You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Joshua McKenzie (JIRA)" <ji...@apache.org> on 2017/08/22 13:38:00 UTC
[jira] [Updated] (CASSANDRA-13681) checkAccess throws exceptions when statement does not exist

     [ https://issues.apache.org/jira/browse/CASSANDRA-13681?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua McKenzie updated CASSANDRA-13681:
----------------------------------------
    Component/s: CQL

> checkAccess throws exceptions when statement does not exist
> -----------------------------------------------------------
>
>                 Key: CASSANDRA-13681
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13681
>             Project: Cassandra
>          Issue Type: Bug
>          Components: CQL
>            Reporter: Hao Zhong
>
> CASSANDRA-6687 fixed a wrong exception. In DropTableStatement, the buggy code is:
> {code}
> public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException
>     {
>         state.hasColumnFamilyAccess(keyspace(), columnFamily(), Permission.DROP);
>     }
> {code}
> The fixed code is:
> {code}
> public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException
>     {
>         try
>         {
>             state.hasColumnFamilyAccess(keyspace(), columnFamily(), Permission.DROP);
>         }
>         catch (InvalidRequestException e)
>         {
>             if (!ifExists)
>                 throw e;
>         }
>     }
> {code}
> I found that ModificationStatement_checkAccess can have the same problem, since it calls  state.hasColumnFamilyAccess. In particular, its code is as follow:
> {code}
>  public void checkAccess(ClientState state) throws InvalidRequestException, UnauthorizedException
>     {
>         state.hasColumnFamilyAccess(metadata, Permission.MODIFY);
>         // CAS updates can be used to simulate a SELECT query, so should require Permission.SELECT as well.
>         if (hasConditions())
>             state.hasColumnFamilyAccess(metadata, Permission.SELECT);
>         // MV updates need to get the current state from the table, and might update the views
>         // Require Permission.SELECT on the base table, and Permission.MODIFY on the views
>         Iterator<ViewMetadata> views = View.findAll(keyspace(), columnFamily()).iterator();
>         if (views.hasNext())
>         {
>             state.hasColumnFamilyAccess(metadata, Permission.SELECT);
>             do
>             {
>                 state.hasColumnFamilyAccess(views.next().metadata, Permission.MODIFY);
>             } while (views.hasNext());
>         }
>         for (Function function : getFunctions())
>             state.ensureHasPermission(Permission.EXECUTE, function);
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org