From 7aea02fa87b3b900d65102a5029a52871994ac15 Mon Sep 17 00:00:00 2001
From: antirez <antirez@gmail.com>
Date: Tue, 15 Jan 2019 09:36:12 +0100
Subject: [PATCH] ACL: initial implementation of the ACL command.

---
 src/acl.c    | 36 ++++++++++++++++++++++++++++++++++++
 src/server.c |  5 +++--
 src/server.h |  1 +
 3 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/src/acl.c b/src/acl.c
index 742860e6..2c92cbfb 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -274,3 +274,39 @@ int ACLCheckCommandPerm(client *c) {
 /* =============================================================================
  * ACL related commands
  * ==========================================================================*/
+
+/* ACL -- show and modify the configuration of ACL users.
+ * ACL help
+ * ACL list
+ * ACL setuser <username> ... user attribs ...
+ * ACL deluser <username>
+ * ACL getuser <username>
+ */
+void aclCommand(client *c) {
+    char *sub = c->argv[1]->ptr;
+    if (!strcasecmp(sub,"setuser") && c->argc >= 3) {
+        sds username = c->argv[2]->ptr;
+        user *u = ACLGetUserByName(username,sdslen(username));
+        if (!u) u = ACLCreateUser(username,sdslen(username));
+        serverAssert(u != NULL);
+        for (int j = 3; j < c->argc; j++) {
+            if (ACLSetUser(u,c->argv[j]->ptr) != C_OK) {
+                addReplyErrorFormat(c,"Syntax error in ACL SETUSER modifier '%s'",
+                    c->argv[j]->ptr);
+                return;
+            }
+        }
+        addReply(c,shared.ok);
+    } else if (!strcasecmp(sub,"help")) {
+        const char *help[] = {
+"LIST                              -- List all the registered users.",
+"SETUSER <username> [attribs ...]  -- Create or modify a user.",
+"DELUSER <username>                -- Delete a user.",
+"GETUSER <username>                -- Get the user details.",
+NULL
+        };
+        addReplyHelp(c,help);
+    } else {
+        addReplySubcommandSyntaxError(c);
+    }
+}
diff --git a/src/server.c b/src/server.c
index 4027b9ba..3955c63c 100644
--- a/src/server.c
+++ b/src/server.c
@@ -115,7 +115,7 @@ volatile unsigned long lru_clock; /* Server global current LRU time. */
  *    is deterministic.
  * l: Allow command while loading the database.
  * t: Allow command while a slave has stale data but is not allowed to
- *    server this data. Normally no command is accepted in this condition
+ *    serve this data. Normally no command is accepted in this condition
  *    but just a few.
  * M: Do not automatically propagate the command on MONITOR.
  * k: Perform an implicit ASKING for this command, so the command will be
@@ -326,7 +326,8 @@ struct redisCommand redisCommandTable[] = {
     {"post",securityWarningCommand,-1,"lt",0,NULL,0,0,0,0,0,0},
     {"host:",securityWarningCommand,-1,"lt",0,NULL,0,0,0,0,0,0},
     {"latency",latencyCommand,-2,"aslt",0,NULL,0,0,0,0,0,0},
-    {"lolwut",lolwutCommand,-1,"r",0,NULL,0,0,0,0,0,0}
+    {"lolwut",lolwutCommand,-1,"r",0,NULL,0,0,0,0,0,0},
+    {"acl",aclCommand,-2,"ast",0,NULL,0,0,0,0,0,0}
 };
 
 /*============================ Utility functions ============================ */
diff --git a/src/server.h b/src/server.h
index 70cb0040..d8d45fcf 100644
--- a/src/server.h
+++ b/src/server.h
@@ -2186,6 +2186,7 @@ void xinfoCommand(client *c);
 void xdelCommand(client *c);
 void xtrimCommand(client *c);
 void lolwutCommand(client *c);
+void aclCommand(client *c);
 
 #if defined(__GNUC__)
 void *calloc(size_t count, size_t size) __attribute__ ((deprecated));