search

joeferner / redis-commander

Redis management tool written in node.js
http://joeferner.github.io/redis-commander/
MIT License
3.56k stars 460 forks source link

readonly mode commands #542

Open skaravad opened 10 months ago

skaravad commented 10 months ago

Hello,

We plan to use info and select commands in readonly mode , I'm not a nodeJs expert, any files that I can modify to make this happen ? currently when READ_ONLY is enabled, the INFO and SELECT commands return this 

info keyspace
"ERROR: Command not read-only"
select 13
"ERROR: Command not read-only"
skaravad commented 10 months ago

I attempted modifying node_modules/@ioredis/commands/built/commands.json node_modules/@ioredis/commands/commands.json 

   "info": {
        "arity": -1,
        "flags": [
            "readonly",
            "loading",
            "stale"
        ],
        "keyStart": 0,
        "keyStop": 0,
        "step": 0
    },
sseide commented 9 months ago

Hello, the list of read-only commands is (where ever allowed by the server) queried directly from the server itself after connect. "COMMAND" is send and the output parsed for all commands having the property "readonly"

Example output for some commands:

61) 1) "select"
     2) (integer) 2
     3) 1) loading
        2) fast
     4) (integer) 0
     5) (integer) 0
     6) (integer) 0
...
86) 1) "dbsize"
     2) (integer) 1
     3) 1) readonly
        2) fast
     4) (integer) 0
     5) (integer) 0
     6) (integer) 0
...
137) 1) "cluster"
     2) (integer) -2
     3) 1) admin
     4) (integer) 0
     5) (integer) 0
     6) (integer) 0
138) 1) "flushdb"
     2) (integer) -1
     3) 1) write
     4) (integer) 0
     5) (integer) 0
     6) (integer) 0
...
140) 1) "info"
     2) (integer) -1
     3) 1) random
        2) loading
        3) stale
     4) (integer) 0
     5) (integer) 0
     6) (integer) 0

That is why (from this list) "dbsize" only is allowed but not "select" or "flushdb".

Maybe the selection criteria should be evaluated to allow info or similar too. But must be make sure to not open up to more dangerous commands...

skaravad commented 9 months ago

thank you , will give it a try.

sseide commented 8 months ago

Hello, i just added these two commands to a special list set as read-only on dynamic evaluation too. Its done in master branch and "latest" docker image.

Can you give it a try? And are there more commands missing as read-only?

Now the list is defined as a configuration option and can be overwritten with whatever you like inside your local.json file. The fallback/default is defined in the default.json config.