ACL: deny commands execution of disabled users.

author: antirez <antirez@gmail.com> 2020-04-22 17:14:15 +0200
committer: antirez <antirez@gmail.com> 2020-04-22 17:14:15 +0200
commit: 889eaba2b70d7652accd6d34c305023eea490fbc (patch)
tree: e71e8bbb8d4b520794ef0abd9dcef626c87b151d /src/acl.c
parent: c2db3de49859a43a0685885f4f73d7ee0000728e (diff)
download: redis-889eaba2b70d7652accd6d34c305023eea490fbc.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/acl.c b/src/acl.c
index 75b954c5e..9e2ed6af7 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -1055,6 +1055,10 @@ int ACLCheckCommandPerm(client *c, int *keyidxptr) {
     /* If there is no associated user, the connection can run anything. */
     if (u == NULL) return ACL_OK;
 
+    /* If the user is disabled we don't allow the execution of any
+     * command. */
+    if (!(u->flags & USER_FLAG_ENABLED)) return ACL_DENIED_CMD;
+
     /* Check if the user can execute this command. */
     if (!(u->flags & USER_FLAG_ALLCOMMANDS) &&
         c->cmd->proc != authCommand)
author	antirez <antirez@gmail.com>	2020-04-22 17:14:15 +0200
committer	antirez <antirez@gmail.com>	2020-04-22 17:14:15 +0200
commit	889eaba2b70d7652accd6d34c305023eea490fbc (patch)
tree	e71e8bbb8d4b520794ef0abd9dcef626c87b151d /src/acl.c
parent	c2db3de49859a43a0685885f4f73d7ee0000728e (diff)
download	redis-889eaba2b70d7652accd6d34c305023eea490fbc.tar.gz