb

@@ -34,6 +34,8 @@ module Api
     VHOST = ENV.fetch("MQTT_VHOST") { "/" }
     RESOURCES = ["queue", "exchange"]
     PERMISSIONS = ["configure", "read", "write"]
+    FARMBOT_GUEST_USER = "farmbot_guest"
+    GUEST_REGISTRY_ROOT = "guest_registry"
 
     class PasswordFailure < Exception; end
 
@@ -51,7 +53,12 @@ module Api
       #   "vhost"     => "/",
       #   "client_id" => "MQTT_FX_Client",
       case username_param
+      # NOTE: "guest" is not the same as "farmbot_guest".
+      #       We intentionally differentiate the
+      #       two types to avoid accidental
+      #       security issues. -RC
       when "guest" then deny
+      when FARMBOT_GUEST_USER then allow
       when "admin" then authenticate_admin
       else
         device_id_in_username == current_device.id ? allow : deny
@@ -102,6 +109,10 @@ module Api
       allow if admin?
     end
 
+    def farmbot_guest?
+      username_param == FARMBOT_GUEST_USER
+    end
+
     def admin?
       username_param == "admin"
     end
@@ -128,6 +139,8 @@ module Api
     end
 
     def deny
+      puts "==== #{action_name} ===="
+      pp params
       render json: "deny", status: 403
     end
 
@@ -162,9 +175,25 @@ module Api
     def if_topic_is_safe
       if !!DEVICE_SPECIFIC_CHANNELS.match(routing_key_param)
         yield
-      else
-        render json: MALFORMED_TOPIC, status: 422
+        return
       end
+
+      if farmbot_guest?
+        a, b, c = routing_key_param.split(".")
+        if a == GUEST_REGISTRY_ROOT
+          puts "=========="
+          if !b.include?("*")
+            if !b.include?("#")
+              if c == nil
+                yield
+              end
+            end
+          end
+        end
+        return
+      end
+
+      render json: MALFORMED_TOPIC, status: 422
     end
 
     def device_id_in_topic

frontend/demo/index.tsx

@@ -4,31 +4,48 @@ import { shortRevision, attachToRoot } from "../util";
 import { stopIE } from "../util/stop_ie";
 import I from "i18next";
 import React from "react";
+import { uuid } from "farmbot";
 
 interface State {
   client?: MqttClient;
   connected: boolean;
+  secret: string;
 }
 
 const WS_CONFIG = {
   username: "farmbot_guest",
-  protocolId: "MQIsdp",
-  protocolVersion: 3
+  password: "required, but not used.",
+  // protocolId: "MQIsdp",
+  // protocolVersion: 3
 };
 
 export class DemoLoader extends React.Component<{}, State> {
-  state = {
+  state: State = {
     client: undefined,
-    connected: false
+    connected: false,
+    secret: uuid()
   };
 
   componentWillMount() {
     const client = connect(globalConfig.MQTT_WS, WS_CONFIG);
-    client.on("packetreceive",
-      (x) => console.log("Packet: " + JSON.stringify(x)));
-    client.on("connect", () => {
-      this.setState({ connected: true });
+
+    client.on("close", (x: {}) => console.log("close" + JSON.stringify(x)));
+    client.on("connect", (x: {}) => console.log("connect" + JSON.stringify(x)));
+    client.on("disconnect", (x: {}) => console.log("disconnect" + JSON.stringify(x)));
+    client.on("end", (x: {}) => console.log("end" + JSON.stringify(x)));
+    client.on("error", (x: {}) => console.log("error" + JSON.stringify(x)));
+    client.on("message", (x: {}) => console.log("message" + JSON.stringify(x)));
+    client.on("offline", (x: {}) => console.log("offline" + JSON.stringify(x)));
+    client.on("packetreceive", (x: {}) => console.log("packetreceive" + JSON.stringify(x)));
+    client.on("packetsend", (x: {}) => console.log("packetsend" + JSON.stringify(x)));
+    client.on("reconnect", (x: {}) => console.log("reconnect" + JSON.stringify(x)));
+
+    const channel = "guest_registry." + this.state.secret;
+
+    client.subscribe(channel, (error, ok) => {
+      if (error) { console.error(error); } else { console.dir(ok); }
     });
+
     this.setState({ client });
   }