test: add mosquitto ACL file and mount it; grant testuser readwrite on lambdaiot topic

test/aclfile

@@ -0,0 +1,4 @@
+# ACL for testuser — allow publish and subscribe on 'lambdaiot' topic
+user testuser
+topic readwrite lambdaiot
+topic readwrite lambdaiot/#

test/docker-compose.yml

@@ -30,6 +30,7 @@ services:
       - mosquitto_data:/mosquitto/data
       - mosquitto_log:/mosquitto/log
       - ./mosquitto.conf:/mosquitto/config/mosquitto.conf
+      - ./aclfile:/mosquitto/data/aclfile:ro
     environment:
       - MOSQ_USER=testuser
       - MOSQ_PASS=testpass

test/mosquitto.conf

@@ -5,6 +5,8 @@ listener 1883 0.0.0.0
 allow_anonymous false
 # place password file in the data volume (writable)
 password_file /mosquitto/data/passwordfile
+# ACL file controls topic permissions
+acl_file /mosquitto/data/aclfile
 # Increase persistence location so container can map volume if needed
 persistence true
 persistence_location /mosquitto/data/