From f78b3ede2735397704fd452619efcbdac37254f6 Mon Sep 17 00:00:00 2001
From: antirez <antirez@gmail.com>
Date: Wed, 16 Jan 2019 13:39:04 +0100
Subject: ACL: key matching implemented.

---
 src/acl.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/src/acl.c b/src/acl.c
index e03c2a1b6..edc75de6d 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -330,6 +330,29 @@ int ACLCheckCommandPerm(client *c) {
     if (!(c->user->flags & USER_FLAG_ALLKEYS) &&
         (c->cmd->getkeys_proc || c->cmd->firstkey))
     {
+        int numkeys;
+        int *keyidx = getKeysFromCommand(c->cmd,c->argv,c->argc,&numkeys);
+        for (int j = 0; j < numkeys; j++) {
+            listIter li;
+            listNode *ln;
+            listRewind(u->passwords,&li);
+
+            /* Test this key against every pattern. */
+            match = 0;
+            while((ln = listNext(&li))) {
+                sds pattern = listNodeValue(ln);
+                size_t plen = sdslen(pattern);
+                int idx = keyidx[j];
+                if (stringmatchlen(pattern,plen,c->argv[idx]->ptr,
+                                   sdslen(c->argv[idx]->ptr),0))
+                {
+                    match = 1;
+                    break;
+                }
+            }
+            if (!match) return C_ERR;
+        }
+        getKeysFreeResult(keyidx);
     }
 
     /* If we survived all the above checks, the user can execute the
-- 
cgit v1.2.1