Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NodeRed crashes when subscribe Channel with no Permission Uncaught Exception #63

Open
PJ-Schulz opened this issue Jul 28, 2023 · 0 comments

Comments

@PJ-Schulz
Copy link
Contributor

Hello,

we have a Redis Server with User permissions set. This is our acl list:

1) "user admin on #2d2cfc734e02c9a98fcce756a036d45d02df61b998170eb8a14649fb89188cad ~* &* +@all"
2) "user nodered on #9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 resetchannels &controller-messages* -@all +subscribe +info (resetchannels &controller-messages-bar -@all)"

The user nodered in redis has permission to subscribe to the controller-messages* channel. However, we have explicitly restricted his ability to subscribe to the controller-messages-bar channel.

Now we want to test it in Node-Red with this library and the Node redis-in. We had configured three redis-in Nodes:

  • controller-messages-foo
  • controller-messages-moin
  • controller-messages-bar

What We expected from our test is that an error is displayed in the NodeRed web interface, either on the node itself or in the debug window. After we deployed the flow, NodeRed crashes immediately with this exception:

28 Jul 07:54:04 - [red] Uncaught Exception:
28 Jul 07:54:04 - [error] ReplyError: NOPERM this user has no permissions to access one of the channels used as arguments
    at parseError (/usr/src/node-red/node_modules/redis-parser/lib/parser.js:179:12)
    at parseType (/usr/src/node-red/node_modules/redis-parser/lib/parser.js:302:14)

The problem is now, that after the deployment, the flows.json file was written and on every restart of NodeRed it uses this flows.json and crashes immediately, too. There is no chance to open it in the webinterface to make any chances. The only chance is to change it in the flows.json, but because of the fact, that we are using Node-Red in Kubernetes this is not so easy.

Getting back to the problem at hand, I think it's a bug that NodeRed is crashing with the Uncaught Exception. Instead of displaying an error in the web interface.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant