@@ -784,6 +784,100 @@ has been granted access, and the permissions the user has for operations
784784on resources in these virtual hosts:
785785.sp
786786.Dl rabbitmqctl list_user_permissions tonyg
787+ .\" ------------------------------------
788+ .It Cm set_topic_permissions Oo Fl p Ar vhost Oc Ar user Ar exchange Ar write Ar read
789+ .Bl -tag -width Ds
790+ .It Ar vhost
791+ The name of the virtual host to which to grant the user access,
792+ defaulting to
793+ .Qq / .
794+ .It Ar user
795+ The name of the user the permissions apply to in the target virtual host.
796+ .It Ar exchange
797+ The name of the topic exchange the authorisation check will be applied to.
798+ .It Ar write
799+ A regular expression matching the routing key of the published message.
800+ .It Ar read
801+ A regular expression matching the routing key of the consumed message.
802+ .El
803+ .Pp
804+ Sets user topic permissions.
805+ .Pp
806+ For example, this command instructs the RabbitMQ broker to let the
807+ user named
808+ .Qq tonyg
809+ publish and consume messages going through the
810+ .Qq amp.topic
811+ exchange of the
812+ .Qq /myvhost
813+ virtual host with a routing key starting with
814+ .Qq tonyg- :
815+ .sp
816+ .Dl rabbitmqctl set_topic_permissions -p /myvhost tonyg amq.topic Qo ^tonyg-.* Qc Qo ^tonyg-.* Qc
817+ .Pp
818+ Topic permissions support variable expansion for the following variables:
819+ username, vhost, and client_id. Note that client_id is expanded only when using MQTT.
820+ The previous example could be made more generic by using
821+ .Qq ^{username}-.* :
822+ .sp
823+ .Dl rabbitmqctl set_topic_permissions -p /myvhost tonyg amq.topic Qo ^{username}-.* Qc Qo ^{username}-.* Qc
824+ .\" ------------------------------------
825+ .It Cm clear_topic_permissions Oo Fl p Ar vhost Oc Ar username Oo Ar exchange Oc
826+ .Bl -tag -width Ds
827+ .It Ar vhost
828+ The name of the virtual host to which to clear the topic permissions,
829+ defaulting to
830+ .Qq / .
831+ .It Ar username
832+ The name of the user to clear topic permissions to the specified virtual host.
833+ .It Ar exchange
834+ The name of the topic exchange to clear topic permissions, defaulting to all the
835+ topic exchanges the given user has topic permissions for.
836+ .El
837+ .Pp
838+ Clear user topic permissions.
839+ .Pp
840+ For example, this command instructs the RabbitMQ broker to remove topic permissions for user
841+ named
842+ .Qq tonyg
843+ for the topic exchange
844+ .Qq amq.topic
845+ in the virtual host called
846+ .Qq /myvhost :
847+ .sp
848+ .Dl rabbitmqctl clear_topic_permissions -p /myvhost tonyg amq.topic
849+ .\" ------------------------------------
850+ .It Cm list_topic_permissions Op Fl p Ar vhost
851+ .Bl -tag -width Ds
852+ .It Ar vhost
853+ The name of the virtual host for which to list the users topic permissions.
854+ Defaults to
855+ .Qq / .
856+ .El
857+ .Pp
858+ Lists topic permissions in a virtual host.
859+ .Pp
860+ For example, this command instructs the RabbitMQ broker to list all the
861+ users which have been granted topic permissions in the virtual host called
862+ .Qq /myvhost:
863+ .sp
864+ .Dl rabbitmqctl list_topic_permissions -p /myvhost
865+ .\" ------------------------------------
866+ .It Cm list_user_topic_permissions Ar username
867+ .Bl -tag -width Ds
868+ .It Ar username
869+ The name of the user for which to list the topic permissions.
870+ .El
871+ .Pp
872+ Lists user topic permissions.
873+ .Pp
874+ For example, this command instructs the RabbitMQ broker to list all the
875+ virtual hosts to which the user named
876+ .Qq tonyg
877+ has been granted access, and the topic permissions the user has in these virtual hosts:
878+ .sp
879+ .Dl rabbitmqctl list_topic_user_permissions tonyg
880+
787881.El
788882.Ss Parameter Management
789883Certain features of RabbitMQ (such as the federation plugin) are
0 commit comments