Allow published messages on an unauthorised publish topic to be pubacked

[btsimonh]

A simple change to the client which if passed success === 'ignore' (as a string) from the user's authorizePublish function, will puback the message but not publish it.

This solves an issue for me where if a message is published to an unauthorized topic, the broker in node-red is disconnected (and does not reconnect). Since the broker module in NR could be serving multiple clients, one rouge flow can kill all access to the MQTT server.

Of course, you can have no way to know your message was not published apart from custom server code...

It goes some way towards:
'Client connection closed if publish is not authorized #596'

example authorize function:

var authorizePublish = function(client, topic, payload, callback) {
  var auth = 'ignore';
  if (client.token){
    if (client.token.data){
      if (client.token.data.write){
        client.token.data.write.forEach(function(grant){
          if (grantvalid(topic, grant)){
            auth = true;
          }
          });
       }
    }
  }

  console.log("auth "+auth+" for Pub topic " + topic + " client allowed " + util.inspect(client.token));

  callback(null, auth);
}

[mcollina]

I would prefer "ignore" instead of "suppress". Can you add a unit test?

[btsimonh]

hmm.. struggling with tests. on windows is failing at
two instances
√ support restoring from disk
1) "after each" hook: deleteLevel for "support restoring from disk"

139 passing (11s)
1 failing

1. mosca.persistence.LevelUp "after each" hook: deleteLevel for "support restoring from disk":
   Error: EBUSY: resource busy or locked, unlink 'C:\Users\Simon\AppData\Local\Temp\level_1494834462971\000005.ldb'
   at Error (native)

not familiar with testing schemes.. leave it with me for a few days. if i can move my tests above this, maybe a I can get one in.

[btsimonh]

hmm.. all done here too I think. Travis playing silly b****s.