tools.redis_admin module

Admin tool to inspect and modify Redis keys directly.

Uses the bot’s live TLS-aware async Redis pool (ctx.redis) so it works on the same database the rest of Stargazer talks to. Gated by the UNSANDBOXED_EXEC privilege; users in config.admin_user_ids pass implicitly.

Without the gate this tool is a privilege-escalation primitive: any caller could read every other user’s encrypted secret blob (stargazer:user_secrets:*) or grant themselves admin via stargazer:user_privileges:<self>.

async tools.redis_admin.run(action, key=None, value=None, ctx=None, **_kwargs)[source]

Execute one of the four Redis admin actions against the live database.

Entry point for the redis_admin tool. It operates directly on the bot’s own TLS-aware async Redis pool (ctx.redis) – the same database the rest of Stargazer uses – so it can read or rewrite any key, including encrypted user secrets and privilege records. For that reason every call is first gated through _check_unsandboxed_exec(); a denied or context-less call returns that helper’s error untouched.

Dispatches on action: get returns a single key’s value (decoded via _decode()), set writes a value, delete removes a key, and keys cursor-scans (SCAN) for keys matching a glob pattern, capping results at the module-level _KEYS_SCAN_LIMIT and flagging truncation. Mutating actions (set, delete) emit an info log line tagged with the invoking user_id; any Redis exception is logged and surfaced as a JSON error rather than raised.

Dispatched by the tool registry (tools.ToolRegistry.call()) after the loader picks up this module’s run via its TOOL_NAME metadata; no direct in-code callers were found.

Parameters:

  • action (str) – One of get, set, delete, or keys.

  • key (str | None) – Target key name, or a glob pattern when action is keys. Required for get / set / delete.

  • value (str | None) – Value to write; required only when action is set.

  • ctx (ToolContext | None) – Tool execution context, supplying the privileged Redis pool, config, and user_id.

Returns:

A JSON string with the action result, or a JSON error describing a failed authorization, missing Redis, missing argument, unknown action, or underlying Redis exception.

Return type:

str