use of org.apache.cassandra.auth.FunctionResource in project cassandra by apache.
the class CreateAggregateStatement method authorize.
public void authorize(ClientState client) {
FunctionName name = new FunctionName(keyspaceName, aggregateName);
if (Schema.instance.findFunction(name, Lists.transform(rawArgumentTypes, t -> t.prepare(keyspaceName).getType())).isPresent() && orReplace)
client.ensurePermission(Permission.ALTER, FunctionResource.functionFromCql(keyspaceName, aggregateName, rawArgumentTypes));
else
client.ensurePermission(Permission.CREATE, FunctionResource.keyspace(keyspaceName));
FunctionResource stateFunction = FunctionResource.functionFromCql(stateFunctionName, Lists.newArrayList(concat(singleton(rawStateType), rawArgumentTypes)));
client.ensurePermission(Permission.EXECUTE, stateFunction);
if (null != finalFunctionName)
client.ensurePermission(Permission.EXECUTE, FunctionResource.functionFromCql(finalFunctionName, singletonList(rawStateType)));
}
use of org.apache.cassandra.auth.FunctionResource in project cassandra by apache.
the class InvalidatePermissionsCacheTest method testInvalidatePermissionsForFunction.
@Test
public void testInvalidatePermissionsForFunction() throws Throwable {
String keyspaceAndFunctionName = createFunction(KEYSPACE, "int", " CREATE FUNCTION %s (val int)" + " CALLED ON NULL INPUT" + " RETURNS int" + " LANGUAGE java" + " AS 'return val;'");
String functionName = StringUtils.split(keyspaceAndFunctionName, ".")[1];
FunctionResource resource = FunctionResource.function(KEYSPACE, functionName, Collections.singletonList(Int32Type.instance));
Set<Permission> permissions = resource.applicablePermissions();
DatabaseDescriptor.getAuthorizer().grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_A);
DatabaseDescriptor.getAuthorizer().grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_B);
assertInvalidation(resource, Arrays.asList("--functions-in-keyspace", KEYSPACE, "--function", functionName + "[Int32Type]"));
}
Aggregations