Skip to content

Add ALL_DBS flag to CLUSTER FLUSHSLOT for database-level ACL#3806

Merged
zuiderkwast merged 1 commit into
valkey-io:unstablefrom
enjoy-binbin:cluster_flushslot
May 31, 2026
Merged

Add ALL_DBS flag to CLUSTER FLUSHSLOT for database-level ACL#3806
zuiderkwast merged 1 commit into
valkey-io:unstablefrom
enjoy-binbin:cluster_flushslot

Conversation

@enjoy-binbin

Copy link
Copy Markdown
Member

CLUSTER FLUSHSLOT internally calls delKeysInSlot() which iterates
over all databases and removes the slot's keys from every database,
just like FLUSHALL command will touch all the databases. And it was
missing the ALL_DBS command flag introduced in #2309.

Add test to cover this case, also do a extra cleanup, replace the
manual start_multiple_servers with a single start_cluster call.

CLUSTER FLUSHSLOT internally calls delKeysInSlot() which iterates
over all databases and removes the slot's keys from every database,
just like FLUSHALL command will touch all the databases. And it was
missing the ALL_DBS command flag introduced in valkey-io#2309.

Add test to cover this case, also do a extra cleanup, replace the
manual start_multiple_servers with a single start_cluster call.

Signed-off-by: Binbin <binloveplay1314@qq.com>
@enjoy-binbin enjoy-binbin requested a review from dvkashapov May 22, 2026 05:13
@coderabbitai

coderabbitai Bot commented May 22, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro Plus

Run ID: d836f0a3-3f28-481e-a395-b5568398b913

📥 Commits

Reviewing files that changed from the base of the PR and between 8d3e6c3 and b2d48d9.

📒 Files selected for processing (4)
  • src/commands.def
  • src/commands/cluster-flushslot.json
  • src/server.h
  • tests/unit/cluster/acl.tcl
💤 Files with no reviewable changes (1)
  • src/server.h

📝 Walkthrough

Walkthrough

The PR adds ALL_DBS permission requirement to the CLUSTER FLUSHSLOT command. Command metadata is updated in both the compiled command table and JSON definition. Function prototypes are refreshed in the header. ACL tests verify the command correctly enforces all-database permissions.

Changes

CLUSTER FLUSHSLOT ALL_DBS permission

Layer / File(s) Summary
Command metadata: ALL_DBS flag
src/commands.def, src/commands/cluster-flushslot.json
CLUSTER FLUSHSLOT command flags updated to include ALL_DBS in both the command table initializer and JSON command definition.
Function prototypes update
src/server.h
Cluster command function prototypes refreshed: clusterFlushslotCommand removed, clusterSlotStatsCommand and clusterscanCommand prototypes added.
ACL permission tests
tests/unit/cluster/acl.tcl
Test harness refactored to use start_cluster 2 0. New test case validates CLUSTER FLUSHSLOT fails with NOPERM when user is scoped to db=0, and succeeds when user gains alldbs permission.

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately describes the main change: adding the ALL_DBS flag to CLUSTER FLUSHSLOT for database-level ACL support.
Description check ✅ Passed The description clearly explains the rationale for the change, references the internal implementation details, and mentions the added test and cleanup work.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.


Comment @coderabbitai help to get the list of available commands and usage tips.

@enjoy-binbin

Copy link
Copy Markdown
Member Author

CLUSTER FLUSHSLOT may have originally been intended as an internal command, but there seems to not harm in doing it.

@dvkashapov dvkashapov left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, you're right about no harm in this change.

Just for reference I deleted flag here for it because it is internal command #2309 (comment)

@zuiderkwast zuiderkwast left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JFYI I deleted ALL_DBS permissions from CLUSTER FLUSHSLOT because I thought it was available to user, but it is internal so no need for that.

(#2309 (comment))

I guess I missed that, or at least I didn't think about it properly.

Even if it's internal (undocumented), clients can access it and they should not be able to escape the ACL rules. Internal just means that we don't promise backward compatibility and such things, so users should not rely on it.

@zuiderkwast zuiderkwast moved this to Needs Review in Valkey 9.1 May 28, 2026
@zuiderkwast zuiderkwast moved this from Todo to Needs Review in Valkey 10 May 28, 2026
@zuiderkwast zuiderkwast merged commit 7abe49a into valkey-io:unstable May 31, 2026
62 of 63 checks passed
@github-project-automation github-project-automation Bot moved this from Needs Review to To be backported in Valkey 9.1 May 31, 2026
@zuiderkwast zuiderkwast removed this from Valkey 10 May 31, 2026
@zuiderkwast zuiderkwast added the release-notes This issue should get a line item in the release notes label May 31, 2026
@enjoy-binbin enjoy-binbin deleted the cluster_flushslot branch June 1, 2026 02:18
valkeyrie-ops Bot pushed a commit that referenced this pull request Jun 1, 2026
CLUSTER FLUSHSLOT internally calls delKeysInSlot() which iterates
over all databases and removes the slot's keys from every database,
just like FLUSHALL command will touch all the databases. And it was
missing the ALL_DBS command flag introduced in #2309.

Add test to cover this case, also do a extra cleanup, replace the
manual start_multiple_servers with a single start_cluster call.

Signed-off-by: Binbin <binloveplay1314@qq.com>
valkeyrie-ops Bot pushed a commit that referenced this pull request Jun 10, 2026
CLUSTER FLUSHSLOT internally calls delKeysInSlot() which iterates
over all databases and removes the slot's keys from every database,
just like FLUSHALL command will touch all the databases. And it was
missing the ALL_DBS command flag introduced in #2309.

Add test to cover this case, also do a extra cleanup, replace the
manual start_multiple_servers with a single start_cluster call.

Signed-off-by: Binbin <binloveplay1314@qq.com>
ranshid added a commit that referenced this pull request Jun 11, 2026
# Backport sweep for 9.1

Automated cherry-picks from PRs marked "To be backported".

## Applied

| Source PR | Title | Detail |
|---|---|---|
| #3743 | Fix buffered_reply assert in HFE commands with module keyspace
notifications | cherry-picked in a prior sweep |
| #3766 | Fix flaky block_keyspace_notification test for HGETDEL notify
race | cherry-picked in a prior sweep |
| #3800 | Fix heap-use-after-free in ACL LOAD when client free is
deferred | cherry-picked in a prior sweep |
| #3723 | Fix double-finish and RESP reply violation in cluster slot
migration | cherry-picked in a prior sweep |
| #3872 | Redacting customer information when hide_user_data_from_log is
true in rdb.c, networking.c, debug.c and t_hash | cherry-picked in a
prior sweep |
| #3846 | Fix use-after-free in VM_RegisterClusterMessageReceiver |
cherry-picked in a prior sweep |
| #3806 | Add ALL_DBS flag to CLUSTER FLUSHSLOT for database-level ACL |
cherry-picked in a prior sweep |
| #3847 | Harden SENTINEL commands and config rewrite against
control-character injection | |
| #3801 | Validate every DB clause in COPY against ACL db= permissions |
|
| #3851 | Replace AUTOMATION_PAT with Valkeyrie Bot GitHub App token | |
| #3848 | Fix cluster AUX-field control-character and delimiter
injection | |
| #3544 | Revert "IO-Threads redesign cleanup work (#3544)" |
cherry-picked in a prior sweep |
| #3888 | Report exact dbid for COPY in ACL LOG when db= access is
denied | conflicts resolved by Claude Code |
| #3942 | Fix shard_id format specifier in UPDATE message log |  |
| #3941 | Avoid random() % 0 undefined behaviour when
cluster-node-timeout < 30 | |

---
*Generated by valkey-ci-agent using Claude Code.*

---------

Signed-off-by: Binbin <binloveplay1314@qq.com>
Signed-off-by: Ran Shidlansik <ranshid@amazon.com>
Signed-off-by: chx9 <lovelypiska@outlook.com>
Signed-off-by: zackcam <zackcam@amazon.com>
Signed-off-by: Eran Ifrah <eifrah@amazon.com>
Signed-off-by: Jules Lasarte <lasartej@amazon.com>
Signed-off-by: jjuleslasarte <jules.lasarte@gmail.com>
Signed-off-by: akash kumar <akumdev@amazon.com>
Co-authored-by: Binbin <binloveplay1314@qq.com>
Co-authored-by: Ran Shidlansik <ranshid@amazon.com>
Co-authored-by: lovelypiska <lovelypiska@outlook.com>
Co-authored-by: zackcam <zackcam@amazon.com>
Co-authored-by: eifrah-aws <eifrah@amazon.com>
Co-authored-by: jjuleslasarte <jules.lasarte@gmail.com>
Co-authored-by: Jules Lasarte <lasartej@amazon.com>
Co-authored-by: Akash Kumar <45854686+akashkgit@users.noreply.github.com>
@sarthakaggarwal97 sarthakaggarwal97 moved this from To be backported to Done in Valkey 9.1 Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

release-notes This issue should get a line item in the release notes

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

4 participants