ACL: implement ACLLoadConfiguredUsers().

This commit is contained in:
antirez 2019-02-04 16:35:15 +01:00
parent 68fd4a97fa
commit 500b3e128f
2 changed files with 41 additions and 0 deletions

View File

@ -969,6 +969,46 @@ int ACLAppendUserForLoading(sds *argv, int argc, int *argc_err) {
return C_OK; return C_OK;
} }
/* This function will load the configured users appended to the server
* configuration via ACLAppendUserForLoading(). On loading errors it will
* log an error and return C_ERR, otherwise C_OK will be returned. */
int ACLLoadConfiguredUsers(void) {
listIter li;
listNode *ln;
listRewind(UsersToLoad,&li);
while ((ln = listNext(&li)) != NULL) {
sds *aclrules = listNodeValue(ln);
user *u = ACLCreateUser(aclrules[0],sdslen(aclrules[0]));
if (!u) {
serverLog(LL_WARNING,
"Error loading ACLs: user '%s' specified multiple times",
aclrules[0]);
return C_ERR;
}
/* Load every rule defined for this user. */
for (int j = 1; aclrules[j]; j++) {
if (ACLSetUser(u,aclrules[j],sdslen(aclrules[j])) != C_OK) {
char *errmsg = ACLSetUserStringError();
serverLog(LL_WARNING,"Error loading ACL rule '%s' for "
"the user named '%s': %s",
aclrules[0],aclrules[j],errmsg);
return C_ERR;
}
}
/* Having a disabled user in the configuration may be an error,
* warn about it without returning any error to the caller. */
if (u->flags & USER_FLAG_DISABLED) {
serverLog(LL_NOTICE, "The user '%s' is disabled (there is no "
"'on' modifier in the user description). Make "
"sure this is not a configuration error.",
aclrules[0]);
}
}
return C_OK;
}
/* ============================================================================= /* =============================================================================
* ACL related commands * ACL related commands
* ==========================================================================*/ * ==========================================================================*/

View File

@ -1740,6 +1740,7 @@ sds ACLDefaultUserFirstPassword(void);
uint64_t ACLGetCommandCategoryFlagByName(const char *name); uint64_t ACLGetCommandCategoryFlagByName(const char *name);
int ACLAppendUserForLoading(sds *argv, int argc, int *argc_err); int ACLAppendUserForLoading(sds *argv, int argc, int *argc_err);
char *ACLSetUserStringError(void); char *ACLSetUserStringError(void);
int ACLLoadConfiguredUsers(void);
/* Sorted sets data type */ /* Sorted sets data type */