ACL: define category names and flags.

This commit is contained in:
antirez 2019-01-23 16:47:29 +01:00
parent c5e717c637
commit 91ec53ed13
2 changed files with 68 additions and 18 deletions

View File

@ -39,6 +39,33 @@ user *DefaultUser; /* Global reference to the default user.
AUTH or HELLO is used to authenticate with a
different user. */
struct ACLCategoryItem {
const char *name;
uint64_t flag;
} ACLCommandCategories[] = {
{"keyspace", CMD_CATEGORY_KEYSPACE},
{"read", CMD_CATEGORY_READ},
{"write", CMD_CATEGORY_WRITE},
{"set", CMD_CATEGORY_SET},
{"sortedset", CMD_CATEGORY_SORTEDSET},
{"list", CMD_CATEGORY_LIST},
{"hash", CMD_CATEGORY_HASH},
{"string", CMD_CATEGORY_STRING},
{"bitmap", CMD_CATEGORY_BITMAP},
{"hyperloglog", CMD_CATEGORY_HYPERLOGLOG},
{"geo", CMD_CATEGORY_GEO},
{"stream", CMD_CATEGORY_STREAM},
{"pubsub", CMD_CATEGORY_PUBSUB},
{"admin", CMD_CATEGORY_ADMIN},
{"fast", CMD_CATEGORY_FAST},
{"slow", CMD_CATEGORY_SLOW},
{"blocking", CMD_CATEGORY_BLOCKING},
{"dangerous", CMD_CATEGORY_DANGEROUS},
{"connection", CMD_CATEGORY_CONNECTION},
{"transaction", CMD_CATEGORY_TRANSACTION},
{"scripting", CMD_CATEGORY_SCRIPTING}
};
/* =============================================================================
* Helper functions for the rest of the ACL implementation
* ==========================================================================*/

View File

@ -202,24 +202,47 @@ typedef long long mstime_t; /* millisecond time type. */
/* Command flags. Please check the command table defined in the redis.c file
* for more information about the meaning of every flag. */
#define CMD_WRITE (1<<0) /* "write" flag */
#define CMD_READONLY (1<<1) /* "read-only" flag */
#define CMD_DENYOOM (1<<2) /* "use-memory" flag */
#define CMD_MODULE (1<<3) /* Command exported by module. */
#define CMD_ADMIN (1<<4) /* "admin" flag */
#define CMD_PUBSUB (1<<5) /* "pub-sub" flag */
#define CMD_NOSCRIPT (1<<6) /* "no-script" flag */
#define CMD_RANDOM (1<<7) /* "random" flag */
#define CMD_SORT_FOR_SCRIPT (1<<8) /* "to-sort" flag */
#define CMD_LOADING (1<<9) /* "ok-loading" flag */
#define CMD_STALE (1<<10) /* "ok-stale" flag */
#define CMD_SKIP_MONITOR (1<<11) /* "no-monitor" flag */
#define CMD_ASKING (1<<12) /* "cluster-asking" flag */
#define CMD_FAST (1<<13) /* "fast" flag */
#define CMD_WRITE (1ULL<<0) /* "write" flag */
#define CMD_READONLY (1ULL<<1) /* "read-only" flag */
#define CMD_DENYOOM (1ULL<<2) /* "use-memory" flag */
#define CMD_MODULE (1ULL<<3) /* Command exported by module. */
#define CMD_ADMIN (1ULL<<4) /* "admin" flag */
#define CMD_PUBSUB (1ULL<<5) /* "pub-sub" flag */
#define CMD_NOSCRIPT (1ULL<<6) /* "no-script" flag */
#define CMD_RANDOM (1ULL<<7) /* "random" flag */
#define CMD_SORT_FOR_SCRIPT (1ULL<<8) /* "to-sort" flag */
#define CMD_LOADING (1ULL<<9) /* "ok-loading" flag */
#define CMD_STALE (1ULL<<10) /* "ok-stale" flag */
#define CMD_SKIP_MONITOR (1ULL<<11) /* "no-monitor" flag */
#define CMD_ASKING (1ULL<<12) /* "cluster-asking" flag */
#define CMD_FAST (1ULL<<13) /* "fast" flag */
/* Command flags used by the module system. */
#define CMD_MODULE_GETKEYS (1<<14) /* Use the modules getkeys interface. */
#define CMD_MODULE_NO_CLUSTER (1<<15) /* Deny on Redis Cluster. */
#define CMD_MODULE_GETKEYS (1ULL<<14) /* Use the modules getkeys interface. */
#define CMD_MODULE_NO_CLUSTER (1ULL<<15) /* Deny on Redis Cluster. */
/* Command flags that describe ACLs categories. */
#define CMD_CATEGORY_KEYSPACE (1ULL<<16)
#define CMD_CATEGORY_READ (1ULL<<17)
#define CMD_CATEGORY_WRITE (1ULL<<18)
#define CMD_CATEGORY_SET (1ULL<<19)
#define CMD_CATEGORY_SORTEDSET (1ULL<<20)
#define CMD_CATEGORY_LIST (1ULL<<21)
#define CMD_CATEGORY_HASH (1ULL<<22)
#define CMD_CATEGORY_STRING (1ULL<<23)
#define CMD_CATEGORY_BITMAP (1ULL<<24)
#define CMD_CATEGORY_HYPERLOGLOG (1ULL<<25)
#define CMD_CATEGORY_GEO (1ULL<<26)
#define CMD_CATEGORY_STREAM (1ULL<<27)
#define CMD_CATEGORY_PUBSUB (1ULL<<28)
#define CMD_CATEGORY_ADMIN (1ULL<<29)
#define CMD_CATEGORY_FAST (1ULL<<30)
#define CMD_CATEGORY_SLOW (1ULL<<31)
#define CMD_CATEGORY_BLOCKING (1ULL<<32)
#define CMD_CATEGORY_DANGEROUS (1ULL<<33)
#define CMD_CATEGORY_CONNECTION (1ULL<<34)
#define CMD_CATEGORY_TRANSACTION (1ULL<<35)
#define CMD_CATEGORY_SCRIPTING (1ULL<<36)
/* AOF states */
#define AOF_OFF 0 /* AOF is off */
@ -1340,8 +1363,8 @@ struct redisCommand {
char *name;
redisCommandProc *proc;
int arity;
char *sflags; /* Flags as string representation, one char per flag. */
int flags; /* The actual flags, obtained from the 'sflags' field. */
char *sflags; /* Flags as string representation, one char per flag. */
uint64_t flags; /* The actual flags, obtained from the 'sflags' field. */
/* Use a function to determine keys arguments in a command line.
* Used for Redis Cluster redirect. */
redisGetKeysProc *getkeys_proc;