From 51e16b2ceb18729a75e1bb736211fac9264e8851 Mon Sep 17 00:00:00 2001
From: Borys <borys@dragonflydb.io>
Date: Mon, 9 Dec 2024 13:02:15 +0200
Subject: [PATCH] fix: prohibit read commands during takeover (#4267)

---
 src/server/main_service.cc | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/server/main_service.cc b/src/server/main_service.cc
index 956d0273e..768bbb44d 100644
--- a/src/server/main_service.cc
+++ b/src/server/main_service.cc
@@ -1056,7 +1056,11 @@ std::optional<ErrorReply> Service::VerifyCommandState(const CommandId* cid, CmdA
       allowed_by_state = false;
       break;
     case GlobalState::TAKEN_OVER:
-      allowed_by_state = !cid->IsWriteOnly();
+      // Only PING, admin commands, and all commands via admin connections are allowed
+      // we prohibit even read commands, because read commands running in pipeline can take a while
+      // to send all data to a client which leads to fail in takeover
+      allowed_by_state = dfly_cntx.conn()->IsPrivileged() || (cid->opt_mask() & CO::ADMIN) ||
+                         cid->name() == "PING";
       break;
     default:
       break;