diff --git a/fakeredis/model/_acl.py b/fakeredis/model/_acl.py index 0b9a79a3..572f0dbe 100644 --- a/fakeredis/model/_acl.py +++ b/fakeredis/model/_acl.py @@ -71,7 +71,7 @@ def check_password(self, password: Optional[bytes]) -> bool: return password_hex in self._passwords and self._enabled def add_password_hex(self, password_hex: bytes) -> None: - self._nopass = True + self._nopass = False self._passwords.add(password_hex) def add_password(self, password: bytes) -> None: diff --git a/test/test_internals/test_acl_save_load.py b/test/test_internals/test_acl_save_load.py new file mode 100644 index 00000000..f72e81e6 --- /dev/null +++ b/test/test_internals/test_acl_save_load.py @@ -0,0 +1,24 @@ +from fakeredis import FakeServer, FakeStrictRedis + + +def test_acl_save_load(): + acl_filename = b"./users.acl" + server = FakeServer(config={b"aclfile": acl_filename}) + r = FakeStrictRedis(server=server) + username = "fakeredis-user" + assert r.acl_setuser( + username, + enabled=True, + reset=True, + passwords=["+pass1", "+pass2"], + categories=["+set", "+@hash", "-geo"], + commands=["+get", "+mget", "-hset"], + keys=["cache:*", "objects:*"], + channels=["message:*"], + selectors=[("+set", "%W~app*"), ("+get", "%RW~app* &x"), ("-hset", "%W~app*")], + ) + r.acl_save() + + with open(acl_filename, "rb") as f: + lines = f.readlines() + assert len(lines) == 1 diff --git a/test/test_mixins/test_acl_commands.py b/test/test_mixins/test_acl_commands.py index 41b26a93..d0109ef5 100644 --- a/test/test_mixins/test_acl_commands.py +++ b/test/test_mixins/test_acl_commands.py @@ -77,6 +77,7 @@ def test_acl_list(r: redis.Redis): user_rule = next(filter(lambda x: x.startswith(f"user {username}"), rules), None) assert user_rule is not None + assert "nopass" not in user_rule assert "#e6c3da5b206634d7f3f3586d747ffdb36b5c675757b380c6a5fe5c570c714349" in user_rule assert "#1ba3d16e9881959f8c9a9762854f72c6e6321cdd44358a10a4e939033117eab9" in user_rule assert "on" in user_rule