Add quotes only if closing parenthesis exists.
This commit is contained in:
parent
2b48b49387
commit
49e747a929
18
src/acl.c
18
src/acl.c
|
@ -781,6 +781,18 @@ sds ACLDescribeSelector(aclSelector *selector) {
|
|||
return res;
|
||||
}
|
||||
|
||||
int selectorContainsClosingParanthesis(const sds s) {
|
||||
size_t len = sdslen(s);
|
||||
const char *p = s;
|
||||
|
||||
while (len--) {
|
||||
if (*p == ')') return 1;
|
||||
p++;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* This is similar to ACLDescribeSelectorCommandRules(), however instead of
|
||||
* describing just the user command rules, everything is described: user
|
||||
* flags, keys, passwords and finally the command rules obtained via
|
||||
|
@ -822,7 +834,11 @@ robj *ACLDescribeUser(user *u) {
|
|||
if (selector->flags & SELECTOR_FLAG_ROOT) {
|
||||
res = sdscatfmt(res, "%s", default_perm);
|
||||
} else {
|
||||
res = sdscatfmt(res, " \"(%s)\"", default_perm);
|
||||
if (selectorContainsClosingParanthesis(default_perm)) {
|
||||
res = sdscatfmt(res, " \"(%s)\"", default_perm);
|
||||
} else {
|
||||
res = sdscatfmt(res, " (%s)", default_perm);
|
||||
}
|
||||
}
|
||||
sdsfree(default_perm);
|
||||
}
|
||||
|
|
|
@ -492,11 +492,21 @@ start_server [list overrides [list "dir" $server_path "aclfile" "user.acl"] tags
|
|||
|
||||
test {Test selectors with closing parenthesis} {
|
||||
r ACL SETUSER selector-store ON NOPASS +@all "(+@all ~bar))"
|
||||
r ACL SETUSER selector-wo-parenthesis ON NOPASS +@all "(+@all ~bar)"
|
||||
|
||||
# Verify selector is wrapped in quote if parenthesis exists.
|
||||
set response [lindex [r ACL LIST] [lsearch [r ACL LIST] "user selector-store*"]]
|
||||
assert_equal "user selector-store on nopass sanitize-payload resetchannels +@all \"(~bar) resetchannels +@all)\"" $response
|
||||
|
||||
# Verify selector is not wrapped in quote if parenthesis doesn't exists.
|
||||
set response [lindex [r ACL LIST] [lsearch [r ACL LIST] "user selector-wo-parenthesis*"]]
|
||||
assert_equal "user selector-wo-parenthesis on nopass sanitize-payload resetchannels +@all (~bar resetchannels +@all)" $response
|
||||
|
||||
# Verify the key permissions
|
||||
assert_equal "OK" [r ACL DRYRUN selector-store SET bar) world]
|
||||
assert_equal "OK" [r ACL DRYRUN selector-store GET bar)]
|
||||
assert_match {*has no permissions to access the 'bar))' key*} [r ACL DRYRUN selector-store SET bar)) world]
|
||||
}
|
||||
}
|
||||
|
||||
test {Test ACL SAVE/LOAD with selectors containing closing parenthesis} {
|
||||
set users_before_load [r ACL LIST]
|
||||
|
|
Loading…
Reference in New Issue