From 722830d3c658c0652e95b4720da83b0f35091796 Mon Sep 17 00:00:00 2001
From: gam6itko <gam6itko@gmail.com>
Date: Fri, 4 Feb 2022 02:29:38 +0300
Subject: [PATCH] [Cache] Add support for ACL auth in RedisAdapter

---
 src/Symfony/Component/Cache/CHANGELOG.md      |  5 +++++
 .../Cache/Tests/Adapter/PredisAdapterTest.php | 21 +++++++++++++++++++
 .../Cache/Tests/Adapter/RedisAdapterTest.php  | 20 ++++++++++++++++++
 .../Component/Cache/Traits/RedisTrait.php     | 18 ++++++++++++----
 4 files changed, 60 insertions(+), 4 deletions(-)

diff --git a/src/Symfony/Component/Cache/CHANGELOG.md b/src/Symfony/Component/Cache/CHANGELOG.md
index 1f54db7b8bd80..6b7fd87d7c27e 100644
--- a/src/Symfony/Component/Cache/CHANGELOG.md
+++ b/src/Symfony/Component/Cache/CHANGELOG.md
@@ -1,6 +1,11 @@
 CHANGELOG
 =========
 
+6.1
+---
+
+ * Add support for ACL auth in RedisAdapter
+
 6.0
 ---
 
diff --git a/src/Symfony/Component/Cache/Tests/Adapter/PredisAdapterTest.php b/src/Symfony/Component/Cache/Tests/Adapter/PredisAdapterTest.php
index f785499a7b733..28a2ca48724ab 100644
--- a/src/Symfony/Component/Cache/Tests/Adapter/PredisAdapterTest.php
+++ b/src/Symfony/Component/Cache/Tests/Adapter/PredisAdapterTest.php
@@ -48,4 +48,25 @@ public function testCreateConnection()
         ];
         $this->assertSame($params, $connection->getParameters()->toArray());
     }
+
+    public function testAclUserPasswordAuth()
+    {
+        // creating user via php-redis cause Predis (v1.1.10) does not support ACL command yet
+        $redis = RedisAdapter::createConnection('redis://'.getenv('REDIS_HOST'));
+
+        if (version_compare($redis->info()['redis_version'], '6.0', '<')) {
+            $this->markTestSkipped('Redis server >= 6.0 required');
+        }
+
+        $this->assertTrue($redis->acl('SETUSER', 'predis', 'on'));
+        $this->assertTrue($redis->acl('SETUSER', 'predis', '>password'));
+        $this->assertTrue($redis->acl('SETUSER', 'predis', 'allkeys'));
+        $this->assertTrue($redis->acl('SETUSER', 'predis', '+@all'));
+
+        $predis = RedisAdapter::createConnection('redis://predis:password@'.getenv('REDIS_HOST'), ['class' => \Predis\Client::class]);
+        $this->assertInstanceOf(\Predis\Client::class, $predis);
+        $this->assertSame('OK', $predis->set(__FUNCTION__, 'value2')->getPayload());
+
+        $this->assertSame(1, $redis->acl('DELUSER', 'predis'));
+    }
 }
diff --git a/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php b/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php
index aa2ce75a4555d..3caaa28774ec8 100644
--- a/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php
+++ b/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php
@@ -130,4 +130,24 @@ public function provideInvalidCreateConnection(): array
             ['redis://'],
         ];
     }
+
+    public function testAclUserPasswordAuth()
+    {
+        $redis = RedisAdapter::createConnection('redis://'.getenv('REDIS_HOST'));
+
+        if (version_compare($redis->info()['redis_version'], '6.0', '<')) {
+            $this->markTestSkipped('Redis server >= 6.0 required');
+        }
+
+        $this->assertTrue($redis->acl('SETUSER', 'alice', 'on'));
+        $this->assertTrue($redis->acl('SETUSER', 'alice', '>password'));
+        $this->assertTrue($redis->acl('SETUSER', 'alice', 'allkeys'));
+        $this->assertTrue($redis->acl('SETUSER', 'alice', '+@all'));
+
+        $redis = RedisAdapter::createConnection('redis://alice:password@'.getenv('REDIS_HOST'));
+        $this->assertTrue($redis->set(__FUNCTION__, 'value2'));
+
+        $redis = RedisAdapter::createConnection('redis://'.getenv('REDIS_HOST'));
+        $this->assertSame(1, $redis->acl('DELUSER', 'alice'));
+    }
 }
diff --git a/src/Symfony/Component/Cache/Traits/RedisTrait.php b/src/Symfony/Component/Cache/Traits/RedisTrait.php
index 277d5c1717674..9e372bb881100 100644
--- a/src/Symfony/Component/Cache/Traits/RedisTrait.php
+++ b/src/Symfony/Component/Cache/Traits/RedisTrait.php
@@ -93,9 +93,13 @@ public static function createConnection(string $dsn, array $options = []): \Redi
             throw new CacheException(sprintf('Cannot find the "redis" extension nor the "predis/predis" package: "%s".', $dsn));
         }
 
-        $params = preg_replace_callback('#^'.$scheme.':(//)?(?:(?:[^:@]*+:)?([^@]*+)@)?#', function ($m) use (&$auth) {
-            if (isset($m[2])) {
-                $auth = $m[2];
+        $params = preg_replace_callback('#^'.$scheme.':(//)?(?:(?:(?<user>[^:@]*+):)?(?<password>[^@]*+)@)?#', function ($m) use (&$auth) {
+            if (isset($m['password'])) {
+                if (\in_array($m['user'], ['', 'default'], true)) {
+                    $auth = $m['password'];
+                } else {
+                    $auth = [$m['user'], $m['password']];
+                }
 
                 if ('' === $auth) {
                     $auth = null;
@@ -299,7 +303,13 @@ public static function createConnection(string $dsn, array $options = []): \Redi
                 $params['parameters']['database'] = $params['dbindex'];
             }
             if (null !== $auth) {
-                $params['parameters']['password'] = $auth;
+                if (\is_array($auth)) {
+                    // ACL
+                    $params['parameters']['username'] = $auth[0];
+                    $params['parameters']['password'] = $auth[1];
+                } else {
+                    $params['parameters']['password'] = $auth;
+                }
             }
             if (1 === \count($hosts) && !($params['redis_cluster'] || $params['redis_sentinel'])) {
                 $hosts = $hosts[0];

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/45313.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/45313.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/45313.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony/pull/45313.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>