diff options
| author | Shaya Potter <shaya@redislabs.com> | 2022-10-16 09:01:37 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-16 09:01:37 +0300 |
| commit | 3193f086ca0e167e89b6c5cf14133c03213b8378 (patch) | |
| tree | 4f7243a90017fdb890625cd3bbd91f4c0ce88b57 /tests/unit | |
| parent | 56f97bfa5fb082f812c711676d5a77d29af56940 (diff) | |
| download | redis-3193f086ca0e167e89b6c5cf14133c03213b8378.tar.gz | |
Unify ACL failure error messaging. (#11160)
Motivation: for applications that use RM ACL verification functions, they would
want to return errors back to the user, in ways that are consistent with Redis.
While investigating how we should return ACL errors to the user, we realized that
Redis isn't consistent, and currently returns ACL error strings in 3 primary ways.
[For the actual implications of this change, see the "Impact" section at the bottom]
1. how it returns an error when calling a command normally
ACL_DENIED_CMD -> "this user has no permissions to run the '%s' command"
ACL_DENIED_KEY -> "this user has no permissions to access one of the keys used as arguments"
ACL_DENIED_CHANNEL -> "this user has no permissions to access one of the channels used as arguments"
2. how it returns an error when calling via 'acl dryrun' command
ACL_DENIED_CMD -> "This user has no permissions to run the '%s' command"
ACL_DENIED_KEY -> "This user has no permissions to access the '%s' key"
ACL_DENIED_CHANNEL -> "This user has no permissions to access the '%s' channel"
3. how it returns an error via RM_Call (and scripting is similar).
ACL_DENIED_CMD -> "can't run this command or subcommand";
ACL_DENIED_KEY -> "can't access at least one of the keys mentioned in the command arguments";
ACL_DENIED_CHANNEL -> "can't publish to the channel mentioned in the command";
In addition, if one wants to use RM_Call's "dry run" capability instead of the RM ACL
functions directly, one also sees a different problem than it returns ACL errors with a -ERR,
not a -PERM, so it can't be returned directly to the caller.
This PR modifies the code to generate a base message in a common manner with the ability
to set verbose flag for acl dry run errors, and keep it unset for normal/rm_call/script cases
```c
sds getAclErrorMessage(int acl_res, user *user, struct redisCommand *cmd, sds errored_val, int verbose) {
switch (acl_res) {
case ACL_DENIED_CMD:
return sdscatfmt(sdsempty(), "User %S has no permissions to run "
"the '%S' command", user->name, cmd->fullname);
case ACL_DENIED_KEY:
if (verbose) {
return sdscatfmt(sdsempty(), "User %S has no permissions to access "
"the '%S' key", user->name, errored_val);
} else {
return sdsnew("No permissions to access a key");
}
case ACL_DENIED_CHANNEL:
if (verbose) {
return sdscatfmt(sdsempty(), "User %S has no permissions to access "
"the '%S' channel", user->name, errored_val);
} else {
return sdsnew("No permissions to access a channel");
}
}
```
The caller can append/prepend the message (adding NOPERM for normal/RM_Call or indicating it's within a script).
Impact:
- Plain commands, as well as scripts and RM_Call now include the user name.
- ACL DRYRUN remains the only one that's verbose (mentions the offending channel or key name)
- Changes RM_Call ACL errors from being a `-ERR` to being `-NOPERM` (besides for textual changes)
**This somewhat a breaking change, but it only affects the RM_Call with both `C` and `E`, or `D`**
- Changes ACL errors in scripts textually from being
`The user executing the script <old non unified text>`
to
`ACL failure in script: <new unified text>`
Diffstat (limited to 'tests/unit')
| -rw-r--r-- | tests/unit/acl-v2.tcl | 134 | ||||
| -rw-r--r-- | tests/unit/acl.tcl | 20 | ||||
| -rw-r--r-- | tests/unit/moduleapi/aclcheck.tcl | 13 | ||||
| -rw-r--r-- | tests/unit/moduleapi/getkeys.tcl | 6 | ||||
| -rw-r--r-- | tests/unit/moduleapi/keyspecs.tcl | 8 | ||||
| -rw-r--r-- | tests/unit/moduleapi/misc.tcl | 4 | ||||
| -rw-r--r-- | tests/unit/moduleapi/usercall.tcl | 5 |
7 files changed, 94 insertions, 96 deletions
diff --git a/tests/unit/acl-v2.tcl b/tests/unit/acl-v2.tcl index d836f9cb8..af23d745e 100644 --- a/tests/unit/acl-v2.tcl +++ b/tests/unit/acl-v2.tcl @@ -15,9 +15,9 @@ start_server {tags {"acl external:skip"}} { assert_equal "OK" [$r2 set write::foo bar] assert_equal "" [$r2 get read::foo] catch {$r2 get write::foo} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err catch {$r2 set read::foo bar} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err } test {Test ACL selectors by default have no permissions} { @@ -80,9 +80,9 @@ start_server {tags {"acl external:skip"}} { r set readstr bar assert_equal bar [$r2 get readstr] catch {$r2 set readstr bar} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err catch {$r2 get notread} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err } test {Test separate write permission} { @@ -92,9 +92,9 @@ start_server {tags {"acl external:skip"}} { # Note, SET is a RW command, so it's not used for testing $r2 LPUSH writelist 10 catch {$r2 GET writestr} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err catch {$r2 LPUSH notwrite 10} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err } test {Test separate read and write permissions} { @@ -104,7 +104,7 @@ start_server {tags {"acl external:skip"}} { r set read bar $r2 copy read write catch {$r2 copy write read} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err } test {Test separate read and write permissions on different selectors are not additive} { @@ -115,23 +115,23 @@ start_server {tags {"acl external:skip"}} { # Verify write selector $r2 LPUSH writelist 10 catch {$r2 GET writestr} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err catch {$r2 LPUSH notwrite 10} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err # Verify read selector r set readstr bar assert_equal bar [$r2 get readstr] catch {$r2 set readstr bar} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err catch {$r2 get notread} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err # Verify they don't combine catch {$r2 copy read write} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err catch {$r2 copy write read} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err } test {Test SET with separate read permission} { @@ -142,10 +142,10 @@ start_server {tags {"acl external:skip"}} { assert_equal {} [$r2 get readstr] # We don't have the permission to WRITE key. - assert_error {*NOPERM*keys*} {$r2 set readstr bar} - assert_error {*NOPERM*keys*} {$r2 set readstr bar get} - assert_error {*NOPERM*keys*} {$r2 set readstr bar ex 100} - assert_error {*NOPERM*keys*} {$r2 set readstr bar keepttl nx} + assert_error {*NOPERM*key*} {$r2 set readstr bar} + assert_error {*NOPERM*key*} {$r2 set readstr bar get} + assert_error {*NOPERM*key*} {$r2 set readstr bar ex 100} + assert_error {*NOPERM*key*} {$r2 set readstr bar keepttl nx} } test {Test SET with separate write permission} { @@ -157,13 +157,13 @@ start_server {tags {"acl external:skip"}} { assert_equal {OK} [$r2 set writestr get] # We don't have the permission to READ key. - assert_error {*NOPERM*keys*} {$r2 set get writestr} - assert_error {*NOPERM*keys*} {$r2 set writestr bar get} - assert_error {*NOPERM*keys*} {$r2 set writestr bar get ex 100} - assert_error {*NOPERM*keys*} {$r2 set writestr bar get keepttl nx} + assert_error {*NOPERM*key*} {$r2 set get writestr} + assert_error {*NOPERM*key*} {$r2 set writestr bar get} + assert_error {*NOPERM*key*} {$r2 set writestr bar get ex 100} + assert_error {*NOPERM*key*} {$r2 set writestr bar get keepttl nx} # this probably should be `ERR value is not an integer or out of range` - assert_error {*NOPERM*keys*} {$r2 set writestr bar ex get} + assert_error {*NOPERM*key*} {$r2 set writestr bar ex get} } test {Test SET with read and write permissions} { @@ -194,9 +194,9 @@ start_server {tags {"acl external:skip"}} { assert_equal {0} [$r2 bitfield readstr get u4 0] # We don't have the permission to WRITE key. - assert_error {*NOPERM*keys*} {$r2 bitfield readstr set u4 0 1} - assert_error {*NOPERM*keys*} {$r2 bitfield readstr get u4 0 set u4 0 1} - assert_error {*NOPERM*keys*} {$r2 bitfield readstr incrby u4 0 1} + assert_error {*NOPERM*key*} {$r2 bitfield readstr set u4 0 1} + assert_error {*NOPERM*key*} {$r2 bitfield readstr get u4 0 set u4 0 1} + assert_error {*NOPERM*key*} {$r2 bitfield readstr incrby u4 0 1} } test {Test BITFIELD with separate write permission} { @@ -206,9 +206,9 @@ start_server {tags {"acl external:skip"}} { assert_equal PONG [$r2 PING] # We don't have the permission to READ key. - assert_error {*NOPERM*keys*} {$r2 bitfield writestr get u4 0} - assert_error {*NOPERM*keys*} {$r2 bitfield writestr set u4 0 1} - assert_error {*NOPERM*keys*} {$r2 bitfield writestr incrby u4 0 1} + assert_error {*NOPERM*key*} {$r2 bitfield writestr get u4 0} + assert_error {*NOPERM*key*} {$r2 bitfield writestr set u4 0 1} + assert_error {*NOPERM*key*} {$r2 bitfield writestr incrby u4 0 1} } test {Test BITFIELD with read and write permissions} { @@ -242,7 +242,7 @@ start_server {tags {"acl external:skip"}} { # second selector. We should still show the logically first unmatched key. r ACL LOG RESET catch {$r2 MGET otherkey someotherkey} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err set entry [lindex [r ACL LOG] 0] assert_equal [dict get $entry username] "acl-log-test-selector" assert_equal [dict get $entry context] "toplevel" @@ -251,7 +251,7 @@ start_server {tags {"acl external:skip"}} { r ACL LOG RESET catch {$r2 MGET key otherkey someotherkey} err - assert_match "*NOPERM*keys*" $err + assert_match "*NOPERM*key*" $err set entry [lindex [r ACL LOG] 0] assert_equal [dict get $entry username] "acl-log-test-selector" assert_equal [dict get $entry context] "toplevel" @@ -308,8 +308,8 @@ start_server {tags {"acl external:skip"}} { test {Test various commands for command permissions} { r ACL setuser command-test -@all - assert_equal "This user has no permissions to run the 'set' command" [r ACL DRYRUN command-test set somekey somevalue] - assert_equal "This user has no permissions to run the 'get' command" [r ACL DRYRUN command-test get somekey] + assert_match {*has no permissions to run the 'set' command*} [r ACL DRYRUN command-test set somekey somevalue] + assert_match {*has no permissions to run the 'get' command*} [r ACL DRYRUN command-test get somekey] } test {Test various odd commands for key permissions} { @@ -317,29 +317,29 @@ start_server {tags {"acl external:skip"}} { # Test migrate, which is marked with incomplete keys assert_equal "OK" [r ACL DRYRUN command-test MIGRATE whatever whatever rw 0 500] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever read 0 500] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever write 0 500] + assert_match {*has no permissions to access the 'read' key*} [r ACL DRYRUN command-test MIGRATE whatever whatever read 0 500] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN command-test MIGRATE whatever whatever write 0 500] assert_equal "OK" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 KEYS rw] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 KEYS read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 KEYS write] + assert_match "*has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 KEYS read] + assert_match "*has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 KEYS write] assert_equal "OK" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH KEYS KEYS rw] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH KEYS KEYS read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH KEYS KEYS write] + assert_match "*has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH KEYS KEYS read] + assert_match "*has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH KEYS KEYS write] assert_equal "OK" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 KEYS 123 KEYS rw] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 KEYS 123 KEYS read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 KEYS 123 KEYS write] + assert_match "*has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 KEYS 123 KEYS read] + assert_match "*has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 KEYS 123 KEYS write] assert_equal "OK" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 USER KEYS KEYS rw] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 USER KEYS KEYS read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 USER KEYS KEYS write] + assert_match "*has no permissions to access the 'read' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 USER KEYS KEYS read] + assert_match "*has no permissions to access the 'write' key" [r ACL DRYRUN command-test MIGRATE whatever whatever "" 0 5000 AUTH2 USER KEYS KEYS write] # Test SORT, which is marked with incomplete keys assert_equal "OK" [r ACL DRYRUN command-test SORT read STORE write] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test SORT read STORE read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test SORT write STORE write] + assert_match {*has no permissions to access the 'read' key*} [r ACL DRYRUN command-test SORT read STORE read] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN command-test SORT write STORE write] # Test EVAL, which uses the numkey keyspec (Also test EVAL_RO) assert_equal "OK" [r ACL DRYRUN command-test EVAL "" 1 rw1] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN command-test EVAL "" 1 read] + assert_match {*has no permissions to access the 'read' key*} [r ACL DRYRUN command-test EVAL "" 1 read] assert_equal "OK" [r ACL DRYRUN command-test EVAL_RO "" 1 rw1] assert_equal "OK" [r ACL DRYRUN command-test EVAL_RO "" 1 read] @@ -354,12 +354,12 @@ start_server {tags {"acl external:skip"}} { # Test GEORADIUS which uses the last type of keyspec, keyword assert_equal "OK" [r ACL DRYRUN command-test GEORADIUS read longitude latitude radius M STOREDIST write] assert_equal "OK" [r ACL DRYRUN command-test GEORADIUS read longitude latitude radius M] - assert_equal "This user has no permissions to access the 'read2' key" [r ACL DRYRUN command-test GEORADIUS read1 longitude latitude radius M STOREDIST read2] - assert_equal "This user has no permissions to access the 'write1' key" [r ACL DRYRUN command-test GEORADIUS write1 longitude latitude radius M STOREDIST write2] + assert_match {*has no permissions to access the 'read2' key*} [r ACL DRYRUN command-test GEORADIUS read1 longitude latitude radius M STOREDIST read2] + assert_match {*has no permissions to access the 'write1' key*} [r ACL DRYRUN command-test GEORADIUS write1 longitude latitude radius M STOREDIST write2] assert_equal "OK" [r ACL DRYRUN command-test GEORADIUS read longitude latitude radius M STORE write] assert_equal "OK" [r ACL DRYRUN command-test GEORADIUS read longitude latitude radius M] - assert_equal "This user has no permissions to access the 'read2' key" [r ACL DRYRUN command-test GEORADIUS read1 longitude latitude radius M STORE read2] - assert_equal "This user has no permissions to access the 'write1' key" [r ACL DRYRUN command-test GEORADIUS write1 longitude latitude radius M STORE write2] + assert_match {*has no permissions to access the 'read2' key*} [r ACL DRYRUN command-test GEORADIUS read1 longitude latitude radius M STORE read2] + assert_match {*has no permissions to access the 'write1' key*} [r ACL DRYRUN command-test GEORADIUS write1 longitude latitude radius M STORE write2] } # Existence test commands are not marked as access since they are the result @@ -368,15 +368,15 @@ start_server {tags {"acl external:skip"}} { test {Existence test commands are not marked as access} { assert_equal "OK" [r ACL DRYRUN command-test HEXISTS read foo] assert_equal "OK" [r ACL DRYRUN command-test HEXISTS write foo] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test HEXISTS nothing foo] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test HEXISTS nothing foo] assert_equal "OK" [r ACL DRYRUN command-test HSTRLEN read foo] assert_equal "OK" [r ACL DRYRUN command-test HSTRLEN write foo] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test HSTRLEN nothing foo] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test HSTRLEN nothing foo] assert_equal "OK" [r ACL DRYRUN command-test SISMEMBER read foo] assert_equal "OK" [r ACL DRYRUN command-test SISMEMBER write foo] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test SISMEMBER nothing foo] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test SISMEMBER nothing foo] } # Unlike existence test commands, intersection cardinality commands process the data @@ -384,42 +384,42 @@ start_server {tags {"acl external:skip"}} { # requirement. test {Intersection cardinaltiy commands are access commands} { assert_equal "OK" [r ACL DRYRUN command-test SINTERCARD 2 read read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test SINTERCARD 2 write read] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test SINTERCARD 2 nothing read] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN command-test SINTERCARD 2 write read] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test SINTERCARD 2 nothing read] assert_equal "OK" [r ACL DRYRUN command-test ZCOUNT read 0 1] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test ZCOUNT write 0 1] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test ZCOUNT nothing 0 1] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN command-test ZCOUNT write 0 1] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test ZCOUNT nothing 0 1] assert_equal "OK" [r ACL DRYRUN command-test PFCOUNT read read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test PFCOUNT write read] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test PFCOUNT nothing read] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN command-test PFCOUNT write read] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test PFCOUNT nothing read] assert_equal "OK" [r ACL DRYRUN command-test ZINTERCARD 2 read read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN command-test ZINTERCARD 2 write read] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test ZINTERCARD 2 nothing read] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN command-test ZINTERCARD 2 write read] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test ZINTERCARD 2 nothing read] } test {Test general keyspace commands require some type of permission to execute} { assert_equal "OK" [r ACL DRYRUN command-test touch read] assert_equal "OK" [r ACL DRYRUN command-test touch write] assert_equal "OK" [r ACL DRYRUN command-test touch rw] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test touch nothing] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test touch nothing] assert_equal "OK" [r ACL DRYRUN command-test exists read] assert_equal "OK" [r ACL DRYRUN command-test exists write] assert_equal "OK" [r ACL DRYRUN command-test exists rw] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test exists nothing] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test exists nothing] assert_equal "OK" [r ACL DRYRUN command-test MEMORY USAGE read] assert_equal "OK" [r ACL DRYRUN command-test MEMORY USAGE write] assert_equal "OK" [r ACL DRYRUN command-test MEMORY USAGE rw] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test MEMORY USAGE nothing] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test MEMORY USAGE nothing] assert_equal "OK" [r ACL DRYRUN command-test TYPE read] assert_equal "OK" [r ACL DRYRUN command-test TYPE write] assert_equal "OK" [r ACL DRYRUN command-test TYPE rw] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test TYPE nothing] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test TYPE nothing] } test {Cardinality commands require some type of permission to execute} { @@ -428,7 +428,7 @@ start_server {tags {"acl external:skip"}} { assert_equal "OK" [r ACL DRYRUN command-test $command read] assert_equal "OK" [r ACL DRYRUN command-test $command write] assert_equal "OK" [r ACL DRYRUN command-test $command rw] - assert_equal "This user has no permissions to access the 'nothing' key" [r ACL DRYRUN command-test $command nothing] + assert_match {*has no permissions to access the 'nothing' key*} [r ACL DRYRUN command-test $command nothing] } } @@ -440,8 +440,8 @@ start_server {tags {"acl external:skip"}} { assert_equal "OK" [r ACL DRYRUN test-channels sunsubscribe channel] assert_equal "OK" [r ACL DRYRUN test-channels sunsubscribe otherchannel] - assert_equal "This user has no permissions to access the 'otherchannel' channel" [r ACL DRYRUN test-channels spublish otherchannel foo] - assert_equal "This user has no permissions to access the 'otherchannel' channel" [r ACL DRYRUN test-channels ssubscribe otherchannel foo] + assert_match {*has no permissions to access the 'otherchannel' channel*} [r ACL DRYRUN test-channels spublish otherchannel foo] + assert_match {*has no permissions to access the 'otherchannel' channel*} [r ACL DRYRUN test-channels ssubscribe otherchannel foo] } test {Test sort with ACL permissions} { diff --git a/tests/unit/acl.tcl b/tests/unit/acl.tcl index 9160b641a..c23f36890 100644 --- a/tests/unit/acl.tcl +++ b/tests/unit/acl.tcl @@ -93,7 +93,7 @@ start_server {tags {"acl external:skip"}} { r AUTH psuser pspass catch {r PUBLISH foo bar} e set e - } {*NOPERM*channels*} + } {*NOPERM*channel*} test {By default, only default user is not able to publish to any shard channel} { r AUTH default pwd @@ -101,7 +101,7 @@ start_server {tags {"acl external:skip"}} { r AUTH psuser pspass catch {r SPUBLISH foo bar} e set e - } {*NOPERM*channels*} + } {*NOPERM*channel*} test {By default, only default user is able to subscribe to any channel} { set rd [redis_deferring_client] @@ -117,7 +117,7 @@ start_server {tags {"acl external:skip"}} { catch {$rd read} e $rd close set e - } {*NOPERM*channels*} + } {*NOPERM*channel*} test {By default, only default user is able to subscribe to any shard channel} { set rd [redis_deferring_client] @@ -133,7 +133,7 @@ start_server {tags {"acl external:skip"}} { catch {$rd read} e $rd close set e - } {*NOPERM*channels*} + } {*NOPERM*channel*} test {By default, only default user is able to subscribe to any pattern} { set rd [redis_deferring_client] @@ -149,7 +149,7 @@ start_server {tags {"acl external:skip"}} { catch {$rd read} e $rd close set e - } {*NOPERM*channels*} + } {*NOPERM*channel*} test {It's possible to allow publishing to a subset of channels} { r ACL setuser psuser resetchannels &foo:1 &bar:* @@ -554,9 +554,9 @@ start_server {tags {"acl external:skip"}} { test "ACL requires explicit permission for scripting for EVAL_RO, EVALSHA_RO and FCALL_RO" { r ACL SETUSER scripter on nopass +readonly - assert_equal "This user has no permissions to run the 'eval_ro' command" [r ACL DRYRUN scripter EVAL_RO "" 0] - assert_equal "This user has no permissions to run the 'evalsha_ro' command" [r ACL DRYRUN scripter EVALSHA_RO "" 0] - assert_equal "This user has no permissions to run the 'fcall_ro' command" [r ACL DRYRUN scripter FCALL_RO "" 0] + assert_match {*has no permissions to run the 'eval_ro' command*} [r ACL DRYRUN scripter EVAL_RO "" 0] + assert_match {*has no permissions to run the 'evalsha_ro' command*} [r ACL DRYRUN scripter EVALSHA_RO "" 0] + assert_match {*has no permissions to run the 'fcall_ro' command*} [r ACL DRYRUN scripter FCALL_RO "" 0] } test {ACL #5998 regression: memory leaks adding / removing subcommands} { @@ -793,7 +793,7 @@ start_server {tags {"acl external:skip"}} { set current_invalid_channel_accesses [s acl_access_denied_channel] r ACL setuser invalidkeyuser on >passwd resetkeys allcommands r AUTH invalidkeyuser passwd - assert_error "*no permissions to access one of the keys*" {r get x} + assert_error "*NOPERM*key*" {r get x} r AUTH default "" assert {[s acl_access_denied_auth] eq $current_auth_failures} assert {[s acl_access_denied_cmd] eq $current_invalid_cmd_accesses} @@ -809,7 +809,7 @@ start_server {tags {"acl external:skip"}} { set current_invalid_channel_accesses [s acl_access_denied_channel] r ACL setuser invalidchanneluser on >passwd resetchannels allcommands r AUTH invalidkeyuser passwd - assert_error "*no permissions to access one of the channels*" {r subscribe x} + assert_error "*NOPERM*channel*" {r subscribe x} r AUTH default "" assert {[s acl_access_denied_auth] eq $current_auth_failures} assert {[s acl_access_denied_cmd] eq $current_invalid_cmd_accesses} diff --git a/tests/unit/moduleapi/aclcheck.tcl b/tests/unit/moduleapi/aclcheck.tcl index d96ea89cf..5dae6e1ad 100644 --- a/tests/unit/moduleapi/aclcheck.tcl +++ b/tests/unit/moduleapi/aclcheck.tcl @@ -63,13 +63,14 @@ start_server {tags {"modules acl"}} { # rm call check for key permission (y: only WRITE) assert_equal [r aclcheck.rm_call set y 5] OK assert_error {*NOPERM*} {r aclcheck.rm_call set y 5 get} - assert_error {ERR acl verification failed, can't access at least one of the keys mentioned in the command arguments.} {r aclcheck.rm_call_with_errors set y 5 get} + assert_error {*NOPERM*No permissions to access a key*} {r aclcheck.rm_call_with_errors set y 5 get} # rm call check for key permission (z: only READ) assert_error {*NOPERM*} {r aclcheck.rm_call set z 5} - assert_error {ERR acl verification failed, can't access at least one of the keys mentioned in the command arguments.} {r aclcheck.rm_call_with_errors set z 5} + catch {r aclcheck.rm_call_with_errors set z 5} e + assert_match {*NOPERM*No permissions to access a key*} $e assert_error {*NOPERM*} {r aclcheck.rm_call set z 6 get} - assert_error {ERR acl verification failed, can't access at least one of the keys mentioned in the command arguments.} {r aclcheck.rm_call_with_errors set z 6 get} + assert_error {*NOPERM*No permissions to access a key*} {r aclcheck.rm_call_with_errors set z 6 get} # verify that new log entry added set entry [lindex [r ACL LOG] 0] @@ -80,10 +81,8 @@ start_server {tags {"modules acl"}} { # rm call check for command permission r acl setuser default -set - catch {r aclcheck.rm_call set x 5} e - assert_match {*NOPERM*} $e - catch {r aclcheck.rm_call_with_errors set x 5} e - assert_match {ERR acl verification failed, can't run this command or subcommand.} $e + assert_error {*NOPERM*} {r aclcheck.rm_call set x 5} + assert_error {*NOPERM*has no permissions to run the 'set' command*} {r aclcheck.rm_call_with_errors set x 5} # verify that new log entry added set entry [lindex [r ACL LOG] 0] diff --git a/tests/unit/moduleapi/getkeys.tcl b/tests/unit/moduleapi/getkeys.tcl index 734c55fa2..b84bb0f73 100644 --- a/tests/unit/moduleapi/getkeys.tcl +++ b/tests/unit/moduleapi/getkeys.tcl @@ -64,14 +64,14 @@ start_server {tags {"modules"}} { test "module getkeys-api - ACL" { # legacy triple didn't provide flags, so they require both read and write assert_equal "OK" [r ACL DRYRUN testuser getkeys.command key rw] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN testuser getkeys.command key read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN testuser getkeys.command key write] + assert_match {*has no permissions to access the 'read' key*} [r ACL DRYRUN testuser getkeys.command key read] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN testuser getkeys.command key write] } test "module getkeys-api with flags - ACL" { assert_equal "OK" [r ACL DRYRUN testuser getkeys.command_with_flags key rw] assert_equal "OK" [r ACL DRYRUN testuser getkeys.command_with_flags key read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN testuser getkeys.command_with_flags key write] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN testuser getkeys.command_with_flags key write] } test "Unload the module - getkeys" { diff --git a/tests/unit/moduleapi/keyspecs.tcl b/tests/unit/moduleapi/keyspecs.tcl index 8491bc19e..9e68e9732 100644 --- a/tests/unit/moduleapi/keyspecs.tcl +++ b/tests/unit/moduleapi/keyspecs.tcl @@ -129,15 +129,15 @@ start_server {tags {"modules"}} { test "Module key specs: No spec, only legacy triple - ACL" { # legacy triple didn't provide flags, so they require both read and write assert_equal "OK" [r ACL DRYRUN testuser kspec.none rw val1] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN testuser kspec.none read val1] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN testuser kspec.none write val1] + assert_match {*has no permissions to access the 'read' key*} [r ACL DRYRUN testuser kspec.none read val1] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN testuser kspec.none write val1] } test "Module key specs: tworanges - ACL" { assert_equal "OK" [r ACL DRYRUN testuser kspec.tworanges read write] assert_equal "OK" [r ACL DRYRUN testuser kspec.tworanges rw rw] - assert_equal "This user has no permissions to access the 'read' key" [r ACL DRYRUN testuser kspec.tworanges rw read] - assert_equal "This user has no permissions to access the 'write' key" [r ACL DRYRUN testuser kspec.tworanges write rw] + assert_match {*has no permissions to access the 'read' key*} [r ACL DRYRUN testuser kspec.tworanges rw read] + assert_match {*has no permissions to access the 'write' key*} [r ACL DRYRUN testuser kspec.tworanges write rw] } foreach cmd {kspec.none kspec.tworanges} { diff --git a/tests/unit/moduleapi/misc.tcl b/tests/unit/moduleapi/misc.tcl index 8aa5b9198..15e4f4c6c 100644 --- a/tests/unit/moduleapi/misc.tcl +++ b/tests/unit/moduleapi/misc.tcl @@ -444,7 +444,7 @@ start_server {tags {"modules"}} { r acl setuser default resetkeys catch {r test.rm_call_flags DC set x 10} e - assert_match {*ERR acl verification failed, can't access at least one of the keys*} $e + assert_match {*NOPERM No permissions to access a key*} $e r acl setuser default +@all ~* assert_equal [r get x] $x } @@ -452,4 +452,4 @@ start_server {tags {"modules"}} { test "Unload the module - misc" { assert_equal {OK} [r module unload misc] } -}
\ No newline at end of file +} diff --git a/tests/unit/moduleapi/usercall.tcl b/tests/unit/moduleapi/usercall.tcl index 04f730005..c3d8b0312 100644 --- a/tests/unit/moduleapi/usercall.tcl +++ b/tests/unit/moduleapi/usercall.tcl @@ -45,8 +45,7 @@ start_server {tags {"modules usercall"}} { assert_equal [r usercall.get_acl] "off sanitize-payload ~* &* +@all -set" # fails here as testing acl in rm call - catch {r usercall.call_with_user_flag C set x 10} e - assert_match {*ERR acl verification failed*} $e + assert_error {*NOPERM User default has no permissions*} {r usercall.call_with_user_flag C set x 10} assert_equal [r usercall.call_with_user_flag C get x] 5 @@ -88,7 +87,7 @@ start_server {tags {"modules usercall"}} { # fails here in script, as rm_call will permit the eval call catch {r usercall.call_with_user_flag C evalsha $sha_set 0} e - assert_match {*ERR The user executing the script can't run this command or subcommand script*} $e + assert_match {*ERR ACL failure in script*} $e assert_equal [r usercall.call_with_user_flag C evalsha $sha_get 0] 1 } |