---
user_rabbitmq_server: "rabbitmq01{{ env_suffix }}.rdu3.fedoraproject.org"
user_vhost: /pubsub
user_publish_only: true

# Read privileges:
# If publish_only: no reading. Otherwise, read from queues prefixed
# with their name and bind to the topic exchange
user_read_priv: "{{ user_publish_only|ternary('^$', '^(amq\\.topic)|(' + user_name + '.*)$') }}"

# Write privileges:
# If publish_only: only write to the exchange. Otherwise, write to
# queues prefixed with their name and any prefixes in user_write_queues,
# and publish to the topic exchange
user_write_priv: "^(amq\\.topic){% if not user_publish_only %}|({{ user_name }}.*){% for queue in user_write_queues|default([]) %}|({{ queue }}.*){% endfor %}{% endif %}$"

# Topic authorization:
# Ref: https://www.rabbitmq.com/access-control.html#topic-authorisation
user_sent_topics: .*
user_topic_permissions:
  - vhost: "{{ user_vhost }}"
    read_priv: .*
    write_priv: "{{ user_sent_topics }}"