From e7d15e4820f660e412974ae46b6b9ea61e59ace3 Mon Sep 17 00:00:00 2001 From: antirez Date: Fri, 11 Jan 2019 13:03:50 +0100 Subject: [PATCH] ACL: implement to first trivial opcodes in ACLSetUser(). --- src/acl.c | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/src/acl.c b/src/acl.c index ea708db7..59540d2a 100644 --- a/src/acl.c +++ b/src/acl.c @@ -127,15 +127,38 @@ user *ACLCreateUser(const char *name, size_t namelen) { * disabled command. Note that this form is not * allowed as negative like -DEBUG|SEGFAULT, but * only additive starting with "+". - * ~ Set a pattern of keys that can be mentioned as part of + * ~ Add a pattern of keys that can be mentioned as part of * commands. For instance ~* allows all the keys. The pattern * is a glob-style pattern like the one of KEYS. + * It is possible to specify multiple patterns. * > Add this passowrd to the list of valid password for the user. * For example >mypass will add "mypass" to the list. * < Remove this password from the list of valid passwords. + * allkeys Alias for ~* * resetpass Flush the list of allowed passwords. + * resetkeys Flush the list of allowed keys patterns. + * reset Performs the following actions: resetpass, resetkeys, off, + * -@all. The user returns to the same state it has immediately + * after its creation. + * + * The function returns C_OK if the action to perform was understood because + * the 'op' string made sense. Otherwise C_ERR is returned if the operation + * is unknown or has some syntax error. */ -void ACLSetUser(user *u, const char *op) { +int ACLSetUser(user *u, const char *op) { + if (!strcasecmp(op,"on")) { + u->flags |= USER_FLAG_ENABLED; + } else if (!strcasecmp(op,"off")) { + u->flags &= ~USER_FLAG_ENABLED; + } else if (!strcasecmp(op,"allkeys") || + !strcasecmp(op,"~*")) + { + memset(u->allowed_subcommands,255,sizeof(u->allowed_commands)); + u->flags |= USER_FLAG_ALLKEYS; + } else { + return C_ERR; + } + return C_OK; } /* Initialization of the ACL subsystem. */