diff options
author | antirez <antirez@gmail.com> | 2019-01-14 13:19:50 +0100 |
---|---|---|
committer | antirez <antirez@gmail.com> | 2019-01-14 13:19:50 +0100 |
commit | f95152d4c840ae4540224ad788f2f8e4a782b677 (patch) | |
tree | 266dadd6554838e072ae13fd10f8e94cf606a1ec | |
parent | 4376575d833cfb66a904c0035b5ca69dffad5179 (diff) | |
download | redis-f95152d4c840ae4540224ad788f2f8e4a782b677.tar.gz |
ACL: Add skeleton for function checking ability to execute a command.
-rw-r--r-- | src/acl.c | 23 |
1 files changed, 23 insertions, 0 deletions
@@ -222,6 +222,29 @@ user *ACLGetUserByName(const char *name, size_t namelen) { return myuser; } +/* Check if the command ready to be excuted in the client 'c', and already + * referenced by c->cmd, can be executed by this client according to the + * ACls associated to the client user c->user. + * + * If the user can execute the command C_OK is returned, otherwise + * C_ERR is returned. */ +int ACLCheckCommandPerm(client *c) { + /* If there is no associated user, the connection can run anything. */ + if (c->user == NULL) return C_OK; + + /* Check if the user can execute this command. */ + if (!(c->user->flags & USER_FLAG_ALLCOMMANDS)) { + } + + /* Check if the user can execute touch this keys. */ + if (!(c->user->flags & USER_FLAG_ALLKEYS)) { + } + + /* If we survived all the above checks, the user can execute the + * command. */ + return C_OK; +} + /* ============================================================================= * ACL related commands * ==========================================================================*/ |