mirrors/dragonfly
1
0
Fork 0
mirror of https://github.com/dragonflydb/dragonfly.git synced 2025-05-11 10:25:47 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

feat(AclFamily): add acl dryrun command (#1894)

Browse source 
* add acl dryrun command
* add unit tests
This commit is contained in:
Kostas Kyrimis 2023-09-19 19:41:52 +03:00 committed by GitHub
parent b1c0d5c2a9
commit ea589db4db
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 81 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/server/acl/validator.cc
View file

@ -13,13 +13,8 @@ namespace dfly::acl {
[[nodiscard]] bool IsUserAllowedToInvokeCommand(const ConnectionContext& cntx,
const facade::CommandId& id) {
const auto cat_credentials = id.acl_categories();
const size_t index = id.GetFamily();
const uint64_t command_mask = id.GetBitIndex();
DCHECK_LT(index, cntx.acl_commands.size());
const bool is_authed = (cntx.acl_categories & cat_credentials) != 0 ||
(cntx.acl_commands[index] & command_mask) != 0;
const bool is_authed =
IsUserAllowedToInvokeCommandGeneric(cntx.acl_categories, cntx.acl_commands, id);
if (!is_authed) {
auto& log = ServerState::tlocal()->acl_log;
@ -30,4 +25,14 @@ namespace dfly::acl {
return is_authed;
}
[[nodiscard]] bool IsUserAllowedToInvokeCommandGeneric(uint32_t acl_cat,
const std::vector<uint64_t>& acl_commands,
const facade::CommandId& id) {
const auto cat_credentials = id.acl_categories();
const size_t index = id.GetFamily();
const uint64_t command_mask = id.GetBitIndex();
DCHECK_LT(index, acl_commands.size());
return (acl_cat & cat_credentials) != 0 || (acl_commands[index] & command_mask) != 0;
}
} // namespace dfly::acl