You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by aw...@apache.org on 2017/11/15 21:47:14 UTC
[46/50] cassandra git commit: Don't let users drop or generally break
tables in system_distributed
Don't let users drop or generally break tables in system_distributed
patch by Aleksey Yeschenko; reviewed by Sylvain Lebresne for
CASSANDRA-13813
Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/957ae2bc
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/957ae2bc
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/957ae2bc
Branch: refs/heads/master
Commit: 957ae2bc455c56835632193e1aa251495c3724f8
Parents: f889dff
Author: Aleksey Yeschenko <al...@yeschenko.com>
Authored: Thu Oct 5 16:16:02 2017 +0100
Committer: Aleksey Yeschenko <al...@yeschenko.com>
Committed: Tue Oct 17 13:42:22 2017 +0100
----------------------------------------------------------------------
system_keyspaces_test.py | 118 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 118 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cassandra/blob/957ae2bc/system_keyspaces_test.py
----------------------------------------------------------------------
diff --git a/system_keyspaces_test.py b/system_keyspaces_test.py
new file mode 100644
index 0000000..90eb583
--- /dev/null
+++ b/system_keyspaces_test.py
@@ -0,0 +1,118 @@
+from cassandra import Unauthorized
+from dtest import Tester
+from tools.assertions import assert_all, assert_exception, assert_none
+from tools.decorators import since
+
+class TestSystemKeyspaces(Tester):
+
+ @since('3.0')
+ def test_local_system_keyspaces(self):
+ cluster = self.cluster
+ cluster.populate(1).start()
+
+ node = cluster.nodelist()[0]
+ session = self.patient_cql_connection(node)
+
+ # ALTER KEYSPACE should fail for system and system_schema
+ stmt = """
+ ALTER KEYSPACE system
+ WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+ assert_exception(session, stmt, expected=Unauthorized)
+
+ stmt = """
+ ALTER KEYSPACE system_schema
+ WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+ assert_exception(session, stmt, expected=Unauthorized)
+
+ # DROP KEYSPACE should fail for system and system_schema
+ assert_exception(session, 'DROP KEYSPACE system;', expected=Unauthorized)
+ assert_exception(session, 'DROP KEYSPACE system_schema;', expected=Unauthorized)
+
+ # CREATE TABLE should fail in system and system_schema
+ assert_exception(session,
+ 'CREATE TABLE system.new_table (id int PRIMARY KEY);',
+ expected=Unauthorized)
+
+ assert_exception(session,
+ 'CREATE TABLE system_schema.new_table (id int PRIMARY KEY);',
+ expected=Unauthorized)
+
+ # ALTER TABLE should fail in system and system_schema
+ assert_exception(session,
+ "ALTER TABLE system.local WITH comment = '';",
+ expected=Unauthorized)
+
+ assert_exception(session,
+ "ALTER TABLE system_schema.tables WITH comment = '';",
+ expected=Unauthorized)
+
+ # DROP TABLE should fail in system and system_schema
+ assert_exception(session, 'DROP TABLE system.local;', expected=Unauthorized)
+ assert_exception(session, 'DROP TABLE system_schema.tables;', expected=Unauthorized)
+
+ @since('3.0')
+ def test_replicated_system_keyspaces(self):
+ cluster = self.cluster
+ cluster.populate(1).start()
+
+ node = cluster.nodelist()[0]
+ session = self.patient_cql_connection(node)
+
+ # ALTER KEYSPACE should work for system_auth, system_distributed, and system_traces
+ stmt = """
+ ALTER KEYSPACE system_auth
+ WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+ assert_none(session, stmt)
+
+ stmt = """
+ ALTER KEYSPACE system_distributed
+ WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+ assert_none(session, stmt)
+
+ stmt = """
+ ALTER KEYSPACE system_traces
+ WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+ assert_none(session, stmt)
+
+ stmt = """
+ SELECT replication
+ FROM system_schema.keyspaces
+ WHERE keyspace_name IN ('system_auth', 'system_distributed', 'system_traces');"""
+ replication = {'class': 'org.apache.cassandra.locator.NetworkTopologyStrategy', 'datacenter1': '1'}
+ assert_all(session, stmt, [[replication], [replication], [replication]])
+
+ # DROP KEYSPACE should fail for system_auth, system_distributed, and system_traces
+ assert_exception(session, 'DROP KEYSPACE system_auth;', expected=Unauthorized)
+ assert_exception(session, 'DROP KEYSPACE system_distributed;', expected=Unauthorized)
+ assert_exception(session, 'DROP KEYSPACE system_traces;', expected=Unauthorized)
+
+ # CREATE TABLE should fail in system_auth, system_distributed, and system_traces
+ assert_exception(session,
+ 'CREATE TABLE system_auth.new_table (id int PRIMARY KEY);',
+ expected=Unauthorized)
+
+ assert_exception(session,
+ 'CREATE TABLE system_distributed.new_table (id int PRIMARY KEY);',
+ expected=Unauthorized)
+
+ assert_exception(session,
+ 'CREATE TABLE system_traces.new_table (id int PRIMARY KEY);',
+ expected=Unauthorized)
+
+ # ALTER TABLE should fail in system_auth, system_distributed, and system_traces
+ assert_exception(session,
+ "ALTER TABLE system_auth.roles WITH comment = '';",
+ expected=Unauthorized)
+
+ assert_exception(session,
+ "ALTER TABLE system_distributed.repair_history WITH comment = '';",
+ expected=Unauthorized)
+
+ assert_exception(session,
+ "ALTER TABLE system_traces.sessions WITH comment = '';",
+ expected=Unauthorized)
+
+ # DROP TABLE should fail in system_auth, system_distributed, and system_traces
+ assert_exception(session, 'DROP TABLE system_auth.roles;', expected=Unauthorized)
+ assert_exception(session, 'DROP TABLE system_distributed.repair_history;', expected=Unauthorized)
+ assert_exception(session, 'DROP TABLE system_traces.sessions;', expected=Unauthorized)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org