Example 6 with CQLStatement
use of org.apache.cassandra.cql3.CQLStatement in project cassandra by apache.
the class CassandraAuthorizer method convertLegacyData.
/**
* Copy legacy authz data from the system_auth.permissions table to the new system_auth.role_permissions table and
* also insert entries into the reverse lookup table.
* In theory, we could simply rename the existing table as the schema is structurally the same, but this would
* break mixed clusters during a rolling upgrade.
* This setup is not performed if AllowAllAuthenticator is configured (see Auth#setup).
*/
private void convertLegacyData() {
try {
if (Schema.instance.getTableMetadata("system_auth", "permissions") != null) {
logger.info("Converting legacy permissions data");
CQLStatement insertStatement = QueryProcessor.getStatement(String.format("INSERT INTO %s.%s (role, resource, permissions) " + "VALUES (?, ?, ?)", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLE_PERMISSIONS), ClientState.forInternalCalls()).statement;
CQLStatement indexStatement = QueryProcessor.getStatement(String.format("INSERT INTO %s.%s (resource, role) VALUES (?,?)", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.RESOURCE_ROLE_INDEX), ClientState.forInternalCalls()).statement;
UntypedResultSet permissions = process("SELECT * FROM system_auth.permissions");
for (UntypedResultSet.Row row : permissions) {
final IResource resource = Resources.fromName(row.getString("resource"));
Predicate<String> isApplicable = new Predicate<String>() {
public boolean apply(String s) {
return resource.applicablePermissions().contains(Permission.valueOf(s));
}
};
SetSerializer<String> serializer = SetSerializer.getInstance(UTF8Serializer.instance, UTF8Type.instance);
Set<String> originalPerms = serializer.deserialize(row.getBytes("permissions"));
Set<String> filteredPerms = ImmutableSet.copyOf(Iterables.filter(originalPerms, isApplicable));
insertStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(ConsistencyLevel.ONE, Lists.newArrayList(row.getBytes("username"), row.getBytes("resource"), serializer.serialize(filteredPerms))), System.nanoTime());
indexStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(ConsistencyLevel.ONE, Lists.newArrayList(row.getBytes("resource"), row.getBytes("username"))), System.nanoTime());
}
logger.info("Completed conversion of legacy permissions");
}
} catch (Exception e) {
logger.info("Unable to complete conversion of legacy permissions data (perhaps not enough nodes are upgraded yet). " + "Conversion should not be considered complete");
logger.trace("Conversion error", e);
}
}
Also used :
UntypedResultSet(org.apache.cassandra.cql3.UntypedResultSet)
Predicate(com.google.common.base.Predicate)
Aggregations
UntypedResultSet (org.apache.cassandra.cql3.UntypedResultSet)3
CQLStatement (org.apache.cassandra.cql3.CQLStatement)2
Predicate (com.google.common.base.Predicate)1
ImmutableMap (com.google.common.collect.ImmutableMap)1
UUID (java.util.UUID)1
ColumnSpecification (org.apache.cassandra.cql3.ColumnSpecification)1
QueryHandler (org.apache.cassandra.cql3.QueryHandler)1
QueryOptions (org.apache.cassandra.cql3.QueryOptions)1
BatchStatement (org.apache.cassandra.cql3.statements.BatchStatement)1
ParsedStatement (org.apache.cassandra.cql3.statements.ParsedStatement)1
PreparedQueryNotFoundException (org.apache.cassandra.exceptions.PreparedQueryNotFoundException)1
