Search in sources :

Example 1 with FunctionResource

use of org.apache.cassandra.auth.FunctionResource in project cassandra by apache.

the class CreateAggregateStatement method authorize.

public void authorize(ClientState client) {
    FunctionName name = new FunctionName(keyspaceName, aggregateName);
    if (Schema.instance.findFunction(name, Lists.transform(rawArgumentTypes, t -> t.prepare(keyspaceName).getType())).isPresent() && orReplace)
        client.ensurePermission(Permission.ALTER, FunctionResource.functionFromCql(keyspaceName, aggregateName, rawArgumentTypes));
    else
        client.ensurePermission(Permission.CREATE, FunctionResource.keyspace(keyspaceName));
    FunctionResource stateFunction = FunctionResource.functionFromCql(stateFunctionName, Lists.newArrayList(concat(singleton(rawStateType), rawArgumentTypes)));
    client.ensurePermission(Permission.EXECUTE, stateFunction);
    if (null != finalFunctionName)
        client.ensurePermission(Permission.EXECUTE, FunctionResource.functionFromCql(finalFunctionName, singletonList(rawStateType)));
}
Also used : AuditLogContext(org.apache.cassandra.audit.AuditLogContext) Change(org.apache.cassandra.transport.Event.SchemaChange.Change) FunctionResource(org.apache.cassandra.auth.FunctionResource) Iterables.transform(com.google.common.collect.Iterables.transform) Permission(org.apache.cassandra.auth.Permission) IResource(org.apache.cassandra.auth.IResource) AbstractType(org.apache.cassandra.db.marshal.AbstractType) ByteBuffer(java.nio.ByteBuffer) org.apache.cassandra.cql3(org.apache.cassandra.cql3) Schema(org.apache.cassandra.schema.Schema) Collections.singletonList(java.util.Collections.singletonList) Lists(com.google.common.collect.Lists) String.join(java.lang.String.join) Collections.singleton(java.util.Collections.singleton) Iterables.concat(com.google.common.collect.Iterables.concat) ProtocolVersion(org.apache.cassandra.transport.ProtocolVersion) org.apache.cassandra.cql3.functions(org.apache.cassandra.cql3.functions) FunctionsDiff(org.apache.cassandra.schema.Functions.FunctionsDiff) Objects(com.google.common.base.Objects) KeyspacesDiff(org.apache.cassandra.schema.Keyspaces.KeyspacesDiff) ImmutableSet(com.google.common.collect.ImmutableSet) Keyspaces(org.apache.cassandra.schema.Keyspaces) SchemaChange(org.apache.cassandra.transport.Event.SchemaChange) ClientState(org.apache.cassandra.service.ClientState) Set(java.util.Set) String.format(java.lang.String.format) AuditLogEntryType(org.apache.cassandra.audit.AuditLogEntryType) List(java.util.List) Collectors.toList(java.util.stream.Collectors.toList) Target(org.apache.cassandra.transport.Event.SchemaChange.Target) KeyspaceMetadata(org.apache.cassandra.schema.KeyspaceMetadata) MarshalException(org.apache.cassandra.serializers.MarshalException) FunctionResource(org.apache.cassandra.auth.FunctionResource)

Example 2 with FunctionResource

use of org.apache.cassandra.auth.FunctionResource in project cassandra by apache.

the class InvalidatePermissionsCacheTest method testInvalidatePermissionsForFunction.

@Test
public void testInvalidatePermissionsForFunction() throws Throwable {
    String keyspaceAndFunctionName = createFunction(KEYSPACE, "int", " CREATE FUNCTION %s (val int)" + " CALLED ON NULL INPUT" + " RETURNS int" + " LANGUAGE java" + " AS 'return val;'");
    String functionName = StringUtils.split(keyspaceAndFunctionName, ".")[1];
    FunctionResource resource = FunctionResource.function(KEYSPACE, functionName, Collections.singletonList(Int32Type.instance));
    Set<Permission> permissions = resource.applicablePermissions();
    DatabaseDescriptor.getAuthorizer().grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_A);
    DatabaseDescriptor.getAuthorizer().grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_B);
    assertInvalidation(resource, Arrays.asList("--functions-in-keyspace", KEYSPACE, "--function", functionName + "[Int32Type]"));
}
Also used : FunctionResource(org.apache.cassandra.auth.FunctionResource) Permission(org.apache.cassandra.auth.Permission) Test(org.junit.Test)

Aggregations

FunctionResource (org.apache.cassandra.auth.FunctionResource)2 Permission (org.apache.cassandra.auth.Permission)2 Objects (com.google.common.base.Objects)1 ImmutableSet (com.google.common.collect.ImmutableSet)1 Iterables.concat (com.google.common.collect.Iterables.concat)1 Iterables.transform (com.google.common.collect.Iterables.transform)1 Lists (com.google.common.collect.Lists)1 String.format (java.lang.String.format)1 String.join (java.lang.String.join)1 ByteBuffer (java.nio.ByteBuffer)1 Collections.singleton (java.util.Collections.singleton)1 Collections.singletonList (java.util.Collections.singletonList)1 List (java.util.List)1 Set (java.util.Set)1 Collectors.toList (java.util.stream.Collectors.toList)1 AuditLogContext (org.apache.cassandra.audit.AuditLogContext)1 AuditLogEntryType (org.apache.cassandra.audit.AuditLogEntryType)1 IResource (org.apache.cassandra.auth.IResource)1 org.apache.cassandra.cql3 (org.apache.cassandra.cql3)1 org.apache.cassandra.cql3.functions (org.apache.cassandra.cql3.functions)1