diff options
| author | guybe7 <guy.benoish@redislabs.com> | 2022-01-22 13:09:40 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-22 14:09:40 +0200 |
| commit | a6fd2a46d101d4df23ade2e28cbc04656c721b2b (patch) | |
| tree | e383ab123c8189b222e2a52c5344295f308e6f40 /tests/unit/moduleapi | |
| parent | 55c81f2cd3da82f9f570000875e006b9046ddef3 (diff) | |
| download | redis-a6fd2a46d101d4df23ade2e28cbc04656c721b2b.tar.gz | |
Improved handling of subcommands (don't allow ACL on first-arg of a sub-command) (#10147)
Recently we added extensive support for sub-commands in for redis 7.0,
this meant that the old ACL mechanism for
sub-commands wasn't needed, or actually was improved (to handle both include
and exclude control, like for commands), but only for real sub-commands.
The old mechanism in ACL was renamed to first-arg, and was able to match the
first argument of any command (including sub-commands).
We now realized that we might wanna completely delete that first-arg feature some
day, so the first step was not to give it new capabilities in 7.0 and it didn't have before.
Changes:
1. ACL: Block the first-arg mechanism on subcommands (we keep if in non-subcommands
for backward compatibility)
2. COMMAND: When looking up a command, insist the command name doesn't contain
extra words. Example: When a user issues `GET key` we want `lookupCommand` to return
`getCommand` but when if COMMAND calls `lookupCommand` with `get|key` we want it to fail.
Other changes:
1. ACLSetUser: prevent a redundant command lookup
Diffstat (limited to 'tests/unit/moduleapi')
0 files changed, 0 insertions, 0 deletions