You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been working with Redis 6 ACL users and ioredis, and I've noticed that a connection can't be made successfully unless the ACL user is given access to the INFO command. Consider this ACL user, who has access only to the GET command:
I think this should either be mentioned in the documentation, or handled in the code in a way that the connection is still made, but the INFO command is never run?
I am using ioredis 4.17.3 from npm.
The text was updated successfully, but these errors were encountered:
You can already disable the info call with enableReadyCheck: false on RedisOptions. However users may not want to opt-out completely, and after reviewing https://github.com/luin/ioredis/blob/ee294b6022b834f5d32c6b6e29abfe950c198beb/lib/redis/index.ts#L527-L563 I see only the Persistence section is being used, so we may want to change the default (or add another option) to use info persistence instead of just info, and users can grant +info|persistence limiting the information given to the client.
Hi there,
I've been working with Redis 6 ACL users and ioredis, and I've noticed that a connection can't be made successfully unless the ACL user is given access to the
INFO
command. Consider this ACL user, who has access only to theGET
command:When I run this test code:
I get the following error:
Updating the ACL user's permissions to allow use of the
INFO
command fixes this with no code changes in my test program:I think this should either be mentioned in the documentation, or handled in the code in a way that the connection is still made, but the
INFO
command is never run?I am using ioredis 4.17.3 from npm.
The text was updated successfully, but these errors were encountered: