From e8bf9b03ed4c0c051ffe955c45292f686484040b Mon Sep 17 00:00:00 2001 From: antirez Date: Thu, 24 Jan 2019 18:11:09 +0100 Subject: [PATCH] ACL: ACLSetUserCommandBitsForCategory() low level API. --- src/acl.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/acl.c b/src/acl.c index 131507d7..0112c1e7 100644 --- a/src/acl.c +++ b/src/acl.c @@ -199,6 +199,25 @@ void ACLSetUserCommandBit(user *u, unsigned long id, int value) { u->allowed_commands[word] &= ~bit; } +/* This is like ACLSetUserCommandBit(), but instead of setting the specified + * ID, it will check all the commands in the category specified as argument, + * and will set all the bits corresponding to such commands to the specified + * value. Since the category passed by the user may be non existing, the + * function returns C_ERR if the category was not found, or C_OK if it was + * found and the operation was performed. */ +int ACLSetUserCommandBitsForCategory(user *u, const char *category, int value) { + uint64_t cflag = ACLGetCommandCategoryFlagByName(category); + if (!cflag) return C_ERR; + dictIterator *di = dictGetIterator(server.orig_commands); + dictEntry *de; + while ((de = dictNext(di)) != NULL) { + struct redisCommand *cmd = dictGetVal(de); + if (cmd->flags & cflag) ACLSetUserCommandBit(u,cmd->id,value); + } + dictReleaseIterator(di); + return C_OK; +} + /* Get a command from the original command table, that is not affected * by the command renaming operations: we base all the ACL work from that * table, so that ACLs are valid regardless of command renaming. */