You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Joshua McKenzie (JIRA)" <ji...@apache.org> on 2017/08/22 13:38:00 UTC
[jira] [Updated] (CASSANDRA-13681) checkAccess throws exceptions
when statement does not exist
[ https://issues.apache.org/jira/browse/CASSANDRA-13681?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua McKenzie updated CASSANDRA-13681:
----------------------------------------
Component/s: CQL
> checkAccess throws exceptions when statement does not exist
> -----------------------------------------------------------
>
> Key: CASSANDRA-13681
> URL: https://issues.apache.org/jira/browse/CASSANDRA-13681
> Project: Cassandra
> Issue Type: Bug
> Components: CQL
> Reporter: Hao Zhong
>
> CASSANDRA-6687 fixed a wrong exception. In DropTableStatement, the buggy code is:
> {code}
> public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException
> {
> state.hasColumnFamilyAccess(keyspace(), columnFamily(), Permission.DROP);
> }
> {code}
> The fixed code is:
> {code}
> public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException
> {
> try
> {
> state.hasColumnFamilyAccess(keyspace(), columnFamily(), Permission.DROP);
> }
> catch (InvalidRequestException e)
> {
> if (!ifExists)
> throw e;
> }
> }
> {code}
> I found that ModificationStatement_checkAccess can have the same problem, since it calls state.hasColumnFamilyAccess. In particular, its code is as follow:
> {code}
> public void checkAccess(ClientState state) throws InvalidRequestException, UnauthorizedException
> {
> state.hasColumnFamilyAccess(metadata, Permission.MODIFY);
> // CAS updates can be used to simulate a SELECT query, so should require Permission.SELECT as well.
> if (hasConditions())
> state.hasColumnFamilyAccess(metadata, Permission.SELECT);
> // MV updates need to get the current state from the table, and might update the views
> // Require Permission.SELECT on the base table, and Permission.MODIFY on the views
> Iterator<ViewMetadata> views = View.findAll(keyspace(), columnFamily()).iterator();
> if (views.hasNext())
> {
> state.hasColumnFamilyAccess(metadata, Permission.SELECT);
> do
> {
> state.hasColumnFamilyAccess(views.next().metadata, Permission.MODIFY);
> } while (views.hasNext());
> }
> for (Function function : getFunctions())
> state.ensureHasPermission(Permission.EXECUTE, function);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org