diff options
author | Huang Zhw <huang_zhw@126.com> | 2021-03-26 19:10:01 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-26 14:10:01 +0300 |
commit | e138698e54e97bfaababf56507026bf92dd4deb4 (patch) | |
tree | 9546f312fda235d415cbb717f9d5eb660535f261 /src/server.c | |
parent | db6655deb42d32374c71d00caf48efb63a13c2ec (diff) | |
download | redis-e138698e54e97bfaababf56507026bf92dd4deb4.tar.gz |
make processCommand check publish channel permissions. (#8534)
Add publish channel permissions check in processCommand.
processCommand didn't check publish channel permissions, so we can
queue a publish command in a transaction. But when exec the transaction,
it will fail with -NOPERM.
We also union keys/commands/channels permissions check togegher in
ACLCheckAllPerm. Remove pubsubCheckACLPermissionsOrReply in
publishCommand/subscribeCommand/psubscribeCommand. Always
check permissions in processCommand/execCommand/
luaRedisGenericCommand.
Diffstat (limited to 'src/server.c')
-rw-r--r-- | src/server.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/server.c b/src/server.c index 3df7a5a72..3421b9303 100644 --- a/src/server.c +++ b/src/server.c @@ -4011,18 +4011,30 @@ int processCommand(client *c) { /* Check if the user can run this command according to the current * ACLs. */ - int acl_keypos; - int acl_retval = ACLCheckCommandPerm(c,&acl_keypos); + int acl_errpos; + int acl_retval = ACLCheckAllPerm(c,&acl_errpos); if (acl_retval != ACL_OK) { - addACLLogEntry(c,acl_retval,acl_keypos,NULL); - if (acl_retval == ACL_DENIED_CMD) + addACLLogEntry(c,acl_retval,acl_errpos,NULL); + switch (acl_retval) { + case ACL_DENIED_CMD: rejectCommandFormat(c, "-NOPERM this user has no permissions to run " "the '%s' command or its subcommand", c->cmd->name); - else + break; + case ACL_DENIED_KEY: rejectCommandFormat(c, "-NOPERM this user has no permissions to access " "one of the keys used as arguments"); + break; + case ACL_DENIED_CHANNEL: + rejectCommandFormat(c, + "-NOPERM this user has no permissions to access " + "one of the channels used as arguments"); + break; + default: + rejectCommandFormat(c, "no permission"); + break; + } return C_OK; } |