Support for ACLs w/ Redis 6

[IAmATeaPot418]

Feature Request:

Support for ACLs w/ Redis 6:

In worlds where multiple users exist we may want users to do perform different Redis operations. We may also want to restrict them to specific keys. This will help security-conscious users and enterprises restrict clients and users to the least amount of privilege required to perform their function. With the planned implementation of ACLs in Redis 6, ecosystem drivers should begin aligning to support this.

In Antirez's words:
When ACLs are useful

1. You want to improve security by restricting access to commands and keys so that untrusted clients have no access and trusted clients have just the minimum access level to the database in order to perform the work needed. For instance, certain clients may just be able to execute read-only commands.
2. You want to improve operational safety, so that processes or humans accessing Redis are not allowed, because of software errors or manual mistakes, to damage the data or the configuration. For instance, there is no reason for a worker that fetches delayed jobs from Redis to be able to call the FLUSHALL command.

Commands in Scope Currently w/ Redis 6:

• Multiple Arguments for AUTH (username and password)
• ACL HELP -- provides help information (listed below)
• ACL LOAD -- Reload users from the ACL file.
• ACL LIST -- Show user details in config file format.
• ACL USERS -- List all the registered usernames.
• ACL CAT [] -- List available categories // -- List commands inside category.
• ACL SETUSER ... acl rules ... -- Create or modify a user
• ACL DELUSER [...] -- Delete a list of users."
• ACL GETUSER - Get the user details.
• ACL GENPASS - Generate a secure password
• ACL WHOAMI - Return the current connection username.

Error Checking

1. No Permissions when a user does not have permission to a command or key (when error for commands or keys)
2. Username does not exist (getuser, deluser)

References:
https://redis.io/topics/acl
https://github.com/antirez/redis/blob/0cabe0cfa7290d9b14596ec38e0d0a22df65d1df/src/acl.c

[mp911de]

Thanks for report. With administrative commands I'm always torn whether it makes sense to add these. Majority of users is going to interact with Redis data structures and the number of use-cases for admin commands is extremely small as a lot of administration happens via redis-cli. Do you have a specific use-case to solve with ACL commands issued via Lettuce?

[tgrall]

I have started to implement the new auth() method that supports user and password, but I am not sure what the best way to automate the tests. ( I am doing them manually for now)

@mp911de Any good pointer about running all tests properly?

[IAmATeaPot418]

@tgrall - could you also check for RESP 2 vs RESP 3 here too. I see AUTH is implemented for RESP 3 only at the moment with a username.

[mp911de]

There's no good version information that we could use here. Although building against a tag reports the appropriate Redis version (5.0.7), we usually build against version branches (unstable) which report version 999.999. Right now, we implement version checks using command availability. Check out GeoCommandIntegrationTests.java and @EnabledOnCommand.

@tgrall Please file a new ticket for AUTH with username.

[tgrall]

Done: #1202

Thanks for the pointer, I will find a way to properly right tests and run them