diff options
author | Shaya Potter <shaya@redislabs.com> | 2022-09-22 16:29:00 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-22 16:29:00 +0300 |
commit | 6e993a5dfa38327f25c5c8eea0f0e98ffd5d2c21 (patch) | |
tree | 7f48d653bd4694d4b93ed254613a805e423ef195 /src/networking.c | |
parent | 6d21560190fd5b09ff849ad1777e868d5e78da5f (diff) | |
download | redis-6e993a5dfa38327f25c5c8eea0f0e98ffd5d2c21.tar.gz |
Add RM_SetContextUser to support acl validation in RM_Call (and scripts) (#10966)
Adds a number of user management/ACL validaiton/command execution functions to improve a
Redis module's ability to enforce ACLs correctly and easily.
* RM_SetContextUser - sets a RedisModuleUser on the context, which RM_Call will use to both
validate ACLs (if requested and set) as well as assign to the client so that scripts executed via
RM_Call will have proper ACL validation.
* RM_SetModuleUserACLString - Enables one to pass an entire ACL string, not just a single OP
and have it applied to the user
* RM_GetModuleUserACLString - returns a stringified version of the user's ACL (same format as dump
and list). Contains an optimization to cache the stringified version until the underlying ACL is modified.
* Slightly re-purpose the "C" flag to RM_Call from just being about ACL check before calling the
command, to actually running the command with the right user, so that it also affects commands
inside EVAL scripts. see #11231
Diffstat (limited to 'src/networking.c')
-rw-r--r-- | src/networking.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/networking.c b/src/networking.c index 932413816..3cdbe16ce 100644 --- a/src/networking.c +++ b/src/networking.c @@ -601,6 +601,13 @@ void addReplyErrorSds(client *c, sds err) { addReplyErrorSdsEx(c, err, 0); } +/* See addReplyErrorLength for expectations from the input string. */ +/* As a side effect the SDS string is freed. */ +void addReplyErrorSdsSafe(client *c, sds err) { + err = sdsmapchars(err, "\r\n", " ", 2); + addReplyErrorSdsEx(c, err, 0); +} + /* Internal function used by addReplyErrorFormat and addReplyErrorFormatEx. * Refer to afterErrorReply for more information about the flags. */ static void addReplyErrorFormatInternal(client *c, int flags, const char *fmt, va_list ap) { |