diff options
author | antirez <antirez@gmail.com> | 2019-01-16 13:39:04 +0100 |
---|---|---|
committer | antirez <antirez@gmail.com> | 2019-01-16 13:39:04 +0100 |
commit | f78b3ede2735397704fd452619efcbdac37254f6 (patch) | |
tree | d3c4c5299903f92f24bdfc36edac8cab260632d0 | |
parent | 0db42d4ba8148a1e493f2da208d4bcf509716870 (diff) | |
download | redis-f78b3ede2735397704fd452619efcbdac37254f6.tar.gz |
ACL: key matching implemented.
-rw-r--r-- | src/acl.c | 23 |
1 files changed, 23 insertions, 0 deletions
@@ -330,6 +330,29 @@ int ACLCheckCommandPerm(client *c) { if (!(c->user->flags & USER_FLAG_ALLKEYS) && (c->cmd->getkeys_proc || c->cmd->firstkey)) { + int numkeys; + int *keyidx = getKeysFromCommand(c->cmd,c->argv,c->argc,&numkeys); + for (int j = 0; j < numkeys; j++) { + listIter li; + listNode *ln; + listRewind(u->passwords,&li); + + /* Test this key against every pattern. */ + match = 0; + while((ln = listNext(&li))) { + sds pattern = listNodeValue(ln); + size_t plen = sdslen(pattern); + int idx = keyidx[j]; + if (stringmatchlen(pattern,plen,c->argv[idx]->ptr, + sdslen(c->argv[idx]->ptr),0)) + { + match = 1; + break; + } + } + if (!match) return C_ERR; + } + getKeysFreeResult(keyidx); } /* If we survived all the above checks, the user can execute the |