Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: fix acl bug #2714

Merged
merged 3 commits into from
Jun 12, 2024
Merged

fix: fix acl bug #2714

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1fa0edf
fix: modify cmdId assignment time to assgining after registering cmd…
gukj-spel Jun 4, 2024
76140df
fix acl bug
Jun 10, 2024
ab74c13
Merge branch 'unstable' into fixAcl
luky116 Jun 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions src/acl.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -489,15 +489,14 @@ void Acl::InitLimitUser(const std::string& bl, bool limit_exist) {
auto u = GetUser(DefaultLimitUser);
if (limit_exist) {
if (!bl.empty()) {
u->SetUser("+@all");
for(auto& cmd : blacklist) {
cmd = pstd::StringTrim(cmd, " ");
u->SetUser("-" + cmd);
}
u->SetUser("on");
if (!pass.empty()) {
u->SetUser(">"+pass);
}
}
if (!pass.empty()) {
u->SetUser(">"+pass);
Comment on lines +497 to +499
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ensure proper handling of user passwords.

The code sets the user password directly without checking if the password is already set or if it needs to be updated. This could lead to unintended overwrites. Consider adding checks or a method to update the password only if it differs from the current one.

Refactor password setting logic.

The password setting logic in the InitLimitUser method could be refactored into a separate method to improve readability and reusability. This would also make it easier to handle different password setting scenarios more cleanly.

- u->SetUser(">"+pass);
+ u->SetPassword(pass);

Committable suggestion was skipped due to low confidence.

}
} else {
if (pass.empty()) {
Expand Down
Loading