diff options
| author | Oran Agra <oran@redislabs.com> | 2023-02-16 08:07:35 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-02-16 08:07:35 +0200 |
| commit | 233abbbe03211ca700e10f827d289da24d9bd7e3 (patch) | |
| tree | 8c258ab7e81d883efb7b684ef8841bd70f705e9e /src/module.c | |
| parent | a35e08370ac467736328ee5ceed1292cbb2e05db (diff) | |
| download | redis-233abbbe03211ca700e10f827d289da24d9bd7e3.tar.gz | |
Cleanup around script_caller, fix tracking of scripts and ACL logging for RM_Call (#11770)
* Make it clear that current_client is the root client that was called by
external connection
* add executing_client which is the client that runs the current command
(can be a module or a script)
* Remove script_caller that was used for commands that have CLIENT_SCRIPT
to get the client that called the script. in most cases, that's the current_client,
and in others (when being called from a module), it could be an intermediate
client when we actually want the original one used by the external connection.
bugfixes:
* RM_Call with C flag should log ACL errors with the requested user rather than
the one used by the original client, this also solves a crash when RM_Call is used
with C flag from a detached thread safe context.
* addACLLogEntry would have logged info about the script_caller, but in case the
script was issued by a module command we actually want the current_client. the
exception is when RM_Call is called from a timer event, in which case we don't
have a current_client.
behavior changes:
* client side tracking for scripts now tracks the keys that are read by the script
instead of the keys that are declared by the caller for EVAL
other changes:
* Log both current_client and executing_client in the crash log.
* remove prepareLuaClient and resetLuaClient, being dead code that was forgotten.
* remove scriptTimeSnapshot and snapshot_time and instead add cmd_time_snapshot
that serves all commands and is reset only when execution nesting starts.
* remove code to propagate CLIENT_FORCE_REPL from the executed command
to the script caller since scripts aren't propagated anyway these days and anyway
this flag wouldn't have had an effect since CLIENT_PREVENT_PROP is added by scriptResetRun.
* fix a module GIL violation issue in afterSleep that was introduced in #10300 (unreleased)
Diffstat (limited to 'src/module.c')
| -rw-r--r-- | src/module.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/module.c b/src/module.c index 94f420b54..b42a838eb 100644 --- a/src/module.c +++ b/src/module.c @@ -6126,10 +6126,10 @@ RedisModuleCallReply *RM_Call(RedisModuleCtx *ctx, const char *cmdname, const ch acl_retval = ACLCheckAllUserCommandPerm(user,c->cmd,c->argv,c->argc,&acl_errpos); if (acl_retval != ACL_OK) { sds object = (acl_retval == ACL_DENIED_CMD) ? sdsdup(c->cmd->fullname) : sdsdup(c->argv[acl_errpos]->ptr); - addACLLogEntry(ctx->client, acl_retval, ACL_LOG_CTX_MODULE, -1, ctx->client->user->name, object); + addACLLogEntry(ctx->client, acl_retval, ACL_LOG_CTX_MODULE, -1, c->user->name, object); if (error_as_call_replies) { /* verbosity should be same as processCommand() in server.c */ - sds acl_msg = getAclErrorMessage(acl_retval, ctx->client->user, c->cmd, c->argv[acl_errpos]->ptr, 0); + sds acl_msg = getAclErrorMessage(acl_retval, c->user, c->cmd, c->argv[acl_errpos]->ptr, 0); sds msg = sdscatfmt(sdsempty(), "-NOPERM %S\r\n", acl_msg); sdsfree(acl_msg); reply = callReplyCreateError(msg, ctx); |