ACL: implement ACLAppendUserForLoading().

author: antirez <antirez@gmail.com> 2019-02-01 13:02:41 +0100
committer: antirez <antirez@gmail.com> 2019-02-01 13:02:59 +0100
commit: 8f16e1ea912110d5459a4ddd370a93485408311c (patch)
tree: 6298ef0c9ca603792579a6ed95fb2dba2a388b22
parent: b8323d98e967206e2922dfc30fa2223292bfef5f (diff)
download: redis-8f16e1ea912110d5459a4ddd370a93485408311c.tar.gz
1 files changed, 18 insertions, 0 deletions
diff --git a/src/acl.c b/src/acl.c
index 5ad891cbd..105bcfc95 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -933,6 +933,24 @@ int ACLCheckCommandPerm(client *c) {
  * and, in that case, the error will be emitted later, because certain
  * commands may be defined later once modules are loaded. */
 int ACLAppendUserForLoading(sds *argv, int argc) {
+    if (argc < 2 || strcasecmp(argv[0],"user")) return C_ERR;
+
+    /* Try to apply the user rules in a fake user to see if they
+     * are actually valid. */
+    user fu = {0};
+    user *fakeuser = &fu;
+    for (int j = 2; j < argc; j++) {
+        if (ACLSetUser(fakeuser,argv[j],sdslen(argv[j])) == C_ERR) {
+            if (errno != ENOENT) return C_ERR;
+        }
+    }
+
+    /* Rules look valid, let's append the user to the list. */
+    sds *copy = zmalloc(sizeof(sds)*argc);
+    for (int j = 1; j < argc; j++) copy[j-1] = sdsdup(argv[j]);
+    copy[argc-1] = NULL;
+    listAddNodeTail(UsersToLoad,copy);
+    return C_OK;
 }
 
 /* =============================================================================
author	antirez <antirez@gmail.com>	2019-02-01 13:02:41 +0100
committer	antirez <antirez@gmail.com>	2019-02-01 13:02:59 +0100
commit	8f16e1ea912110d5459a4ddd370a93485408311c (patch)
tree	6298ef0c9ca603792579a6ed95fb2dba2a388b22
parent	b8323d98e967206e2922dfc30fa2223292bfef5f (diff)
download	redis-8f16e1ea912110d5459a4ddd370a93485408311c.tar.gz