Not all Redis keys are prefixed with "Shlink:" resulting in issues with ACL on Redis cluster #1870
Comments
This was referenced Sep 12, 2023
|
This is now fixed, and will be included with Shlink 3.6.4, which will potentially release at some point this week. |
|
Shlink 3.6.4 has just been released. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Shlink version
3.6.3
PHP version
docker
How do you serve Shlink
Openswoole Docker image
Database engine
PostgreSQL
Database version
12
Current behavior
When using shlink-api with a Redis-Cluster only allowing keys with "Shlink:"-Prefix locks from AbstractLockedCommand won't work, because they use the command name (e.g. "db:create") as key without prefix.
Expected behavior
Redis keys created by locks should be prefixed with "Shlink:" as all other Redis keys are.
A possible fix we've already tried is adding "Shlink:" to the lock configuration in AbstractDatabaseCommand.php and LocateVisistsCommand.php. That fixes the lock names for those commands, but Shlink still has permissions errors upon startup. So there are most probably still other keys created in Redis without the prefix
How to reproduce
Start a Redis cluster with following ACL:
The Shlink API will fail on startup when started with user "shlink", because it can't create the key "db:create".
The text was updated successfully, but these errors were encountered: