Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ACL patterns for Pub/Sub channels #2750

Merged
merged 5 commits into from
Jan 19, 2022
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions src/main/java/redis/clients/jedis/BuilderFactory.java
Original file line number Diff line number Diff line change
Expand Up @@ -689,6 +689,7 @@ public String toString() {
* Create a AccessControlUser object from the ACL GETUSER < > result
*/
public static final Builder<AccessControlUser> ACCESS_CONTROL_USER = new Builder<AccessControlUser>() {
@SuppressWarnings("unchecked")
@Override
public AccessControlUser build(Object data) {
if (data == null) {
Expand Down Expand Up @@ -723,6 +724,14 @@ public AccessControlUser build(Object data) {
accessControlUser.addKey(SafeEncoder.encode((byte[]) k));
}

// before redis 6.2, no channels info
if (objectList.size() > 9) {
List<Object> channels = objectList.get(9);
for (Object channel : channels) {
accessControlUser.addChannel(SafeEncoder.encode((byte[]) channel));
}
}

return accessControlUser;
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,12 @@ public interface AccessControlLogBinaryCommands {
*/
List<byte[]> aclUsersBinary();

/**
* The command returns all the rules defined for an existing ACL user.
* @see <a href="https://redis.io/commands/acl-getuser">ACL GETUSER username</a>
sazzad16 marked this conversation as resolved.
Show resolved Hide resolved
sazzad16 marked this conversation as resolved.
Show resolved Hide resolved
* @param name username
* @return a list of ACL rule definitions for the user.
*/
AccessControlUser aclGetUser(byte[] name);

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,12 @@ public interface AccessControlLogCommands {
*/
List<String> aclUsers();

/**
* The command returns all the rules defined for an existing ACL user.
* @see <a href="https://redis.io/commands/acl-getuser">ACL GETUSER username</a>
sazzad16 marked this conversation as resolved.
Show resolved Hide resolved
sazzad16 marked this conversation as resolved.
Show resolved Hide resolved
* @param name username
* @return a list of ACL rule definitions for the user.
*/
AccessControlUser aclGetUser(String name);

/**
Expand Down
11 changes: 10 additions & 1 deletion src/main/java/redis/clients/jedis/resps/AccessControlUser.java
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ public class AccessControlUser {
private final List<String> flags = new ArrayList<>();
private final List<String> keys = new ArrayList<>();
private final List<String> passwords = new ArrayList<>();
private final List<String> channels = new ArrayList<>();
private String commands;

public AccessControlUser() {
Expand Down Expand Up @@ -37,6 +38,14 @@ public List<String> getPassword() {
return passwords;
}

public void addChannel(String channel) {
channels.add(channel);
}

public List<String> getChannels() {
return channels;
}

public String getCommands() {
return commands;
}
Expand All @@ -48,6 +57,6 @@ public void setCommands(String commands) {
@Override
public String toString() {
return "AccessControlUser{" + "flags=" + flags + ", keys=" + keys + ", passwords=" + passwords
+ ", commands='" + commands + '\'' + '}';
+ ", commands='" + commands + ", channels='" + channels + '\'' + '}';
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -454,13 +454,15 @@ public void aclBinaryCommandsTest() {
assertEquals(1L, jedis.aclDelUser(USER_ZZZ.getBytes()));

jedis.aclSetUser(USER_ZZZ.getBytes(), "reset".getBytes(), "+@all".getBytes(), "~*".getBytes(),
"-@string".getBytes(), "+incr".getBytes(), "-debug".getBytes(), "+debug|digest".getBytes());
"-@string".getBytes(), "+incr".getBytes(), "-debug".getBytes(), "+debug|digest".getBytes(),
"resetchannels".getBytes(), "&testchannel:*".getBytes());

AccessControlUser userInfo = jedis.aclGetUser(USER_ZZZ.getBytes());

assertThat(userInfo.getCommands(), containsString("+@all"));
assertThat(userInfo.getCommands(), containsString("-@string"));
assertThat(userInfo.getCommands(), containsString("+debug|digest"));
assertEquals("testchannel:*", userInfo.getChannels().get(0));

jedis.aclDelUser(USER_ZZZ.getBytes());

Expand Down